Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json)
Hash identifier: 6aWfVlVzSFfFp61UN/wlw4fk67l4ZGjpRvSsnxSyB3I=
Subject key identifier: D5:BF:9B:07:E9:9C:6C:39:38:07:A4:1E:52:A4:C7:56:15:B0:29:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72521739E1F5B5349AA43674341ECAF2C449AB5D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
Signing time: Tue 15 Apr 2025 15:01:35 +0000
ROA not before: Tue 15 Apr 2025 15:01:35 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:52:17:39:e1:f5:b5:34:9a:a4:36:74:34:1e:ca:f2:c4:49:ab:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:35 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=f09a30c65790ab79eff5b2af5108c5ce9a2e8ab8a2151f2eae547c0571d3fc05, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:46:63:b3:db:83:a3:1f:09:c4:be:2a:dc:96:
d9:b2:6d:8e:3f:79:40:e0:5f:a9:82:05:de:0f:f3:
df:54:98:e8:a3:1d:77:0a:31:ec:9c:5c:81:03:71:
89:99:f1:97:b8:c9:01:d5:fb:4f:a0:b3:f3:ea:2f:
68:13:1f:fd:1f:58:3f:ff:18:21:83:fb:91:cb:56:
f0:35:4d:73:09:95:c1:48:28:54:eb:cb:f6:83:84:
c3:d3:a6:59:d0:fe:dc:db:3b:c0:c8:31:3b:85:74:
ea:94:78:cb:db:8d:15:ad:c2:d7:44:85:23:42:e4:
45:08:58:05:b8:8a:19:34:b4:fc:4c:8b:5a:b1:7e:
3a:22:8b:0a:e2:14:aa:63:0a:cd:cc:0f:5a:b4:d5:
e3:50:e8:a5:11:2a:39:ab:6f:83:6f:b7:ac:3b:81:
32:cd:da:a5:ad:63:45:68:04:44:1a:33:25:b4:7d:
c9:f6:8f:03:44:a5:5c:59:ca:37:b0:e0:c4:cf:dc:
85:c3:88:91:61:59:ed:5b:b5:69:11:50:7b:4b:f2:
90:65:38:da:a4:c4:8d:ac:de:5d:d7:ba:2b:0e:90:
1e:65:0d:39:de:b1:8b:35:71:d1:86:9d:72:46:b5:
55:26:60:7d:b3:e7:bc:99:86:c1:c2:61:e0:79:81:
cd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BF:9B:07:E9:9C:6C:39:38:07:A4:1E:52:A4:C7:56:15:B0:29:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:47:e8:86:62:66:06:94:23:81:02:ff:f7:0b:d2:e6:a9:9b:
60:87:94:f9:53:89:44:22:81:37:9c:62:05:d2:cf:e2:ce:02:
c8:12:71:03:15:bd:c2:b4:f4:33:14:22:9e:44:58:63:c8:ea:
74:1d:19:c5:91:71:83:3b:c2:ac:cb:ce:cb:10:f1:38:d7:90:
ee:be:2b:49:39:6a:c6:b9:33:01:0e:cd:d2:f9:3d:f1:d4:3f:
b7:b1:68:38:29:2b:64:ea:70:b6:13:5e:62:58:29:61:e4:4e:
c1:50:5b:db:ae:94:0d:7a:ad:95:4b:89:a0:94:f8:a1:bf:6d:
c4:99:d9:62:90:7e:7f:0f:92:e1:66:80:bd:46:36:8d:f0:36:
ed:1b:b5:d0:8c:d0:1a:02:43:6e:b9:b0:f1:96:d4:64:7d:21:
7d:f3:20:60:cf:32:9b:8e:06:36:3f:af:ff:47:9c:89:d0:05:
04:7a:a3:c3:20:2d:d5:30:04:d5:d7:59:1c:76:3c:cb:6c:08:
3d:a0:6e:69:fc:c4:19:1d:2d:be:fc:e5:e6:fd:ce:f9:a6:25:
8a:e6:40:ba:ea:32:7c:92:d4:fe:e9:26:7a:1f:99:ea:26:e3:
b6:c8:17:45:bf:d9:cf:29:e9:46:68:d3:d3:72:1b:aa:d0:c8:
0c:21:49:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUclIXOeH1tTSapDZ0NB7K8sRJq10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMzVaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwOWEzMGM2NTc5MGFiNzllZmY1YjJhZjUxMDhjNWNlOWEyZThhYjhhMjE1
MWYyZWFlNTQ3YzA1NzFkM2ZjMDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOVGY7Pbg6MfCcS+KtyW2bJtjj95QOBfqYIF3g/z31SY6KMddwox7JxcgQNx
iZnxl7jJAdX7T6Cz8+ovaBMf/R9YP/8YIYP7kctW8DVNcwmVwUgoVOvL9oOEw9Om
WdD+3Ns7wMgxO4V06pR4y9uNFa3C10SFI0LkRQhYBbiKGTS0/EyLWrF+OiKLCuIU
qmMKzcwPWrTV41DopREqOatvg2+3rDuBMs3apa1jRWgERBozJbR9yfaPA0SlXFnK
N7DgxM/chcOIkWFZ7Vu1aRFQe0vykGU42qTEjazeXde6Kw6QHmUNOd6xizVx0Yad
cka1VSZgfbPnvJmGwcJh4HmBzXsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTVv5sH
6ZxsOTgHpB5SpMdWFbApQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAekfohmJmBpQjgQL/9wvS5qmbYIeU+VOJRCKBN5xi
BdLP4s4CyBJxAxW9wrT0MxQinkRYY8jqdB0ZxZFxgzvCrMvOyxDxONeQ7r4rSTlq
xrkzAQ7N0vk98dQ/t7FoOCkrZOpwthNeYlgpYeROwVBb266UDXqtlUuJoJT4ob9t
xJnZYpB+fw+S4WaAvUY2jfA27Ru10IzQGgJDbrmw8ZbUZH0hffMgYM8ym44GNj+v
/0ecidAFBHqjwyAt1TAE1ddZHHY8y2wIPaBuafzEGR0tvvzl5v3O+aYliuZAuuoy
fJLU/ukmeh+Z6ibjtsgXRb/ZzynpRmjT03IbqtDIDCFJ/g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:12 2025 by rpki-client