Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
File: 049fd671-de95-4496-9712-c56affcb2b27.roa (raw, json)
Hash identifier: JpbrJoXOpk91FjWIKLeoIyxW5vLbZmb4t+flQpTzhHQ=
Subject key identifier: 35:14:FF:1D:E1:29:3F:E7:13:2B:0C:DE:B3:9D:7D:DB:06:8A:7F:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56E837A6A11ED42ED731B371F14B8E370C863E58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
Signing time: Fri 06 Jun 2025 15:00:21 +0000
ROA not before: Fri 06 Jun 2025 15:00:21 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.24.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:e8:37:a6:a1:1e:d4:2e:d7:31:b3:71:f1:4b:8e:37:0c:86:3e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:21 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=10cf31332392916b9cc9d819ee769e949a353c593788a6b7f1b755477598a1d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b0:92:c4:4d:76:cc:a7:00:00:b1:b2:bd:0e:
52:1c:0d:97:ae:fc:81:8a:e6:76:0c:64:19:a3:05:
b3:e2:fd:ab:31:74:3a:65:6e:b3:f6:da:27:ac:d4:
0c:56:06:40:5e:09:de:38:11:73:a8:71:35:0d:b7:
06:c2:b4:5c:3e:aa:42:73:45:1a:7a:3f:c4:e3:85:
24:97:02:67:a3:81:9b:ec:e6:ae:a5:4f:e8:74:1a:
a7:49:d3:90:e7:07:ac:82:cb:88:67:62:36:c8:47:
95:5e:4c:73:23:06:63:60:78:e2:39:b9:5d:5a:4f:
d8:52:4e:79:7a:6b:8c:12:f9:4b:4a:09:3b:f4:0a:
7c:a1:8f:8f:88:4d:84:a5:5d:4e:8c:f7:86:0a:34:
cc:fc:f9:2e:3b:54:47:c5:30:43:aa:00:cd:7e:cb:
f0:cb:e7:12:83:54:f5:d6:9e:6f:e9:c1:dc:d4:c8:
48:2d:ba:44:74:32:23:01:94:25:ee:7e:e7:5f:6a:
69:0a:ef:8a:e5:8c:85:ca:18:bc:29:86:57:7a:b5:
ca:29:85:74:32:fb:cc:69:24:91:1c:41:e4:7e:2c:
9f:3c:ee:68:c8:a5:43:3f:c5:fb:bb:a5:be:9a:5c:
e8:65:fc:d0:78:70:ec:60:16:af:fa:12:95:32:07:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:14:FF:1D:E1:29:3F:E7:13:2B:0C:DE:B3:9D:7D:DB:06:8A:7F:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/049fd671-de95-4496-9712-c56affcb2b27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.24.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:d4:6a:7c:9d:62:66:a4:d8:50:82:41:ce:f9:5a:b7:bd:2b:
19:6d:5e:3b:a8:53:76:e8:ce:76:cb:8a:c9:0e:0a:5c:62:32:
89:22:fc:b5:64:35:94:4b:d3:fb:76:2e:55:42:a5:17:8b:30:
f0:56:84:ea:0c:45:32:3f:44:e7:2c:d7:78:8b:08:75:fa:53:
10:1d:0a:42:db:f1:4b:5a:03:af:10:41:81:b6:e5:08:fd:6a:
9b:d9:13:72:4e:63:76:2e:d0:13:5a:93:96:d7:67:f8:61:4d:
85:41:49:5e:31:d7:e1:da:af:93:2d:33:a7:e0:8e:29:05:f7:
12:da:19:14:5c:31:1a:1d:06:64:d3:16:5c:dd:5e:06:3d:ab:
ca:c1:e0:37:3d:b8:6d:00:01:2f:ea:86:b3:5d:04:93:0d:8b:
2a:46:c6:85:02:eb:3c:0b:e4:98:38:9b:0a:cc:49:12:75:2d:
cb:a8:fe:49:a9:11:fc:de:93:14:c3:0b:b3:c2:98:d0:7f:4a:
eb:f1:3c:87:b6:08:c9:aa:af:2e:ac:c9:4a:30:a3:f0:e0:b1:
c7:8c:13:a9:bd:27:23:26:fd:0e:3d:e9:f1:77:31:0d:2b:ca:
d3:db:ec:78:3c:7e:0e:76:8f:14:e9:f2:54:d2:1f:b8:c9:63:
6c:10:01:fa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVug3pqEe1C7XMbNx8UuONwyGPlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMjFaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwY2YzMTMzMjM5MjkxNmI5Y2M5ZDgxOWVlNzY5ZTk0OWEzNTNjNTkzNzg4
YTZiN2YxYjc1NTQ3NzU5OGExZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiwksRNdsynAACxsr0OUhwNl678gYrmdgxkGaMFs+L9qzF0OmVus/baJ6zU
DFYGQF4J3jgRc6hxNQ23BsK0XD6qQnNFGno/xOOFJJcCZ6OBm+zmrqVP6HQap0nT
kOcHrILLiGdiNshHlV5McyMGY2B44jm5XVpP2FJOeXprjBL5S0oJO/QKfKGPj4hN
hKVdToz3hgo0zPz5LjtUR8UwQ6oAzX7L8MvnEoNU9daeb+nB3NTISC26RHQyIwGU
Je5+519qaQrviuWMhcoYvCmGV3q1yimFdDL7zGkkkRxB5H4snzzuaMilQz/F+7ul
vppc6GX80Hhw7GAWr/oSlTIHErECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1FP8d
4Sk/5xMrDN6znX3bBop/OjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ5ZmQ2NzEtZGU5NS00NDk2LTk3MTItYzU2YWZmY2IyYjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiGDAN
BgkqhkiG9w0BAQsFAAOCAQEAbdRqfJ1iZqTYUIJBzvlat70rGW1eO6hTdujOdsuK
yQ4KXGIyiSL8tWQ1lEvT+3YuVUKlF4sw8FaE6gxFMj9E5yzXeIsIdfpTEB0KQtvx
S1oDrxBBgbblCP1qm9kTck5jdi7QE1qTltdn+GFNhUFJXjHX4dqvky0zp+COKQX3
EtoZFFwxGh0GZNMWXN1eBj2rysHgNz24bQABL+qGs10Ekw2LKkbGhQLrPAvkmDib
CsxJEnUty6j+SakR/N6TFMMLs8KY0H9K6/E8h7YIyaqvLqzJSjCj8OCxx4wTqb0n
Iyb9Dj3p8XcxDSvK09vseDx+DnaPFOnyVNIfuMljbBAB+g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:19 2025 by rpki-client