Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
File: 4b12830e-a860-4a14-b52f-5284626c1a96.roa (raw, json)
Hash identifier: x7S96Xf8piZPi49Owd4qC5u91ai8FARpbKwEDKG5Q3g=
Subject key identifier: 2B:16:17:3C:9D:69:6B:A6:37:F2:62:D1:47:BD:84:46:AE:B5:AA:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E39547414080EDD3BC3485A7AA6543D13505ABB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
Signing time: Tue 15 Apr 2025 15:01:25 +0000
ROA not before: Tue 15 Apr 2025 15:01:25 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:39:54:74:14:08:0e:dd:3b:c3:48:5a:7a:a6:54:3d:13:50:5a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:25 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=0bd4c75392affaa15f5dfced44f3a54be472e5adc4364d506ba57021e6cc8c7d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ce:b3:bb:64:b3:1e:43:f9:35:1b:e4:10:4a:
c1:76:b9:d8:2a:9a:5f:0d:31:89:5f:7f:0a:a7:f5:
16:5d:35:8b:d3:6b:46:d3:52:9e:54:e3:82:17:ef:
c9:7a:4a:7d:43:32:b3:8b:74:5c:83:98:01:13:80:
68:20:b6:08:8b:41:90:2b:44:d0:74:ba:11:69:eb:
f9:cb:fc:f9:f1:8d:f6:60:a4:5c:b8:37:2f:e5:b0:
67:d9:86:96:52:58:88:2a:63:67:1a:cd:c4:ae:06:
6d:24:9e:c1:b8:d1:8b:13:61:d8:e9:f8:1b:97:5c:
e2:20:fa:5e:46:15:38:d7:b3:63:00:99:a6:d0:30:
a8:4c:e6:91:16:fb:d0:19:99:e3:07:9c:75:8e:0e:
b4:26:bf:86:9d:12:c5:08:7c:6a:d6:10:53:91:fb:
37:a3:f3:e2:d7:77:44:6e:5e:44:0f:d2:87:a2:90:
bf:19:60:08:1b:d2:1b:64:0b:41:a7:d6:a1:a6:39:
ab:0b:c0:e9:ed:3d:9e:69:85:12:d0:6c:41:de:5e:
25:a4:20:1c:d2:73:51:dc:d6:54:88:af:a5:3b:a9:
2d:08:27:ce:a3:62:85:83:ee:37:93:3b:82:52:e5:
43:34:24:39:ca:3a:44:c7:21:9c:a4:bc:06:aa:11:
ec:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:16:17:3C:9D:69:6B:A6:37:F2:62:D1:47:BD:84:46:AE:B5:AA:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:86:ec:ee:75:30:66:b2:10:4d:55:80:3d:41:a7:77:bb:30:
f0:06:71:35:19:f8:b1:03:18:1b:f1:18:03:73:08:b1:c4:9c:
4f:6b:00:13:1a:1c:16:49:bc:b8:a4:53:7d:f2:10:a3:8c:88:
2e:5d:fc:6b:04:3b:9c:b6:77:ff:21:a4:84:23:43:30:9b:8f:
fe:f4:36:c9:0d:94:e7:36:7e:da:ba:8a:1b:a9:98:72:57:77:
40:f4:b2:cc:b4:da:88:7b:8b:e6:f8:bb:e5:5e:8f:81:28:f6:
e8:28:38:57:da:43:30:1b:f1:20:f9:42:48:73:19:7a:93:e5:
f4:b0:b2:12:c3:b8:59:ce:76:47:aa:d7:5e:20:68:e0:d7:a2:
21:1d:ed:7b:55:37:b6:92:d0:a6:09:4b:d2:40:5e:30:36:05:
c5:b0:df:76:ff:86:8c:02:95:48:14:b1:aa:40:98:98:47:b1:
90:bc:92:f1:51:c5:6f:7e:81:38:90:79:3b:37:a7:82:83:78:
9f:c1:aa:cd:ec:96:e3:1e:1f:11:0f:7f:bd:26:c2:0c:5b:32:
38:26:a9:7a:5c:8d:e1:4b:5d:e7:25:23:24:b9:32:6f:5f:41:
6f:37:8c:8c:71:5a:09:ce:98:fb:09:6b:f0:8d:eb:d8:93:89:
0e:26:2c:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfjlUdBQIDt07w0haeqZUPRNQWrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMjVaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZDRjNzUzOTJhZmZhYTE1ZjVkZmNlZDQ0ZjNhNTRiZTQ3MmU1YWRjNDM2
NGQ1MDZiYTU3MDIxZTZjYzhjN2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3Os7tksx5D+TUb5BBKwXa52CqaXw0xiV9/Cqf1Fl01i9NrRtNSnlTjghfv
yXpKfUMys4t0XIOYAROAaCC2CItBkCtE0HS6EWnr+cv8+fGN9mCkXLg3L+WwZ9mG
llJYiCpjZxrNxK4GbSSewbjRixNh2On4G5dc4iD6XkYVONezYwCZptAwqEzmkRb7
0BmZ4wecdY4OtCa/hp0SxQh8atYQU5H7N6Pz4td3RG5eRA/Sh6KQvxlgCBvSG2QL
QafWoaY5qwvA6e09nmmFEtBsQd5eJaQgHNJzUdzWVIivpTupLQgnzqNihYPuN5M7
glLlQzQkOco6RMchnKS8BqoR7N0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQrFhc8
nWlrpjfyYtFHvYRGrrWqVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIxMjgzMGUtYTg2MC00YTE0LWI1MmYtNTI4NDYyNmMxYTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQB3huzudTBmshBNVYA9Qad3uzDwBnE1GfixAxgb8RgD
cwixxJxPawATGhwWSby4pFN98hCjjIguXfxrBDuctnf/IaSEI0Mwm4/+9DbJDZTn
Nn7auoobqZhyV3dA9LLMtNqIe4vm+LvlXo+BKPboKDhX2kMwG/Eg+UJIcxl6k+X0
sLISw7hZznZHqtdeIGjg16IhHe17VTe2ktCmCUvSQF4wNgXFsN92/4aMApVIFLGq
QJiYR7GQvJLxUcVvfoE4kHk7N6eCg3ifwarN7JbjHh8RD3+9JsIMWzI4Jql6XI3h
S13nJSMkuTJvX0FvN4yMcVoJzpj7CWvwjevYk4kOJixL
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:26 2025 by rpki-client