Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: OsZqEOB3De0gK044IaRjn7m0ruYnerAmKeKN7/j/CSk=
Subject key identifier: 54:11:B6:7A:B6:38:46:AD:6B:E8:B4:50:AD:A0:5C:7D:78:C0:7A:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DAB1613155D5FA7868C8DC7EFD540011FBD65C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Tue 15 Apr 2025 15:00:53 +0000
ROA not before: Tue 15 Apr 2025 15:00:53 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:ab:16:13:15:5d:5f:a7:86:8c:8d:c7:ef:d5:40:01:1f:bd:65:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:53 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=43b645168f0f560145efa0bf84fcf43e4c5b65d14f405bd6e33b8708f5a377d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0f:0a:16:b4:5f:99:29:01:b2:93:50:82:2b:
11:39:ba:e2:65:1a:8d:ef:78:6b:19:fb:91:72:33:
84:ed:c6:9b:2e:19:ed:da:2e:d1:05:96:3b:63:14:
67:02:3e:c0:fd:81:42:fa:80:a9:10:68:a6:3e:f8:
be:7f:b1:20:5e:69:27:38:8d:7a:6c:51:90:de:e6:
90:b9:d4:9f:f9:0e:ab:ff:d0:b7:c7:33:be:6d:19:
d7:02:d1:5d:81:74:46:42:5b:38:15:c3:5a:fc:6a:
d8:47:0b:2f:8d:06:5a:d3:59:7c:0d:5d:80:8f:c2:
d7:06:b0:ca:25:be:e6:73:a4:ae:d1:78:af:b4:d0:
aa:e7:d3:98:88:7f:5f:0b:2c:90:2d:e5:f8:52:e5:
d4:e4:df:89:7c:9e:96:88:b1:9c:d2:60:dd:c2:f4:
47:57:54:f8:07:6e:f1:4e:41:53:a4:16:69:fa:a3:
dd:4c:a9:be:ea:b2:0d:84:b0:e8:ad:63:96:93:96:
d1:79:af:c1:57:ab:4f:1c:26:9a:c6:b3:d0:e2:13:
3f:5d:f9:bd:13:8d:a2:b5:ad:68:85:69:90:1e:bc:
a9:db:d9:fb:9f:0b:10:df:fd:4f:7c:a9:47:78:8b:
e9:77:23:19:cc:ec:9e:b8:86:be:73:6f:38:c7:bd:
83:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:11:B6:7A:B6:38:46:AD:6B:E8:B4:50:AD:A0:5C:7D:78:C0:7A:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:3b:c8:35:84:ce:48:67:fc:d7:80:df:ae:78:59:da:a6:63:
62:f6:57:62:15:9f:d2:cd:51:9a:8f:c3:58:5b:c1:34:e8:bd:
18:2f:3d:50:db:58:85:23:99:cd:0a:af:a4:8e:f1:55:d6:f5:
4e:2a:20:84:30:ff:c2:d7:6f:5d:d0:2e:9a:8c:32:91:1e:a2:
36:76:e5:45:a8:92:99:ea:8f:f5:0c:81:19:ec:6e:49:d5:3e:
1c:b2:c8:17:82:d3:c5:88:46:06:30:bc:d7:aa:1c:e7:60:e3:
57:7b:d5:15:a5:1f:00:8b:29:da:cb:a7:07:10:f9:2e:79:b3:
4d:84:db:aa:89:7f:f5:69:76:32:a5:05:e8:da:49:5a:4b:d6:
86:ef:e6:22:e0:9c:9d:87:c1:40:f6:42:18:19:6e:c4:ab:9e:
52:d8:b4:12:b0:b5:2f:fd:74:14:8a:98:09:13:36:62:53:e3:
05:6c:b8:fe:11:35:a4:40:af:99:56:ac:1b:47:86:02:5c:15:
9f:d4:c5:6f:ff:c2:5d:7c:0f:19:c6:66:5d:ac:a0:9c:60:b4:
5b:67:a2:25:aa:82:29:5a:03:d8:44:96:8e:f9:2d:d8:8e:e4:
10:fb:d3:14:6b:01:a4:16:80:4e:b9:6a:0c:fd:f3:f2:c4:3c:
bc:54:48:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbasWExVdX6eGjI3H79VAAR+9ZcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwNTNaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzYjY0NTE2OGYwZjU2MDE0NWVmYTBiZjg0ZmNmNDNlNGM1YjY1ZDE0ZjQw
NWJkNmUzM2I4NzA4ZjVhMzc3ZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkPCha0X5kpAbKTUIIrETm64mUaje94axn7kXIzhO3Gmy4Z7dou0QWWO2MU
ZwI+wP2BQvqAqRBopj74vn+xIF5pJziNemxRkN7mkLnUn/kOq//Qt8czvm0Z1wLR
XYF0RkJbOBXDWvxq2EcLL40GWtNZfA1dgI/C1wawyiW+5nOkrtF4r7TQqufTmIh/
XwsskC3l+FLl1OTfiXyeloixnNJg3cL0R1dU+Adu8U5BU6QWafqj3UypvuqyDYSw
6K1jlpOW0XmvwVerTxwmmsaz0OITP135vRONorWtaIVpkB68qdvZ+58LEN/9T3yp
R3iL6XcjGczsnriGvnNvOMe9gzkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRUEbZ6
tjhGrWvotFCtoFx9eMB68DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAtTvINYTOSGf814DfrnhZ2qZjYvZXYhWf0s1Rmo/D
WFvBNOi9GC89UNtYhSOZzQqvpI7xVdb1TioghDD/wtdvXdAumowykR6iNnblRaiS
meqP9QyBGexuSdU+HLLIF4LTxYhGBjC816oc52DjV3vVFaUfAIsp2sunBxD5Lnmz
TYTbqol/9Wl2MqUF6NpJWkvWhu/mIuCcnYfBQPZCGBluxKueUti0ErC1L/10FIqY
CRM2YlPjBWy4/hE1pECvmVasG0eGAlwVn9TFb//CXXwPGcZmXaygnGC0W2eiJaqC
KVoD2ESWjvkt2I7kEPvTFGsBpBaATrlqDP3z8sQ8vFRI+Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:25 2025 by rpki-client