Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: wtrj+2L2DtkAzIb6c5RNudo5ZNVLotHImLCd4bQ0Oxc=
Subject key identifier: 6D:0C:D1:CC:C5:89:AB:46:AF:12:E7:22:2E:C5:58:4E:EC:6E:05:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C0E361CC1CC1E331ECC9BA930D027BCDE3DA49F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Fri 06 Jun 2025 15:00:09 +0000
ROA not before: Fri 06 Jun 2025 15:00:09 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:0e:36:1c:c1:cc:1e:33:1e:cc:9b:a9:30:d0:27:bc:de:3d:a4:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:09 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=3ae8021c2ff1089105a34bf1f8b49dccb6ba39932e1f4d38bb9f74e9719e2bd0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3c:d0:e5:ea:80:61:2b:04:4e:a7:d5:f8:f3:
a1:06:e2:2e:ad:f0:01:41:57:df:dc:68:c2:1c:7f:
ce:bf:7b:c2:a0:86:27:61:a1:9f:97:11:3c:c0:a6:
b4:6c:c6:7f:e6:c8:82:83:e2:88:41:b2:00:97:99:
66:cb:74:c0:ab:41:33:fe:52:b3:28:98:77:18:8c:
5e:85:45:29:25:24:67:70:47:7f:d8:50:33:1a:ee:
c0:92:ba:ae:90:ff:ce:27:8c:bb:db:ce:7c:f9:9f:
cc:3c:41:78:29:bf:7d:99:02:04:1a:f8:85:77:fa:
03:d3:65:af:3a:3d:3a:e0:10:7a:2d:fe:f7:0a:3d:
91:34:87:50:2e:f2:37:e3:93:e4:46:8c:df:09:6a:
f9:e6:a3:da:ab:0a:da:fa:72:58:d4:6a:43:7b:26:
06:f4:36:1c:ac:f6:c3:e8:4e:78:83:fa:99:a5:b5:
e3:0a:24:3b:66:ef:6f:ca:0d:76:47:90:2b:71:73:
8c:d7:53:44:37:b6:7f:2d:48:30:cc:dc:ae:eb:cf:
28:f2:eb:1f:e6:05:18:88:61:db:43:99:2b:0f:f6:
aa:2e:df:f8:f8:3f:70:da:d4:85:3b:22:cf:0f:41:
62:33:20:a8:8e:84:42:ab:81:f6:2c:3c:a1:6e:97:
5c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0C:D1:CC:C5:89:AB:46:AF:12:E7:22:2E:C5:58:4E:EC:6E:05:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
22:8e:b0:ed:35:4a:d3:89:e1:d7:42:32:b4:14:7a:62:be:34:
ea:7a:c0:cb:61:23:af:87:ea:33:82:63:02:bb:5f:1b:aa:a4:
9c:f0:6a:83:0a:97:17:fe:b9:ac:9e:de:bf:62:86:fb:df:9e:
ec:33:91:64:bd:13:86:ad:6f:59:01:84:44:df:a7:d4:0a:09:
75:78:c1:3a:57:03:92:61:63:11:b1:6c:bb:8d:1a:a8:26:77:
78:da:fa:2e:b3:76:57:b4:28:82:9d:44:e5:45:31:73:ad:f5:
78:c1:ec:e0:2b:d0:7f:df:0b:84:20:8a:f2:7c:49:ff:69:0c:
6a:2a:52:19:14:3b:f5:92:b6:58:27:49:7f:3d:21:20:cd:ae:
4f:a0:b9:eb:2f:76:dc:42:31:55:48:f5:6d:90:a9:fa:61:4a:
14:19:68:c2:95:98:c0:fd:4c:b3:a2:40:06:43:bb:43:26:9f:
11:3e:1d:fa:97:6e:26:29:4c:de:27:79:bb:b9:d3:6c:d0:15:
95:b7:6b:58:88:16:cc:3c:65:ce:23:c5:b8:d6:35:69:35:25:
c4:0e:25:cf:31:4f:51:1f:8a:ae:0e:1d:cf:ea:53:0a:56:7c:
51:80:1e:9d:b7:53:8e:d0:69:8f:ef:70:b6:7c:3f:77:ea:c2:
4f:14:48:b9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbA42HMHMHjMezJupMNAnvN49pJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMDlaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhZTgwMjFjMmZmMTA4OTEwNWEzNGJmMWY4YjQ5ZGNjYjZiYTM5OTMyZTFm
NGQzOGJiOWY3NGU5NzE5ZTJiZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM480OXqgGErBE6n1fjzoQbiLq3wAUFX39xowhx/zr97wqCGJ2Ghn5cRPMCm
tGzGf+bIgoPiiEGyAJeZZst0wKtBM/5SsyiYdxiMXoVFKSUkZ3BHf9hQMxruwJK6
rpD/zieMu9vOfPmfzDxBeCm/fZkCBBr4hXf6A9Nlrzo9OuAQei3+9wo9kTSHUC7y
N+OT5EaM3wlq+eaj2qsK2vpyWNRqQ3smBvQ2HKz2w+hOeIP6maW14wokO2bvb8oN
dkeQK3FzjNdTRDe2fy1IMMzcruvPKPLrH+YFGIhh20OZKw/2qi7f+Pg/cNrUhTsi
zw9BYjMgqI6EQquB9iw8oW6XXL8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRtDNHM
xYmrRq8S5yIuxVhO7G4F6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEAIo6w7TVK04nh10IytBR6Yr406nrAy2Ejr4fqM4Jj
ArtfG6qknPBqgwqXF/65rJ7ev2KG+9+e7DORZL0Thq1vWQGERN+n1AoJdXjBOlcD
kmFjEbFsu40aqCZ3eNr6LrN2V7Qogp1E5UUxc631eMHs4CvQf98LhCCK8nxJ/2kM
aipSGRQ79ZK2WCdJfz0hIM2uT6C56y923EIxVUj1bZCp+mFKFBlowpWYwP1Ms6JA
BkO7QyafET4d+pduJilM3id5u7nTbNAVlbdrWIgWzDxlziPFuNY1aTUlxA4lzzFP
UR+Krg4dz+pTClZ8UYAenbdTjtBpj+9wtnw/d+rCTxRIuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:51 2025 by rpki-client