Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
File: ca3047ed-6074-479d-9d85-26334085e41c.roa (raw, json)
Hash identifier: s8mvUuJni2EG5ZZDLgpRlZB9cMeHEr8CEopkQcZIbEc=
Subject key identifier: A8:40:B3:F2:D3:EA:A1:8A:24:FC:D6:C9:AF:F6:84:19:A1:36:66:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D5994B38EE7F5F94C6C4FF74D881C01EC2DA701
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
Signing time: Tue 15 Apr 2025 15:00:52 +0000
ROA not before: Tue 15 Apr 2025 15:00:52 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:59:94:b3:8e:e7:f5:f9:4c:6c:4f:f7:4d:88:1c:01:ec:2d:a7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:52 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=3636f03a676ec054aa3515a8e5bff390eb01dba9a1d9190a2f9e8ffb8f2828e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d2:07:1f:7c:f2:c3:27:a1:dd:3c:65:6a:ab:
a2:5a:3c:9b:1d:83:e0:27:4e:2e:26:51:23:4e:95:
f3:c5:d1:56:69:4b:10:8a:42:70:5c:00:ed:5c:ac:
3d:ed:99:7c:40:5a:9d:e4:cd:2d:64:d8:aa:41:fb:
47:1d:0a:b8:71:e8:32:8f:5c:83:4e:06:fe:39:cb:
ec:98:a7:86:da:88:e7:23:e0:34:82:a2:44:35:ea:
a6:58:e7:b7:11:8c:58:a3:88:90:c6:4c:95:3e:21:
f7:65:39:74:d2:f0:da:06:f4:55:cc:1b:f7:e2:ce:
eb:e7:3e:fa:69:97:fc:11:00:a0:54:b3:e4:f7:a1:
55:91:78:2d:bd:36:e8:12:9c:ef:64:51:f6:94:c2:
49:d0:99:de:b0:0f:ad:8e:29:46:ce:d5:6a:31:40:
73:43:58:36:a6:b6:57:70:79:b8:9b:4b:b0:c1:a1:
55:d4:48:5e:86:0b:2f:dd:0f:ca:6d:da:b1:57:8d:
8e:0e:10:eb:f6:d9:88:75:ea:ee:1e:6e:dd:f2:b3:
5a:4a:34:a6:6f:a9:81:5d:c8:a3:48:07:9c:5e:26:
c9:e8:74:0c:5d:94:72:94:e0:48:6d:e9:8d:80:a6:
ba:49:21:9b:96:59:cb:bf:ec:80:d1:8d:c2:99:d6:
75:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:40:B3:F2:D3:EA:A1:8A:24:FC:D6:C9:AF:F6:84:19:A1:36:66:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/18
Signature Algorithm: sha256WithRSAEncryption
c4:b5:8e:bd:f3:74:23:a8:1c:ac:a9:ed:64:e1:ad:cf:29:4d:
47:08:e8:70:69:6b:cf:ee:11:2e:a2:2a:4e:b5:12:70:5c:84:
6c:8a:89:da:80:8b:e0:72:22:a9:2a:f4:d8:6d:0a:9f:9b:c3:
12:c6:0b:1f:e7:75:e3:00:09:59:37:5e:df:bb:9f:5c:3f:64:
1c:43:4e:9c:95:12:a7:4d:27:e3:c9:26:29:c1:94:97:f2:a5:
b6:8b:d0:c9:71:a2:82:06:33:c0:06:ca:83:bb:96:cc:40:04:
59:53:07:ce:4c:b6:be:31:a9:cc:b9:ff:28:5e:dc:34:65:11:
88:5f:b1:7c:39:ff:e3:a0:65:33:ad:89:74:70:4c:bd:cb:9e:
f3:b6:6f:a1:56:fc:f2:bb:a0:08:1d:8c:3b:0b:a5:76:b9:91:
7b:c1:2b:dd:fe:06:46:2a:05:e3:fe:bc:fd:83:3a:cb:ff:df:
b8:c7:9a:62:67:69:fb:3e:94:ad:50:49:62:0b:ed:26:10:d1:
d9:e0:81:82:41:00:f4:dc:17:fe:6f:f2:64:04:79:66:69:fc:
5a:0f:80:a0:7d:3a:fa:a7:b0:89:27:53:cd:76:ea:11:a2:94:
6a:4e:21:5d:dd:57:bf:78:2e:4b:4d:1e:f0:a1:9e:0c:46:00:
51:eb:86:2e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTVmUs47n9flMbE/3TYgcAewtpwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwNTJaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2MzZmMDNhNjc2ZWMwNTRhYTM1MTVhOGU1YmZmMzkwZWIwMWRiYTlhMWQ5
MTkwYTJmOWU4ZmZiOGYyODI4ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzSBx988sMnod08ZWqrolo8mx2D4CdOLiZRI06V88XRVmlLEIpCcFwA7Vys
Pe2ZfEBaneTNLWTYqkH7Rx0KuHHoMo9cg04G/jnL7JinhtqI5yPgNIKiRDXqpljn
txGMWKOIkMZMlT4h92U5dNLw2gb0Vcwb9+LO6+c++mmX/BEAoFSz5PehVZF4Lb02
6BKc72RR9pTCSdCZ3rAPrY4pRs7VajFAc0NYNqa2V3B5uJtLsMGhVdRIXoYLL90P
ym3asVeNjg4Q6/bZiHXq7h5u3fKzWko0pm+pgV3Io0gHnF4myeh0DF2UcpTgSG3p
jYCmukkhm5ZZy7/sgNGNwpnWdRsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSoQLPy
0+qhiiT81smv9oQZoTZmmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzMDQ3ZWQtNjA3NC00NzlkLTlkODUtMjYzMzQwODVlNDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAxLWOvfN0I6gcrKntZOGtzylNRwjocGlrz+4RLqIq
TrUScFyEbIqJ2oCL4HIiqSr02G0Kn5vDEsYLH+d14wAJWTde37ufXD9kHENOnJUS
p00n48kmKcGUl/KltovQyXGiggYzwAbKg7uWzEAEWVMHzky2vjGpzLn/KF7cNGUR
iF+xfDn/46BlM62JdHBMvcue87ZvoVb88rugCB2MOwuldrmRe8Er3f4GRioF4/68
/YM6y//fuMeaYmdp+z6UrVBJYgvtJhDR2eCBgkEA9NwX/m/yZAR5Zmn8Wg+AoH06
+qewiSdTzXbqEaKUak4hXd1Xv3guS00e8KGeDEYAUeuGLg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:23 2025 by rpki-client