Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
File: 296e983c-f59b-4a15-a74d-56b2bff88779.roa (raw, json)
Hash identifier: 4W5jp13WnKiZAPUOmCl6Mgc6md5RlRBwkMe91TjTm2w=
Subject key identifier: AB:FA:F5:68:17:24:A0:90:52:A9:C2:A4:05:B5:4C:2C:23:D6:80:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04119F2EE4E8B3E8AC210AE747848E091F9CAFAF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
Signing time: Fri 06 Jun 2025 15:00:44 +0000
ROA not before: Fri 06 Jun 2025 15:00:44 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:11:9f:2e:e4:e8:b3:e8:ac:21:0a:e7:47:84:8e:09:1f:9c:af:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:44 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=3b9f17914edc5d42a5a1a16cecfbfda146bf313fc483eca45fb1f6e9232cf6da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:68:c3:11:a9:dd:cf:32:e1:96:33:b5:6e:e4:
b1:0c:0e:c1:7a:8d:47:6d:7e:ba:37:b4:3c:32:af:
cc:43:fa:4b:d3:fd:e2:a9:bf:62:2b:cb:5a:ea:93:
08:26:d0:2c:15:4a:77:6d:42:e3:5e:3f:08:92:8d:
6a:1d:5f:d9:a5:49:1d:13:cc:59:68:90:08:20:f3:
3f:e1:a6:4e:9d:80:e3:b3:b0:7f:8d:d5:bc:2a:03:
d8:d1:21:b7:a7:b4:2a:c0:b6:d7:fa:ae:b3:2e:fb:
93:16:d4:5b:ff:61:94:d5:ee:38:4c:65:60:fd:d5:
b4:91:ca:87:7e:19:39:ac:6e:74:76:e2:fb:8f:26:
ab:e7:f3:c4:2e:a2:9e:9a:15:d7:8f:b7:41:8f:c6:
01:06:ca:93:da:20:e5:4b:38:60:94:63:24:e0:b1:
ae:d6:ce:b6:09:b4:08:6a:7b:7f:55:94:a9:45:1c:
b5:65:21:f8:e9:53:f7:70:09:d7:5c:91:10:f0:a8:
9d:62:45:67:c6:f4:15:e7:b7:67:00:a5:f1:ae:63:
33:82:f8:3d:cc:8f:c7:96:39:5f:23:2e:3f:8c:8a:
92:a4:f6:97:b4:f7:9c:96:0f:52:9c:ec:98:ac:07:
7b:49:02:b1:2e:d7:f5:fb:07:9b:32:eb:39:cc:cc:
b8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:FA:F5:68:17:24:A0:90:52:A9:C2:A4:05:B5:4C:2C:23:D6:80:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/296e983c-f59b-4a15-a74d-56b2bff88779.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.48.0/20
Signature Algorithm: sha256WithRSAEncryption
44:91:a4:28:9e:95:a8:12:12:e7:3b:f2:07:ff:9f:5c:52:ae:
c6:be:59:fe:9b:67:2a:62:77:1a:42:77:1a:7d:9d:64:57:7f:
10:6d:d4:20:95:ee:6b:0c:cd:28:da:56:3d:a9:70:1b:7b:a1:
e0:64:a1:a3:e5:df:5f:b9:53:79:50:bb:af:91:32:cc:0c:fe:
4e:c1:26:0f:3d:be:df:6c:d3:a7:64:ad:93:78:2b:4d:67:41:
51:f8:09:b3:cc:d2:15:67:47:26:b6:c7:f3:a3:0a:6a:15:88:
3d:67:f9:40:07:71:ea:31:16:ff:df:9d:b9:71:6a:98:ef:e7:
e0:f0:57:35:8b:b5:42:93:ec:a4:91:4f:3c:bc:79:ae:e3:5e:
4f:75:7e:af:cb:bc:74:93:40:5f:3c:d1:23:a4:b2:fd:c4:52:
1f:3a:61:d3:05:ca:5f:14:44:ee:22:80:75:dc:d1:b0:2d:f7:
96:c7:f2:7c:47:cc:11:f0:64:30:46:c7:7a:1b:5c:de:76:60:
69:70:28:6e:64:68:6b:38:b2:09:5d:f6:0f:c1:f1:70:d4:4c:
e6:d9:96:01:be:ce:7c:35:35:e4:89:97:75:31:30:83:ee:fa:
55:23:22:b5:89:bd:95:7a:40:dd:03:c7:c4:e3:f2:f7:ca:4f:
7c:ce:b4:e7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBBGfLuTos+isIQrnR4SOCR+cr68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNDRaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiOWYxNzkxNGVkYzVkNDJhNWExYTE2Y2VjZmJmZGExNDZiZjMxM2ZjNDgz
ZWNhNDVmYjFmNmU5MjMyY2Y2ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBowxGp3c8y4ZYztW7ksQwOwXqNR21+uje0PDKvzEP6S9P94qm/YivLWuqT
CCbQLBVKd21C414/CJKNah1f2aVJHRPMWWiQCCDzP+GmTp2A47Owf43VvCoD2NEh
t6e0KsC21/qusy77kxbUW/9hlNXuOExlYP3VtJHKh34ZOaxudHbi+48mq+fzxC6i
npoV14+3QY/GAQbKk9og5Us4YJRjJOCxrtbOtgm0CGp7f1WUqUUctWUh+OlT93AJ
11yREPConWJFZ8b0Fee3ZwCl8a5jM4L4PcyPx5Y5XyMuP4yKkqT2l7T3nJYPUpzs
mKwHe0kCsS7X9fsHmzLrOczMuPkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSr+vVo
FySgkFKpwqQFtUwsI9aAxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjk2ZTk4M2MtZjU5Yi00YTE1LWE3NGQtNTZiMmJmZjg4Nzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiMDAN
BgkqhkiG9w0BAQsFAAOCAQEARJGkKJ6VqBIS5zvyB/+fXFKuxr5Z/ptnKmJ3GkJ3
Gn2dZFd/EG3UIJXuawzNKNpWPalwG3uh4GSho+XfX7lTeVC7r5EyzAz+TsEmDz2+
32zTp2Stk3grTWdBUfgJs8zSFWdHJrbH86MKahWIPWf5QAdx6jEW/9+duXFqmO/n
4PBXNYu1QpPspJFPPLx5ruNeT3V+r8u8dJNAXzzRI6Sy/cRSHzph0wXKXxRE7iKA
ddzRsC33lsfyfEfMEfBkMEbHehtc3nZgaXAobmRoaziyCV32D8HxcNRM5tmWAb7O
fDU15ImXdTEwg+76VSMitYm9lXpA3QPHxOPy98pPfM605w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client