Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
File: b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa (raw, json)
Hash identifier: vza3H0qGzO93c/evm+VHnrsgaxDQang23xC1rdAi0pE=
Subject key identifier: B1:41:E9:70:08:29:D2:09:B6:C7:9C:E5:46:AA:5C:7D:25:A9:0E:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BF71E6FDC1846C9AF810356CF3E4C81CC303CAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
Signing time: Tue 15 Apr 2025 15:01:24 +0000
ROA not before: Tue 15 Apr 2025 15:01:24 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:f7:1e:6f:dc:18:46:c9:af:81:03:56:cf:3e:4c:81:cc:30:3c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:24 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=33760861f0c80370fc739fc786201ab570c3d1c43faaada8d417ff9b5bc47e67, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ab:de:72:b1:10:9d:8c:af:81:18:dc:06:87:
f5:c8:08:50:66:13:66:92:ec:a2:80:59:ba:15:75:
fe:c6:19:20:36:19:e9:02:27:d5:7b:8a:54:e8:e6:
2b:cf:5e:6f:9b:69:ee:7a:7f:b5:cc:c3:b8:ea:01:
a2:da:4e:8f:0d:6e:d9:b7:89:4a:54:c0:65:af:12:
e7:60:c0:56:42:5b:07:c1:d9:09:5c:33:d6:e7:c5:
52:f9:c3:b0:5f:72:e0:fd:1e:d5:6d:98:53:13:7d:
22:83:f1:19:1a:5c:4d:c9:e9:90:b0:4d:7c:2f:f0:
7e:7d:99:39:dc:d5:05:ed:6b:82:09:3e:bd:d9:6d:
46:20:81:75:df:ff:da:0a:89:0b:f4:2d:2c:ec:a9:
c5:5d:b8:a8:7c:8f:f5:c3:f2:16:a6:6a:c7:c2:a9:
97:cb:f3:b6:8d:59:7b:17:68:6b:3f:f7:94:40:29:
2d:5e:f4:3a:71:f6:9a:e2:bc:aa:d8:89:cd:13:ec:
ac:be:9d:2d:03:50:cf:3e:6d:4b:18:e0:a5:86:93:
aa:62:c9:43:d7:df:20:70:a3:09:60:f3:8b:4d:35:
f6:13:83:96:62:f8:3f:d6:3f:3d:bc:d5:96:84:e1:
6f:1d:88:49:6e:14:a6:77:c9:b5:79:f5:81:41:dc:
0e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:41:E9:70:08:29:D2:09:B6:C7:9C:E5:46:AA:5C:7D:25:A9:0E:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.44.0/22
Signature Algorithm: sha256WithRSAEncryption
23:9d:62:06:b3:6c:89:45:e1:86:a1:a0:aa:04:c7:6f:51:99:
3b:cd:65:5a:d5:13:d0:8f:83:c6:dc:ed:3c:5a:f6:c0:93:b0:
5c:32:96:2b:fc:69:e8:0e:21:01:07:b8:19:4d:ed:98:d1:26:
3b:c5:e6:3d:0a:04:67:c6:8b:87:63:8a:86:da:14:4a:36:bb:
bf:a5:63:da:42:3c:3f:f2:47:94:4d:f1:34:24:a3:67:7f:ea:
58:b5:3d:0f:68:f9:88:de:b2:e1:69:28:f3:ec:5c:18:ed:18:
ba:d9:97:c7:ce:1b:4f:84:fe:9a:01:8f:70:03:e8:5b:bf:fb:
b9:08:38:0f:cd:6c:35:36:1f:73:0c:b6:15:7f:71:d3:e5:ed:
ed:72:0b:68:b9:d2:d7:92:9d:e9:59:f5:ca:66:09:25:50:f1:
3f:11:b9:dd:93:b0:4e:4e:7d:84:19:eb:7e:d4:39:d1:84:89:
ce:42:32:80:00:da:91:78:fc:68:56:05:6c:66:70:ca:9a:5d:
e7:93:27:e1:07:13:c6:04:54:c1:68:f6:55:6e:59:b3:89:07:
97:25:86:3c:4c:81:a0:63:d6:2a:2e:28:0c:de:4a:3e:84:1c:
11:dc:0e:26:68:9d:68:1b:4d:b4:83:e9:fb:40:4a:45:33:9e:
75:b8:26:c3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW/ceb9wYRsmvgQNWzz5MgcwwPKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMjRaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNzYwODYxZjBjODAzNzBmYzczOWZjNzg2MjAxYWI1NzBjM2QxYzQzZmFh
YWRhOGQ0MTdmZjliNWJjNDdlNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSr3nKxEJ2Mr4EY3AaH9cgIUGYTZpLsooBZuhV1/sYZIDYZ6QIn1XuKVOjm
K89eb5tp7np/tczDuOoBotpOjw1u2beJSlTAZa8S52DAVkJbB8HZCVwz1ufFUvnD
sF9y4P0e1W2YUxN9IoPxGRpcTcnpkLBNfC/wfn2ZOdzVBe1rggk+vdltRiCBdd//
2gqJC/QtLOypxV24qHyP9cPyFqZqx8Kpl8vzto1Zexdoaz/3lEApLV70OnH2muK8
qtiJzRPsrL6dLQNQzz5tSxjgpYaTqmLJQ9ffIHCjCWDzi0019hODlmL4P9Y/PbzV
loThbx2ISW4UpnfJtXn1gUHcDtcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSxQelw
CCnSCbbHnOVGqlx9JakOnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhkNTVlOWQtMjczMC00ZWMyLTkxZDUtYWY5OGE1YTUxMzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiLDAN
BgkqhkiG9w0BAQsFAAOCAQEAI51iBrNsiUXhhqGgqgTHb1GZO81lWtUT0I+Dxtzt
PFr2wJOwXDKWK/xp6A4hAQe4GU3tmNEmO8XmPQoEZ8aLh2OKhtoUSja7v6Vj2kI8
P/JHlE3xNCSjZ3/qWLU9D2j5iN6y4Wko8+xcGO0YutmXx84bT4T+mgGPcAPoW7/7
uQg4D81sNTYfcwy2FX9x0+Xt7XILaLnS15Kd6Vn1ymYJJVDxPxG53ZOwTk59hBnr
ftQ50YSJzkIygADakXj8aFYFbGZwyppd55Mn4QcTxgRUwWj2VW5Zs4kHlyWGPEyB
oGPWKi4oDN5KPoQcEdwOJmidaBtNtIPp+0BKRTOedbgmww==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:15 2025 by rpki-client