Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: KJQ76G1OeI4Zq4yE5/akvThGavKh68utJ9lYOj5VXPo=
Subject key identifier: 17:D1:0E:FD:38:B9:5D:D5:32:CE:C7:88:EB:60:93:F8:8F:0D:A6:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 672FBFD14A04BDF103E1AF3A6945620AC9997FB4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Tue 15 Apr 2025 15:01:18 +0000
ROA not before: Tue 15 Apr 2025 15:01:18 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:2f:bf:d1:4a:04:bd:f1:03:e1:af:3a:69:45:62:0a:c9:99:7f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:18 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=af3553d01f4493680dc1243fa6f4b2757b3f0ef6ef77fb9b1604c67e4e340ccd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:53:33:61:4b:22:c7:ec:13:6c:a0:33:e4:07:
e4:78:55:80:75:27:59:cd:87:03:53:d9:80:8b:16:
f0:1e:cf:18:2f:a3:0c:d4:c1:b4:94:62:e4:9e:bc:
c7:25:82:b6:88:70:43:46:08:a3:49:c9:89:0a:57:
bb:04:0d:23:8b:61:0b:ea:bf:db:a3:2d:6d:d6:8b:
a9:74:37:70:c6:4c:c9:e2:25:ee:21:3e:49:cb:78:
e8:28:41:ff:6b:9a:74:c1:e6:b6:f1:ac:e1:04:61:
19:10:53:25:5a:3a:28:dd:52:c4:ff:cf:a3:8f:49:
09:3e:68:71:92:3d:ba:60:7b:92:44:99:22:c8:7e:
97:ce:cb:57:a3:e0:6e:eb:31:30:8b:ab:eb:64:fc:
12:df:9b:be:1f:fc:97:b2:26:00:28:a1:a1:d9:d3:
4e:ea:97:0c:b6:f0:b8:c9:ae:c0:60:0a:eb:15:ee:
43:ca:2e:a1:6c:29:03:5f:6c:4a:69:5a:33:46:aa:
62:ff:02:b9:b5:08:c7:74:70:44:d4:c2:1f:dc:95:
1d:5a:7d:e9:b0:ce:b2:33:b5:4c:52:c9:5c:51:b3:
57:61:1e:5c:27:2d:8b:d3:bb:66:c8:be:8c:7b:ff:
3f:dc:60:89:7b:fc:29:c1:9e:38:21:d3:b0:3c:a6:
e6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D1:0E:FD:38:B9:5D:D5:32:CE:C7:88:EB:60:93:F8:8F:0D:A6:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:75:c4:f2:2f:be:9e:f6:d3:b1:60:b0:1c:47:b3:a6:01:84:
f5:6d:09:d9:3a:b0:c4:c3:59:ce:73:10:90:a6:09:e7:36:5c:
60:5d:88:37:89:a7:04:4b:60:99:a9:93:26:ed:b7:25:66:f2:
5f:37:f6:d5:69:ba:7c:d3:3c:28:d6:ea:64:58:36:5d:c0:34:
86:ea:d0:ed:52:10:ed:82:67:ac:0a:64:ee:5f:a9:dd:eb:5b:
87:24:9a:9a:a4:58:56:d5:8a:e9:77:54:6e:cd:fe:f4:ae:79:
70:fc:12:a6:73:b5:b1:03:22:ab:b3:b8:64:21:1a:56:db:64:
af:f2:0d:12:84:e7:ef:eb:e7:e5:38:74:5d:07:0c:cd:be:77:
bf:f7:30:1c:15:1c:ec:33:77:d8:d3:0e:02:33:32:59:c9:dd:
82:7f:a7:90:af:2a:38:54:f5:f5:80:b5:74:f7:b6:fe:f2:59:
06:1f:69:a5:5c:f3:14:3d:e3:de:f1:38:80:c0:1f:03:91:70:
5b:6d:cc:61:82:f5:5a:a2:6f:3e:c4:40:78:9f:ef:04:9c:81:
e2:d7:4c:4e:c2:d5:d2:ec:4d:62:0b:8f:f3:13:fd:c9:a3:b6:
0f:82:bd:38:78:76:93:82:e4:41:ec:ec:c3:87:17:c8:56:6a:
ca:07:d1:f0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZy+/0UoEvfED4a86aUViCsmZf7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMThaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMzU1M2QwMWY0NDkzNjgwZGMxMjQzZmE2ZjRiMjc1N2IzZjBlZjZlZjc3
ZmI5YjE2MDRjNjdlNGUzNDBjY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJTM2FLIsfsE2ygM+QH5HhVgHUnWc2HA1PZgIsW8B7PGC+jDNTBtJRi5J68
xyWCtohwQ0YIo0nJiQpXuwQNI4thC+q/26MtbdaLqXQ3cMZMyeIl7iE+Sct46ChB
/2uadMHmtvGs4QRhGRBTJVo6KN1SxP/Po49JCT5ocZI9umB7kkSZIsh+l87LV6Pg
busxMIur62T8Et+bvh/8l7ImACihodnTTuqXDLbwuMmuwGAK6xXuQ8ouoWwpA19s
SmlaM0aqYv8CubUIx3RwRNTCH9yVHVp96bDOsjO1TFLJXFGzV2EeXCcti9O7Zsi+
jHv/P9xgiXv8KcGeOCHTsDym5sECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQX0Q79
OLld1TLOx4jrYJP4jw2m3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEAWnXE8i++nvbTsWCwHEezpgGE9W0J2TqwxMNZznMQ
kKYJ5zZcYF2IN4mnBEtgmamTJu23JWbyXzf21Wm6fNM8KNbqZFg2XcA0hurQ7VIQ
7YJnrApk7l+p3etbhySamqRYVtWK6XdUbs3+9K55cPwSpnO1sQMiq7O4ZCEaVttk
r/INEoTn7+vn5Th0XQcMzb53v/cwHBUc7DN32NMOAjMyWcndgn+nkK8qOFT19YC1
dPe2/vJZBh9ppVzzFD3j3vE4gMAfA5FwW23MYYL1WqJvPsRAeJ/vBJyB4tdMTsLV
0uxNYguP8xP9yaO2D4K9OHh2k4LkQezsw4cXyFZqygfR8A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:59 2025 by rpki-client