Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
File: 3c89eb14-e34b-4729-9b6f-b536e1e06692.roa (raw, json)
Hash identifier: mqJuZfJtn2X/+c+9o07OIKugYqszVQf0mgKde1c1gJM=
Subject key identifier: D9:8E:42:99:44:7F:1B:A5:C4:CD:D6:7C:07:A7:F1:26:E2:1B:78:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40FD2474BEB5EB58686D0042093725C06478B845
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
Signing time: Fri 06 Jun 2025 15:00:22 +0000
ROA not before: Fri 06 Jun 2025 15:00:22 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:fd:24:74:be:b5:eb:58:68:6d:00:42:09:37:25:c0:64:78:b8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:22 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=a6312fd0c5b2ffb5399c6477efcf0d7290003682c0038172eed0b073a6a03ccb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:82:82:b5:5a:18:ec:dc:01:33:20:83:5a:fc:
97:ee:32:e0:9b:4b:ec:ab:49:c6:15:57:93:1b:a8:
ed:7e:be:0b:ae:e7:2b:76:73:53:3e:25:4a:0d:f8:
0b:eb:63:e3:13:13:f0:fb:5b:5d:d8:d7:40:ee:60:
c6:99:76:9a:fe:84:9a:c0:2f:29:6b:7b:c3:05:e4:
8b:96:ef:17:df:f7:c9:66:b6:32:0b:ba:bd:02:dd:
79:3b:d9:f6:60:42:fa:ea:53:89:5f:6c:6a:f6:23:
16:44:7f:a0:4c:64:93:35:38:ec:2d:68:ee:35:49:
b0:84:d4:e1:fc:cd:f3:a4:41:99:ef:49:fb:19:a7:
27:fe:1f:b4:92:d4:6d:76:52:70:f4:99:7f:2c:f9:
2c:92:86:97:f5:70:11:24:4b:ec:7d:a2:64:40:4e:
bb:04:f2:d0:4d:9c:fe:37:1a:ff:34:c0:93:e0:99:
30:c6:66:e9:8b:79:f9:c9:f2:4c:5e:cc:3c:81:cd:
06:73:8e:d3:4f:8c:08:90:03:94:2e:0e:b3:9a:d1:
e4:76:bf:81:5e:64:40:26:b0:42:4b:cb:cf:aa:6b:
a0:81:62:d3:9f:8e:12:b3:69:ad:5e:ba:07:2f:58:
ab:4f:9a:79:27:5a:a7:0b:61:4e:86:ab:2e:70:58:
a9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8E:42:99:44:7F:1B:A5:C4:CD:D6:7C:07:A7:F1:26:E2:1B:78:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c89eb14-e34b-4729-9b6f-b536e1e06692.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:6c:3e:ed:d0:0c:81:ab:69:cb:53:60:ee:a7:bf:11:69:62:
0a:81:fb:11:8a:88:07:52:0d:40:de:95:96:8b:ea:db:47:68:
01:f4:45:22:01:f2:fd:9a:a6:ec:0e:32:f3:43:40:81:f6:61:
2f:7e:50:e4:07:26:1b:61:8f:59:7d:ef:5b:b9:19:ec:a0:ae:
ce:db:ac:ae:6a:87:70:be:28:56:28:21:fd:8e:3b:77:a8:50:
11:95:78:dd:9f:ef:39:43:13:84:55:15:3b:13:c7:29:42:d5:
0f:0f:1e:fa:23:71:67:8e:6e:86:34:69:0c:7f:3a:2c:ff:06:
d9:b7:d0:b4:31:c0:47:96:5a:3f:49:63:3f:f1:52:2c:22:e4:
06:b2:e5:b1:34:f4:29:c8:15:2e:54:f8:3b:69:86:cc:bb:79:
8f:77:d3:40:79:30:2c:f5:98:ac:ed:1c:63:a9:90:c5:d1:f1:
25:a3:56:f8:df:0a:49:a9:11:44:e8:ea:d0:42:85:5a:0c:d9:
72:ad:91:f5:51:d6:77:32:93:59:eb:56:05:e6:9b:78:9a:91:
2a:06:55:6c:c0:a2:a6:3e:4d:79:82:63:70:38:55:d3:ee:e6:
00:fe:85:b8:bd:93:a3:69:b5:c2:11:65:36:76:89:d3:bc:76:
8f:ee:85:22
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQP0kdL6161hobQBCCTclwGR4uEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMjJaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2MzEyZmQwYzViMmZmYjUzOTljNjQ3N2VmY2YwZDcyOTAwMDM2ODJjMDAz
ODE3MmVlZDBiMDczYTZhMDNjY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIuCgrVaGOzcATMgg1r8l+4y4JtL7KtJxhVXkxuo7X6+C67nK3ZzUz4lSg34
C+tj4xMT8PtbXdjXQO5gxpl2mv6EmsAvKWt7wwXki5bvF9/3yWa2Mgu6vQLdeTvZ
9mBC+upTiV9savYjFkR/oExkkzU47C1o7jVJsITU4fzN86RBme9J+xmnJ/4ftJLU
bXZScPSZfyz5LJKGl/VwESRL7H2iZEBOuwTy0E2c/jca/zTAk+CZMMZm6Yt5+cny
TF7MPIHNBnOO00+MCJADlC4Os5rR5Ha/gV5kQCawQkvLz6proIFi05+OErNprV66
By9Yq0+aeSdapwthToarLnBYqe0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTZjkKZ
RH8bpcTN1nwHp/Em4ht4mjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M4OWViMTQtZTM0Yi00NzI5LTliNmYtYjUzNmUxZTA2NjkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAm2w+7dAMgatpy1Ng7qe/EWliCoH7EYqIB1INQN6V
lovq20doAfRFIgHy/Zqm7A4y80NAgfZhL35Q5AcmG2GPWX3vW7kZ7KCuztusrmqH
cL4oVigh/Y47d6hQEZV43Z/vOUMThFUVOxPHKULVDw8e+iNxZ45uhjRpDH86LP8G
2bfQtDHAR5ZaP0ljP/FSLCLkBrLlsTT0KcgVLlT4O2mGzLt5j3fTQHkwLPWYrO0c
Y6mQxdHxJaNW+N8KSakRROjq0EKFWgzZcq2R9VHWdzKTWetWBeabeJqRKgZVbMCi
pj5NeYJjcDhV0+7mAP6FuL2To2m1whFlNnaJ07x2j+6FIg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:32 2025 by rpki-client