Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
File: 1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa (raw, json)
Hash identifier: AK8jWThkcphA+CZjr/3TGP3QuT0Omr3v6uefzldICNQ=
Subject key identifier: 42:10:DE:DC:60:26:0C:5A:8A:91:5B:E0:20:8B:49:30:39:18:A1:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7020FC702BA6819FED0690A7324018A92617F860
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
Signing time: Tue 15 Apr 2025 15:01:39 +0000
ROA not before: Tue 15 Apr 2025 15:01:39 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:20:fc:70:2b:a6:81:9f:ed:06:90:a7:32:40:18:a9:26:17:f8:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:39 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=f0ede39902af4bbfe79dfdb5b0357a7dfbd3c7fce1b968c5570e9a972e37eb6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:02:c8:28:e2:20:d7:d0:bc:9a:dd:f1:fb:8e:
11:2f:1e:37:67:a9:39:ef:3d:1c:cd:55:6d:94:70:
49:85:52:cb:f9:0a:9c:8a:5f:53:79:3d:20:38:11:
b6:b9:b4:8e:9a:08:e5:00:97:f4:a8:e2:bb:50:d7:
84:8d:a5:04:bb:b1:27:2f:e3:e5:f6:11:f7:e1:26:
a7:f5:6d:14:59:6a:a9:e5:fa:4e:f7:73:5c:cd:cf:
85:4d:02:09:6b:c5:b8:74:f1:25:0a:2a:a1:ae:93:
5f:87:ff:7d:24:28:cf:7c:f5:c4:fc:13:74:82:71:
86:5e:2e:4f:9d:74:ac:aa:31:ee:7b:14:30:0b:46:
79:9f:2f:b3:cd:7a:5f:8c:f0:9d:b6:63:41:40:7e:
50:2f:15:a8:bc:f1:0e:06:4c:2c:b0:ae:66:af:5e:
20:36:7a:55:3f:7b:4a:a0:81:20:9e:c3:cf:7d:0d:
16:2a:e7:c9:ee:fc:1e:ae:fe:d9:7f:bd:b3:f5:b8:
d4:36:61:5a:85:86:7c:61:0c:50:7a:ad:d5:88:11:
95:04:9f:9d:b3:fe:2b:08:c8:59:f2:0a:26:d0:42:
f3:f7:12:43:e0:1a:04:19:bf:94:1b:37:6f:d0:58:
fe:1c:43:06:4c:cf:a0:26:c0:1e:ac:4b:a7:a0:6e:
5c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:10:DE:DC:60:26:0C:5A:8A:91:5B:E0:20:8B:49:30:39:18:A1:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c4d2d14-aa0a-456e-90f4-bdfa21e668f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/17
Signature Algorithm: sha256WithRSAEncryption
2d:e9:4c:f0:2b:59:e5:8f:53:9d:ea:2c:25:a4:e5:90:6f:d6:
6a:6f:2e:1d:57:89:af:a4:25:ff:ed:92:4a:3f:c7:be:d2:ad:
bd:2b:fe:ba:b2:c7:8f:b3:d4:b7:3d:da:65:aa:23:a5:2d:f6:
a8:5e:48:7d:45:29:ea:e0:bf:09:4f:3f:b3:0b:e1:4b:d5:c4:
77:29:55:da:10:62:be:59:ad:e8:e5:39:25:0b:1d:c9:01:25:
a7:47:8c:8f:6b:fd:25:f1:67:20:82:e3:5b:35:e1:74:9d:c4:
fd:07:3d:37:92:83:c5:b6:dd:c8:cd:ca:dc:a1:d7:67:85:2a:
97:a8:68:6a:bd:9e:96:fb:bd:46:00:f5:f4:d2:59:93:97:6c:
26:d4:74:f0:53:aa:c9:18:87:5b:4d:09:e6:28:42:fd:56:38:
42:c2:18:86:66:c0:1a:ea:a1:db:04:98:c5:ff:c1:1a:38:ee:
9f:4b:8d:68:c7:40:38:ee:48:06:6d:a1:60:8d:02:c1:82:3f:
dc:23:99:ea:c4:f5:16:25:52:2f:fb:56:1c:96:9b:6a:0b:ed:
3a:85:4a:3f:04:5b:fb:a1:47:74:55:d3:fa:52:2a:b6:37:9a:
5f:1c:e5:80:0a:eb:d4:f5:72:ec:ab:03:a4:4e:f7:4e:b1:70:
5d:93:54:c7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcCD8cCumgZ/tBpCnMkAYqSYX+GAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMzlaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwZWRlMzk5MDJhZjRiYmZlNzlkZmRiNWIwMzU3YTdkZmJkM2M3ZmNlMWI5
NjhjNTU3MGU5YTk3MmUzN2ViNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALECyCjiINfQvJrd8fuOES8eN2epOe89HM1VbZRwSYVSy/kKnIpfU3k9IDgR
trm0jpoI5QCX9Kjiu1DXhI2lBLuxJy/j5fYR9+Emp/VtFFlqqeX6TvdzXM3PhU0C
CWvFuHTxJQoqoa6TX4f/fSQoz3z1xPwTdIJxhl4uT510rKox7nsUMAtGeZ8vs816
X4zwnbZjQUB+UC8VqLzxDgZMLLCuZq9eIDZ6VT97SqCBIJ7Dz30NFirnye78Hq7+
2X+9s/W41DZhWoWGfGEMUHqt1YgRlQSfnbP+KwjIWfIKJtBC8/cSQ+AaBBm/lBs3
b9BY/hxDBkzPoCbAHqxLp6BuXFMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRCEN7c
YCYMWoqRW+Agi0kwORihRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM0ZDJkMTQtYWEwYS00NTZlLTkwZjQtYmRmYTIxZTY2OGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB7AigDAN
BgkqhkiG9w0BAQsFAAOCAQEALelM8CtZ5Y9TneosJaTlkG/Wam8uHVeJr6Ql/+2S
Sj/HvtKtvSv+urLHj7PUtz3aZaojpS32qF5IfUUp6uC/CU8/swvhS9XEdylV2hBi
vlmt6OU5JQsdyQElp0eMj2v9JfFnIILjWzXhdJ3E/Qc9N5KDxbbdyM3K3KHXZ4Uq
l6hoar2elvu9RgD19NJZk5dsJtR08FOqyRiHW00J5ihC/VY4QsIYhmbAGuqh2wSY
xf/BGjjun0uNaMdAOO5IBm2hYI0CwYI/3COZ6sT1FiVSL/tWHJabagvtOoVKPwRb
+6FHdFXT+lIqtjeaXxzlgArr1PVy7KsDpE73TrFwXZNUxw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:07 2025 by rpki-client