Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
File: 54957543-b22c-43fb-b523-8f40c64fe15d.roa (raw, json)
Hash identifier: djMdI02LlDN0uiXFJjDqrkJd1k5f2seLotnjyP3zSF8=
Subject key identifier: 3A:C9:9E:54:1F:C5:C7:B1:F5:28:6B:DA:03:0E:DB:B9:57:E6:F0:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71ED029045B1E4455B84A1DBDDBF300620405953
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
Signing time: Tue 15 Apr 2025 15:00:59 +0000
ROA not before: Tue 15 Apr 2025 15:00:59 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:ed:02:90:45:b1:e4:45:5b:84:a1:db:dd:bf:30:06:20:40:59:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:59 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=fabcd8e8432ead1e5da146c3d114126772a83dca4122fa862d99f020e9a6ab5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fc:e6:7e:9c:79:f6:94:f4:e8:c5:ac:4c:da:
7e:31:0d:9b:91:c5:f3:a9:71:c9:b3:c0:d2:cd:e5:
69:50:e8:c1:c8:ab:6d:46:12:a0:cd:c5:ed:e5:4e:
09:47:38:ac:a7:39:ee:48:93:6d:d2:ef:b7:38:24:
78:24:f5:d1:58:f5:d8:ae:e8:be:b4:ae:95:67:c2:
69:3d:c1:c1:a1:9d:51:cb:04:c8:27:6e:66:db:43:
95:38:5b:0b:e7:24:c2:4a:ab:1f:fc:69:8b:b9:6e:
e0:50:7d:b5:5a:a9:df:4d:d4:1c:10:8c:e1:04:b1:
15:7f:cc:df:8f:a9:d8:63:4d:9c:94:8c:14:08:dc:
20:47:c4:2a:5b:f8:3b:03:4e:be:2d:3e:c7:6d:75:
09:a4:ef:98:5c:4a:22:d3:b3:99:f9:0a:60:09:86:
d4:f6:5d:ca:9c:4b:93:22:d1:af:af:a6:45:12:01:
37:1b:23:be:04:42:e6:e6:e9:8f:2a:61:5f:45:e0:
02:77:fe:4b:44:e1:73:d8:ac:10:33:bd:f3:fe:ea:
99:8c:d8:ea:81:38:95:82:73:46:74:64:b9:9d:3b:
18:44:3c:43:31:7e:63:72:e5:59:90:1b:21:a0:0d:
04:f8:ec:14:39:f6:91:96:04:5c:a6:82:79:bd:de:
cb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C9:9E:54:1F:C5:C7:B1:F5:28:6B:DA:03:0E:DB:B9:57:E6:F0:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54957543-b22c-43fb-b523-8f40c64fe15d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.192.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:c6:47:0f:f0:fa:51:b1:85:57:2c:40:b6:d6:bd:f1:e1:02:
dd:92:1c:41:8a:51:11:9f:f6:52:c5:12:3b:93:ff:23:24:f5:
a4:e1:7b:7f:f9:9a:7a:66:2d:8b:9c:69:32:5d:cd:bc:9b:e6:
12:03:a8:69:af:ea:28:12:94:20:e3:93:26:43:81:1e:96:16:
3f:9e:af:b8:e9:36:97:d7:30:6a:a6:d9:50:19:5e:49:a2:d8:
79:6f:22:b7:5e:97:77:e7:28:39:82:e0:26:32:0c:2a:c3:e1:
3f:6d:bb:29:9f:0b:43:65:e4:ab:d1:7e:d5:f5:aa:57:ea:93:
97:8c:82:8f:10:76:91:6c:08:85:78:9e:d5:cd:d5:b7:15:9f:
67:72:08:64:d0:0a:c5:c1:24:0b:9d:92:b0:e3:e3:6b:82:60:
1f:5c:51:3a:cd:cd:b9:71:52:45:ef:a0:30:59:aa:5a:68:09:
53:9e:00:a6:6f:e3:f8:70:4a:77:e7:21:16:34:6b:aa:ef:e1:
05:87:1a:05:6e:bb:84:8d:4b:fb:a3:2a:ad:e2:17:4c:56:c2:
5c:50:ab:98:49:fd:ce:de:7c:76:49:e8:72:bc:71:92:4d:72:
9f:38:70:4f:d5:18:6a:4b:30:2c:f0:b6:5a:52:d5:d3:30:d7:
ff:e8:28:57
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUce0CkEWx5EVbhKHb3b8wBiBAWVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwNTlaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhYmNkOGU4NDMyZWFkMWU1ZGExNDZjM2QxMTQxMjY3NzJhODNkY2E0MTIy
ZmE4NjJkOTlmMDIwZTlhNmFiNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKv85n6cefaU9OjFrEzafjENm5HF86lxybPA0s3laVDowcirbUYSoM3F7eVO
CUc4rKc57kiTbdLvtzgkeCT10Vj12K7ovrSulWfCaT3BwaGdUcsEyCduZttDlThb
C+ckwkqrH/xpi7lu4FB9tVqp303UHBCM4QSxFX/M34+p2GNNnJSMFAjcIEfEKlv4
OwNOvi0+x211CaTvmFxKItOzmfkKYAmG1PZdypxLkyLRr6+mRRIBNxsjvgRC5ubp
jyphX0XgAnf+S0Thc9isEDO98/7qmYzY6oE4lYJzRnRkuZ07GEQ8QzF+Y3LlWZAb
IaANBPjsFDn2kZYEXKaCeb3eyzkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ6yZ5U
H8XHsfUoa9oDDtu5V+bw3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ5NTc1NDMtYjIyYy00M2ZiLWI1MjMtOGY0MGM2NGZlMTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAocZHD/D6UbGFVyxAtta98eEC3ZIcQYpREZ/2UsUS
O5P/IyT1pOF7f/maemYti5xpMl3NvJvmEgOoaa/qKBKUIOOTJkOBHpYWP56vuOk2
l9cwaqbZUBleSaLYeW8it16Xd+coOYLgJjIMKsPhP227KZ8LQ2Xkq9F+1fWqV+qT
l4yCjxB2kWwIhXie1c3VtxWfZ3IIZNAKxcEkC52SsOPja4JgH1xROs3NuXFSRe+g
MFmqWmgJU54Apm/j+HBKd+chFjRrqu/hBYcaBW67hI1L+6MqreIXTFbCXFCrmEn9
zt58dknocrxxkk1ynzhwT9UYakswLPC2WlLV0zDX/+goVw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:39 2025 by rpki-client