Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
File: 9386a656-dfeb-4ebf-847d-bd931e09dd13.roa (raw, json)
Hash identifier: nGM9Kdh5kU+tKbYtgN1lsq9jethy8Cf+vS8zJ+LhB4Y=
Subject key identifier: 4B:7F:41:85:DF:69:56:50:1D:47:59:58:DB:21:83:11:08:D6:CB:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C8BD26CCCAF3BD18F806257B71AADA9267B1E13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
Signing time: Fri 25 Apr 2025 18:10:39 +0000
ROA not before: Fri 25 Apr 2025 18:10:39 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:8b:d2:6c:cc:af:3b:d1:8f:80:62:57:b7:1a:ad:a9:26:7b:1e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:39 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ee93271bccd4c8feb765d877c530a3c1cb2cde96f1556aef30afcb7e17d30d1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f7:fe:2f:75:3b:e7:de:9b:96:90:c2:bc:cd:
f2:bf:14:40:ed:1c:66:87:88:fc:f6:70:2a:7d:bf:
7e:bd:8e:da:79:08:ec:6b:10:db:ba:e8:8c:18:27:
d7:ef:2d:de:1a:ff:a6:bf:07:e7:89:5d:94:61:90:
ae:99:f1:00:82:3e:3c:99:60:7f:a0:d6:a2:be:c8:
d4:18:e8:47:6e:cc:98:84:6c:82:eb:ad:c2:f0:12:
d6:52:be:df:48:d8:cc:08:58:ab:0f:f6:ef:23:7e:
71:b4:17:c0:42:73:76:7f:ad:68:14:21:22:a3:49:
b1:3f:be:9e:cd:f8:e3:9e:d6:98:73:08:a9:d8:53:
f5:52:83:79:f9:d6:b7:fe:e9:c9:1c:b4:27:ca:b1:
a3:de:2a:0e:fe:22:0b:01:c6:eb:1e:d1:59:20:ab:
65:7c:bc:9b:55:f3:45:c5:94:e1:37:7e:1c:a1:08:
2e:0e:3b:14:66:15:19:74:57:59:fb:b2:d4:44:95:
75:d8:db:c1:40:ac:bc:8c:e4:c7:98:a1:44:29:6b:
a4:f1:8d:4f:c0:dd:79:2a:1b:6c:23:f1:f8:6a:e2:
2b:88:13:b2:c1:6d:70:5f:6b:7e:3e:c1:16:40:4c:
f0:98:ab:2d:5b:bf:80:37:d8:55:55:d7:d7:6d:de:
6b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7F:41:85:DF:69:56:50:1D:47:59:58:DB:21:83:11:08:D6:CB:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:7b:43:0d:57:16:ae:f1:10:1c:e3:01:4c:4c:34:b4:28:5b:
19:1a:96:dd:a0:e6:d0:85:0a:65:a0:95:16:19:e9:79:8a:8b:
d6:2b:6a:b8:07:0f:9b:c6:79:fc:2b:e7:db:df:b5:bd:c1:4b:
8c:bf:42:ef:6f:fc:bb:f2:9a:75:ea:4f:bd:1e:de:3b:2d:5c:
e3:fb:01:96:a2:8a:a8:37:cf:6c:8a:3f:77:97:e1:57:2f:f8:
ad:48:aa:f1:12:dc:df:eb:74:2a:2b:2d:84:66:4a:9e:e0:25:
27:1c:f7:9f:0f:81:d7:d8:5b:09:1a:18:42:56:64:40:93:7b:
fe:1d:7d:9f:25:b3:73:21:9b:72:e5:78:c8:ee:47:a0:01:65:
22:c1:7c:7f:47:e1:27:c0:e7:67:8a:24:0d:91:cc:b4:2a:80:
df:88:89:86:d1:1e:85:0d:d2:f9:61:aa:94:68:ad:f1:44:b8:
c3:9f:8a:3f:d2:63:5b:2e:d4:d7:fb:58:35:3d:1f:48:db:05:
b0:88:0a:17:9d:a1:fb:06:e1:06:2e:c2:04:4b:fd:fc:b4:2b:
5f:1b:b6:a7:6d:4f:15:93:0b:2b:11:54:8a:2c:e4:3c:bc:7a:
b8:19:e7:bb:87:ba:f4:01:d6:92:29:a6:61:35:fd:1e:44:5e:
ac:aa:df:d2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULIvSbMyvO9GPgGJXtxqtqSZ7HhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMzlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlOTMyNzFiY2NkNGM4ZmViNzY1ZDg3N2M1MzBhM2MxY2IyY2RlOTZmMTU1
NmFlZjMwYWZjYjdlMTdkMzBkMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz3/i91O+fem5aQwrzN8r8UQO0cZoeI/PZwKn2/fr2O2nkI7GsQ27rojBgn
1+8t3hr/pr8H54ldlGGQrpnxAII+PJlgf6DWor7I1BjoR27MmIRsguutwvAS1lK+
30jYzAhYqw/27yN+cbQXwEJzdn+taBQhIqNJsT++ns34457WmHMIqdhT9VKDefnW
t/7pyRy0J8qxo94qDv4iCwHG6x7RWSCrZXy8m1XzRcWU4Td+HKEILg47FGYVGXRX
Wfuy1ESVddjbwUCsvIzkx5ihRClrpPGNT8DdeSobbCPx+GriK4gTssFtcF9rfj7B
FkBM8JirLVu/gDfYVVXX123ea/sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRLf0GF
32lWUB1HWVjbIYMRCNbLVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM4NmE2NTYtZGZlYi00ZWJmLTg0N2QtYmQ5MzFlMDlkZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEATXtDDVcWrvEQHOMBTEw0tChbGRqW3aDm0IUKZaCV
FhnpeYqL1itquAcPm8Z5/Cvn29+1vcFLjL9C72/8u/KadepPvR7eOy1c4/sBlqKK
qDfPbIo/d5fhVy/4rUiq8RLc3+t0KisthGZKnuAlJxz3nw+B19hbCRoYQlZkQJN7
/h19nyWzcyGbcuV4yO5HoAFlIsF8f0fhJ8DnZ4okDZHMtCqA34iJhtEehQ3S+WGq
lGit8US4w5+KP9JjWy7U1/tYNT0fSNsFsIgKF52h+wbhBi7CBEv9/LQrXxu2p21P
FZMLKxFUiizkPLx6uBnnu4e69AHWkimmYTX9HkRerKrf0g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:25 2025 by rpki-client