Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: bAEq0lUcRCz7aratvfQbB2NkjqbczcZMmdSxoH9cLDM=
Subject key identifier: D4:B0:33:7B:F2:F3:03:6C:AA:18:1A:77:17:70:90:C1:B8:91:D5:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 476A1650E115D5EAAFC92B67FF5F1924BBC203CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Fri 25 Apr 2025 18:10:38 +0000
ROA not before: Fri 25 Apr 2025 18:10:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:6a:16:50:e1:15:d5:ea:af:c9:2b:67:ff:5f:19:24:bb:c2:03:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7204d62a685f7ba33f16a92318e38ba047f55d6dfe33c783ee4ecf51c98cbe3f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5e:b9:08:7f:52:fe:b9:6d:02:9e:77:22:52:
c9:c6:15:28:39:b4:43:97:fd:1c:00:3f:04:85:b3:
00:60:4a:60:25:92:b6:7c:7b:6a:05:4d:1c:54:36:
5f:18:b8:cb:1a:11:a6:56:51:a0:3a:1e:89:57:42:
c5:6e:da:c5:3e:00:7f:6f:45:15:ab:02:a8:b5:0f:
fc:5c:3d:ef:04:f9:3d:68:34:76:6a:13:29:40:03:
9e:0e:b0:10:3b:f0:64:7e:8e:eb:8c:b6:40:7b:2d:
fa:9c:27:a8:93:98:89:db:9f:c0:63:82:61:e9:ae:
b9:c2:bb:7a:c8:97:09:da:a0:64:fe:91:26:7f:90:
fd:f5:98:a6:89:62:88:03:60:e0:e9:02:05:07:3e:
be:28:fe:b7:dc:15:37:50:31:bf:95:e2:a1:31:55:
84:2f:92:22:0e:2e:ab:a4:b8:45:98:7a:1c:cf:ce:
d6:be:48:68:b8:87:44:66:2f:53:6f:29:da:ca:10:
d8:9c:14:d0:16:b6:cc:b3:46:ea:be:2f:c6:ea:80:
b2:af:2b:e5:b0:cf:1b:df:1c:e3:f2:de:37:f1:ff:
b0:85:30:de:3f:92:bd:a5:15:b5:29:66:0d:c2:c0:
14:51:1e:32:9e:d5:ca:e5:86:b1:07:2b:e8:c9:e1:
0c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B0:33:7B:F2:F3:03:6C:AA:18:1A:77:17:70:90:C1:B8:91:D5:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
57:57:a8:0a:6b:b4:d3:16:08:bf:05:63:4c:31:72:f8:df:23:
82:9b:4e:ac:e2:f3:42:b2:b8:c4:0d:ee:fe:25:1c:a3:7e:fb:
97:c2:8d:88:43:30:d3:d5:db:fb:eb:8d:2a:83:72:69:8c:58:
01:b7:c5:1a:7d:ba:83:76:2c:9a:a1:72:c2:64:53:af:bb:b5:
14:28:ef:a0:59:b7:2c:84:0d:00:f1:47:48:51:a4:e4:57:df:
8e:14:49:ab:7a:99:43:f5:e2:37:c9:e9:e3:74:f5:da:c2:70:
86:9d:52:f0:b2:85:31:b9:d0:80:9a:49:79:f4:17:69:fb:19:
cc:bf:c6:2e:65:42:fc:1f:fc:45:9a:d1:a7:e9:6a:0d:62:a9:
dd:cb:6c:fa:7b:57:b4:41:e7:e9:fa:c0:fb:c8:69:1d:45:39:
6e:dc:db:dc:b6:08:40:83:d7:88:bf:92:d9:7f:47:3e:92:70:
23:e1:89:ee:7d:04:18:75:c8:e5:5a:5f:9d:69:d0:21:f2:71:
51:e6:72:7e:67:24:12:87:a8:1a:8b:63:32:4e:ce:1c:66:c2:
a6:e9:29:3f:e1:d6:5c:94:92:74:f4:d6:23:0c:19:b1:05:2c:
63:46:f3:95:52:5d:73:5e:f3:47:14:1a:fb:ba:89:b7:f4:1f:
8a:b7:85:c3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR2oWUOEV1eqvyStn/18ZJLvCA88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMDRkNjJhNjg1ZjdiYTMzZjE2YTkyMzE4ZTM4YmEwNDdmNTVkNmRmZTMz
Yzc4M2VlNGVjZjUxYzk4Y2JlM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFeuQh/Uv65bQKedyJSycYVKDm0Q5f9HAA/BIWzAGBKYCWStnx7agVNHFQ2
Xxi4yxoRplZRoDoeiVdCxW7axT4Af29FFasCqLUP/Fw97wT5PWg0dmoTKUADng6w
EDvwZH6O64y2QHst+pwnqJOYidufwGOCYemuucK7esiXCdqgZP6RJn+Q/fWYpoli
iANg4OkCBQc+vij+t9wVN1Axv5XioTFVhC+SIg4uq6S4RZh6HM/O1r5IaLiHRGYv
U28p2soQ2JwU0Ba2zLNG6r4vxuqAsq8r5bDPG98c4/LeN/H/sIUw3j+SvaUVtSlm
DcLAFFEeMp7VyuWGsQcr6MnhDL8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTUsDN7
8vMDbKoYGncXcJDBuJHV+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAV1eoCmu00xYIvwVjTDFy+N8jgptOrOLzQrK4xA3u
/iUco377l8KNiEMw09Xb++uNKoNyaYxYAbfFGn26g3YsmqFywmRTr7u1FCjvoFm3
LIQNAPFHSFGk5FffjhRJq3qZQ/XiN8np43T12sJwhp1S8LKFMbnQgJpJefQXafsZ
zL/GLmVC/B/8RZrRp+lqDWKp3cts+ntXtEHn6frA+8hpHUU5btzb3LYIQIPXiL+S
2X9HPpJwI+GJ7n0EGHXI5VpfnWnQIfJxUeZyfmckEoeoGotjMk7OHGbCpukpP+HW
XJSSdPTWIwwZsQUsY0bzlVJdc17zRxQa+7qJt/QfireFww==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:25 2025 by rpki-client