Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
File: 9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa (raw, json)
Hash identifier: aYZXDCdFhDWxi0PzbSqsInF9Rw7AsAjALAS9bDEfv3c=
Subject key identifier: 9C:3C:4D:28:4A:51:86:F5:84:32:F5:7F:41:B9:FE:70:45:4A:00:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 727C22B828B70C6B5CB6B73C9EC14959CEDCA674
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
Signing time: Tue 15 Apr 2025 15:01:21 +0000
ROA not before: Tue 15 Apr 2025 15:01:21 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:7c:22:b8:28:b7:0c:6b:5c:b6:b7:3c:9e:c1:49:59:ce:dc:a6:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:21 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=c684ececd4c33a7415b6e933a097354ec7ef5cc1aff3f6dc9d80ba8a7231beeb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:58:fc:6c:00:c6:85:1b:6d:ef:a1:76:0c:fd:
a5:35:fd:86:40:ab:62:33:a7:c5:8f:23:60:8e:c5:
a8:ae:ce:ee:b1:7c:01:8a:02:0e:96:0c:ad:d5:9c:
a6:71:0c:1b:89:46:1e:3d:69:09:6d:5e:22:2a:ff:
42:14:e0:b5:2f:d0:5a:42:06:82:c0:26:7f:82:da:
7a:fa:fe:6e:8e:ed:fc:82:ed:bb:69:1e:6a:1d:a5:
06:35:af:4d:61:77:c8:74:fe:97:3f:f1:02:4a:6f:
25:0e:90:ac:52:72:7c:ce:28:5d:8d:cb:7b:3d:24:
87:05:0d:d0:0d:35:d9:57:08:c7:20:b3:b1:cc:6c:
cd:4c:8a:07:38:dc:a9:79:cd:fe:af:90:b9:b4:2c:
cf:2d:d5:8c:b4:ed:e6:c1:d3:3f:84:83:e8:ba:b7:
76:c4:a2:ea:d5:6b:b4:a6:69:1c:b6:d7:9f:15:5a:
ec:1f:88:be:5f:89:1c:38:d7:30:9b:0d:37:bd:ac:
82:41:82:f6:c7:e9:ee:6a:f9:56:c0:a2:d9:37:9c:
8a:3c:9c:4f:4e:d8:34:6b:08:5a:62:65:b0:53:12:
9f:32:33:fc:07:dd:27:90:e2:c7:43:98:48:46:96:
87:0c:3e:6b:0a:56:11:3a:32:56:89:0e:3b:24:ec:
86:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3C:4D:28:4A:51:86:F5:84:32:F5:7F:41:B9:FE:70:45:4A:00:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:c5:15:81:c8:cc:d8:69:ec:fd:5a:2b:fb:e1:fa:63:af:f7:
d2:9f:f5:1e:ae:e8:e8:c9:93:43:9d:0d:40:5b:e3:f8:6e:0f:
fb:1f:3a:28:fa:23:18:f5:47:3d:78:da:08:2f:01:6a:e2:4c:
fd:89:1a:b6:bb:d6:eb:ae:ab:a6:91:ec:97:c4:a6:fe:39:ac:
db:ee:66:ed:76:78:26:c4:57:35:d0:17:6c:19:0b:fe:d8:45:
d9:d4:c8:1a:11:91:4f:99:18:08:f9:d4:82:5e:fa:49:b6:49:
f8:a0:1f:ab:25:fd:2e:2f:5e:00:3a:60:ce:e4:8d:a1:f3:e1:
36:15:52:46:d9:31:b8:16:8a:86:31:e1:b7:c8:78:dc:a3:c2:
90:a3:ae:a4:fb:00:30:c0:48:dc:1f:4c:50:b1:f0:99:7b:fc:
94:7f:66:07:b6:1c:a5:35:51:12:ad:4f:6b:78:78:52:08:dc:
01:ac:f7:44:08:df:6d:a2:77:27:ca:a7:30:ea:89:f4:69:a8:
f7:3b:03:e0:8f:6a:1c:cf:2c:34:2d:d9:35:2e:e6:95:69:4a:
cc:0d:80:14:bd:20:06:38:9a:07:b5:27:5a:ae:ad:a1:db:41:
92:a3:70:64:e8:45:8b:8f:0a:1f:0f:48:8e:f6:f2:b3:df:16:
39:e8:5c:70
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcnwiuCi3DGtctrc8nsFJWc7cpnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMjFaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2ODRlY2VjZDRjMzNhNzQxNWI2ZTkzM2EwOTczNTRlYzdlZjVjYzFhZmYz
ZjZkYzlkODBiYThhNzIzMWJlZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPxY/GwAxoUbbe+hdgz9pTX9hkCrYjOnxY8jYI7FqK7O7rF8AYoCDpYMrdWc
pnEMG4lGHj1pCW1eIir/QhTgtS/QWkIGgsAmf4Laevr+bo7t/ILtu2keah2lBjWv
TWF3yHT+lz/xAkpvJQ6QrFJyfM4oXY3Lez0khwUN0A012VcIxyCzscxszUyKBzjc
qXnN/q+QubQszy3VjLTt5sHTP4SD6Lq3dsSi6tVrtKZpHLbXnxVa7B+Ivl+JHDjX
MJsNN72sgkGC9sfp7mr5VsCi2TecijycT07YNGsIWmJlsFMSnzIz/AfdJ5Dix0OY
SEaWhww+awpWEToyVokOOyTshhcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBScPE0o
SlGG9YQy9X9Buf5wRUoAajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5NzI4NWYtZGRiZS00NTI1LWFjNjItYTk2ZDJmYmI1Y2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAXMUVgcjM2Gns/Vor++H6Y6/30p/1Hq7o6MmTQ50N
QFvj+G4P+x86KPojGPVHPXjaCC8BauJM/YkatrvW666rppHsl8Sm/jms2+5m7XZ4
JsRXNdAXbBkL/thF2dTIGhGRT5kYCPnUgl76SbZJ+KAfqyX9Li9eADpgzuSNofPh
NhVSRtkxuBaKhjHht8h43KPCkKOupPsAMMBI3B9MULHwmXv8lH9mB7YcpTVREq1P
a3h4UgjcAaz3RAjfbaJ3J8qnMOqJ9Gmo9zsD4I9qHM8sNC3ZNS7mlWlKzA2AFL0g
BjiaB7UnWq6todtBkqNwZOhFi48KHw9Ijvbys98WOehccA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:16 2025 by rpki-client