Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
File: 4b12830e-a860-4a14-b52f-5284626c1a96.roa (raw, json)
Hash identifier: UlSD96MJJK0WCKe5VXlGhbMXcAS12imDl5BgsYI+ZMQ=
Subject key identifier: C6:64:9B:14:97:2F:29:50:9A:5C:F8:2B:24:54:D0:63:45:44:8A:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D6D1C66ED0254D4ACD3647C8FF4E62EBAB871AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
Signing time: Fri 06 Jun 2025 15:00:46 +0000
ROA not before: Fri 06 Jun 2025 15:00:46 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:6d:1c:66:ed:02:54:d4:ac:d3:64:7c:8f:f4:e6:2e:ba:b8:71:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:46 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=d26ff1d06f8a6a90d07ae614230392188914852ff68cd233bbc0b40027bca0af, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:51:35:37:cf:62:b0:5d:f2:65:38:18:a0:bc:
24:04:53:70:04:ee:a9:c4:b5:c6:ea:e0:cc:8d:52:
73:88:36:4b:86:c1:35:70:bd:56:d9:f0:59:6c:74:
94:9e:cd:30:e4:79:e9:d0:14:4b:a1:b7:6e:74:43:
d3:ed:09:1e:b2:f7:3b:3e:ca:a3:9e:b4:57:2f:d7:
f4:ef:28:93:f3:94:fc:69:29:f6:18:2d:ec:f0:50:
df:c2:8d:b2:b6:29:b2:90:c4:d2:86:3c:ca:61:0f:
53:52:9d:98:0d:a7:9c:f8:a8:15:91:29:2c:d5:65:
cc:c7:be:ff:fa:d7:58:99:6c:84:fc:37:04:f8:04:
39:7d:b4:d8:6f:e0:43:a8:f5:0f:4d:b0:02:d3:8a:
a2:45:57:83:6a:19:72:2a:4c:16:ac:4f:d0:98:22:
bb:27:ba:4e:f4:94:c5:3a:91:9b:7f:ca:13:d9:ef:
d8:90:8b:c7:4c:21:f6:a1:8d:2f:05:cc:51:9b:31:
a6:04:ff:8a:fe:d7:b9:61:36:2b:2c:85:24:c8:1a:
bd:b4:3e:a1:60:eb:d3:28:a0:b8:e5:d0:b0:0f:e1:
66:18:56:01:dc:d7:65:64:d7:91:91:9c:0e:49:8c:
3a:43:5e:cc:b5:06:77:22:69:5a:db:60:e8:78:50:
0c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:64:9B:14:97:2F:29:50:9A:5C:F8:2B:24:54:D0:63:45:44:8A:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b12830e-a860-4a14-b52f-5284626c1a96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:f2:a9:fc:d8:1c:02:b8:17:87:6e:28:86:0e:85:83:e3:b5:
bd:cd:30:5c:a1:ce:41:c7:fe:00:5d:db:0a:ef:52:fa:35:97:
06:70:44:c2:e7:13:23:38:eb:d8:78:ec:92:ec:b4:6a:f8:98:
44:ba:b0:51:bf:60:c2:6d:64:24:d2:42:94:9e:49:2f:cc:36:
2e:a8:57:f0:63:94:ee:d6:db:a6:b8:48:c9:d2:cc:7f:e4:0d:
b4:fb:52:69:e7:51:90:25:82:a7:48:91:56:f2:47:ac:5a:a5:
d8:ef:57:e5:ba:90:f8:5a:5c:46:36:f6:cf:a1:ed:8d:08:97:
4f:0a:80:53:1f:a7:1b:19:ad:25:27:08:8e:26:56:93:f3:51:
06:38:1d:62:28:30:7e:0a:51:3e:8f:a2:2c:e4:8d:ee:fc:1e:
f2:6c:1b:8b:72:64:d0:86:22:a1:21:55:d5:77:88:1c:57:6c:
88:f7:df:2e:ad:2f:6f:0b:8f:54:60:42:f3:4a:56:92:59:ce:
f9:cd:33:60:1d:2e:2c:d5:51:23:d2:a6:51:cf:40:82:0c:16:
05:7d:48:17:54:1b:5e:5b:e4:78:dd:08:33:5e:b4:2d:1d:51:
df:94:93:a1:ef:29:c7:85:6c:a4:25:39:9d:0d:b9:6e:d4:d7:
5c:a3:36:52
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPW0cZu0CVNSs02R8j/TmLrq4caswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwNDZaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNmZmMWQwNmY4YTZhOTBkMDdhZTYxNDIzMDM5MjE4ODkxNDg1MmZmNjhj
ZDIzM2JiYzBiNDAwMjdiY2EwYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdRNTfPYrBd8mU4GKC8JARTcATuqcS1xurgzI1Sc4g2S4bBNXC9VtnwWWx0
lJ7NMOR56dAUS6G3bnRD0+0JHrL3Oz7Ko560Vy/X9O8ok/OU/Gkp9hgt7PBQ38KN
srYpspDE0oY8ymEPU1KdmA2nnPioFZEpLNVlzMe+//rXWJlshPw3BPgEOX202G/g
Q6j1D02wAtOKokVXg2oZcipMFqxP0Jgiuye6TvSUxTqRm3/KE9nv2JCLx0wh9qGN
LwXMUZsxpgT/iv7XuWE2KyyFJMgavbQ+oWDr0yiguOXQsA/hZhhWAdzXZWTXkZGc
DkmMOkNezLUGdyJpWttg6HhQDM8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTGZJsU
ly8pUJpc+CskVNBjRUSKPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIxMjgzMGUtYTg2MC00YTE0LWI1MmYtNTI4NDYyNmMxYTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQAb8qn82BwCuBeHbiiGDoWD47W9zTBcoc5Bx/4AXdsK
71L6NZcGcETC5xMjOOvYeOyS7LRq+JhEurBRv2DCbWQk0kKUnkkvzDYuqFfwY5Tu
1tumuEjJ0sx/5A20+1Jp51GQJYKnSJFW8kesWqXY71flupD4WlxGNvbPoe2NCJdP
CoBTH6cbGa0lJwiOJlaT81EGOB1iKDB+ClE+j6Is5I3u/B7ybBuLcmTQhiKhIVXV
d4gcV2yI998urS9vC49UYELzSlaSWc75zTNgHS4s1VEj0qZRz0CCDBYFfUgXVBte
W+R43QgzXrQtHVHflJOh7ynHhWykJTmdDblu1NdcozZS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:13 2025 by rpki-client