Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
File: 40318891-5508-4eb6-bace-e245fbeb145a.roa (raw, json)
Hash identifier: sMHp6yhMghO/MI+YN26vo0QqfEVZIZ21TC6Izz23SJs=
Subject key identifier: 42:0A:F3:7C:25:79:2A:D0:C4:48:76:CE:5C:8B:8F:5B:4D:6A:68:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 214A4B7F1C66B27B14654ED13E60A74BE521F4A1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
Signing time: Tue 15 Apr 2025 15:00:48 +0000
ROA not before: Tue 15 Apr 2025 15:00:48 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:4a:4b:7f:1c:66:b2:7b:14:65:4e:d1:3e:60:a7:4b:e5:21:f4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:48 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=40aa40d8fc9a2717110d8898474a9bc5781cd321a140a73a3ba49f5eb8c356cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:43:66:82:95:79:c7:1e:cb:c3:38:66:f6:83:
02:c1:b8:bf:a4:6b:f5:de:e6:8b:b6:d7:9f:a4:01:
38:68:80:13:85:42:a2:e5:e3:9c:dd:ed:05:de:c9:
e2:c5:ed:e5:41:db:22:77:81:78:ee:58:ab:1c:4d:
17:9b:13:30:b8:02:2a:b0:c9:9d:db:3f:d2:96:af:
d5:28:f5:90:3c:28:5b:59:fc:b6:5a:fd:40:c7:12:
1e:e1:b9:09:d5:a3:71:78:d0:37:02:61:05:53:5d:
32:f2:e1:1b:5d:aa:40:1f:d9:ff:e1:4d:f1:fe:3b:
dd:89:ee:ae:5e:d8:b3:d9:36:75:01:08:cf:56:18:
1c:96:97:8e:77:a8:a4:c8:2e:b5:2d:36:8b:13:15:
c8:b2:3c:f8:00:ec:5a:ac:b3:c1:62:30:80:74:c5:
9b:21:59:e2:7d:6f:9e:57:08:c9:2a:a7:34:45:ae:
cf:84:85:13:99:4b:40:33:9a:b5:48:b9:30:93:64:
94:0a:77:d9:7a:c9:c7:ec:06:c1:e9:37:98:7e:95:
40:d9:b2:85:2d:b9:c8:ac:f4:66:e1:22:c4:79:60:
45:c5:29:c3:56:89:ac:3b:95:3d:43:46:c9:a4:7e:
bb:99:dd:32:b7:a0:00:62:bd:fb:ed:9b:ac:40:86:
e1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0A:F3:7C:25:79:2A:D0:C4:48:76:CE:5C:8B:8F:5B:4D:6A:68:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/19
Signature Algorithm: sha256WithRSAEncryption
8f:93:d1:db:8e:40:07:13:fb:25:5b:22:b8:55:cc:c9:ae:de:
26:1e:87:32:e7:23:a2:f8:c8:7f:37:b8:36:40:4d:4f:49:1e:
7b:3e:85:51:29:c6:88:f9:c6:8d:65:97:d0:35:fd:38:c8:2a:
4c:c8:ce:26:3e:15:bb:ba:d2:e9:d7:55:8a:fe:32:f5:d8:27:
95:4e:00:34:c0:04:15:a8:b6:ae:77:e9:9a:1c:27:35:05:10:
44:ec:eb:08:88:eb:bf:c0:d9:86:1f:f3:0a:cd:72:20:47:7d:
1e:d5:32:21:2c:be:c8:c3:b9:a0:e8:99:25:01:a4:2f:16:39:
f5:92:de:68:d8:b4:de:56:bb:d8:36:64:c8:b4:fe:be:92:5c:
21:96:a2:c2:ea:fc:67:8a:a2:73:e8:c9:8e:d1:08:dd:a8:45:
b1:60:3a:30:5c:56:ef:43:c3:92:36:dc:e3:a3:79:fb:69:97:
dc:96:28:41:33:6b:30:47:73:61:37:6b:d2:3e:38:bf:8e:50:
da:d9:6e:b0:84:59:90:98:e8:31:88:44:48:4a:de:16:4a:92:
ea:9b:4a:d8:e5:c5:7f:c0:09:3d:5d:29:dd:74:be:de:a2:10:
14:5c:35:05:ea:66:ea:9f:7a:b6:0e:65:df:30:cc:ad:15:5d:
f6:22:87:5d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIUpLfxxmsnsUZU7RPmCnS+Uh9KEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwNDhaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwYWE0MGQ4ZmM5YTI3MTcxMTBkODg5ODQ3NGE5YmM1NzgxY2QzMjFhMTQw
YTczYTNiYTQ5ZjVlYjhjMzU2Y2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZDZoKVeccey8M4ZvaDAsG4v6Rr9d7mi7bXn6QBOGiAE4VCouXjnN3tBd7J
4sXt5UHbIneBeO5YqxxNF5sTMLgCKrDJnds/0pav1Sj1kDwoW1n8tlr9QMcSHuG5
CdWjcXjQNwJhBVNdMvLhG12qQB/Z/+FN8f473Ynurl7Ys9k2dQEIz1YYHJaXjneo
pMgutS02ixMVyLI8+ADsWqyzwWIwgHTFmyFZ4n1vnlcIySqnNEWuz4SFE5lLQDOa
tUi5MJNklAp32XrJx+wGwek3mH6VQNmyhS25yKz0ZuEixHlgRcUpw1aJrDuVPUNG
yaR+u5ndMregAGK9++2brECG4f8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRCCvN8
JXkq0MRIds5ci49bTWpojTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDAzMTg4OTEtNTUwOC00ZWI2LWJhY2UtZTI0NWZiZWIxNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAj5PR245ABxP7JVsiuFXMya7eJh6HMucjovjIfze4
NkBNT0keez6FUSnGiPnGjWWX0DX9OMgqTMjOJj4Vu7rS6ddViv4y9dgnlU4ANMAE
Fai2rnfpmhwnNQUQROzrCIjrv8DZhh/zCs1yIEd9HtUyISy+yMO5oOiZJQGkLxY5
9ZLeaNi03la72DZkyLT+vpJcIZaiwur8Z4qic+jJjtEI3ahFsWA6MFxW70PDkjbc
46N5+2mX3JYoQTNrMEdzYTdr0j44v45Q2tlusIRZkJjoMYhESEreFkqS6ptK2OXF
f8AJPV0p3XS+3qIQFFw1Bepm6p96tg5l3zDMrRVd9iKHXQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:28:06 2025 by rpki-client