Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
File: e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa (raw, json)
Hash identifier: hbC1SMgmtDJzYEdTfPqEIeEoc3SJuha7aaLUlWPiIjo=
Subject key identifier: 02:85:EE:41:29:35:71:1D:9F:23:3A:A8:FC:19:5B:1D:89:C4:83:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 62C8B417644306E4AA93B63BA12261D0E18EDB70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
Signing time: Tue 15 Apr 2025 15:01:30 +0000
ROA not before: Tue 15 Apr 2025 15:01:30 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:c8:b4:17:64:43:06:e4:aa:93:b6:3b:a1:22:61:d0:e1:8e:db:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:30 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=d1397f1fff8cb088a2d97fbc7bd646b04f350958c55c6db87487c158d73ee028, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:35:8a:31:93:be:54:8f:e0:0d:57:90:31:b8:
26:23:8c:4c:bb:84:14:d3:b2:b2:55:bd:98:84:88:
b4:23:6d:2f:3d:1a:d2:77:1c:b3:9c:dd:86:c5:d4:
f9:bb:6c:83:c0:78:ae:b7:4e:cf:83:b1:89:29:e9:
de:2a:53:a2:d5:14:52:32:99:81:59:85:d8:9c:ea:
0e:4d:93:63:7d:dc:74:c9:ed:c1:38:c0:ee:07:c0:
4f:50:8f:85:c7:dd:54:fb:96:18:9d:fb:e3:9b:d3:
39:8f:7f:57:5d:86:1c:63:14:63:4d:c4:d9:c3:54:
93:4f:ce:2e:12:20:54:05:d8:71:a0:d4:c3:f3:61:
3c:0c:f1:32:d1:7a:86:fc:af:6e:30:86:54:f2:e1:
39:d9:fd:c9:6b:f4:1f:e2:e9:0f:68:a1:09:75:c8:
3e:62:f4:d4:d8:a5:81:d6:a1:35:89:ad:f1:d2:0c:
dd:35:9b:c8:c0:a6:e6:15:c3:6c:73:76:ed:e8:ef:
84:d1:f5:4e:9f:ef:5f:3d:ac:a0:0a:b6:28:45:7c:
ba:d5:9d:9c:9a:2a:ad:7a:7c:f0:aa:d7:97:b8:48:
9c:07:9f:7b:14:f3:fb:c9:1c:96:a5:fa:f0:7a:86:
cc:ec:57:af:03:4e:50:8a:ac:69:38:16:ac:a0:a1:
b8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:85:EE:41:29:35:71:1D:9F:23:3A:A8:FC:19:5B:1D:89:C4:83:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e52e9dad-cbf3-4ac0-a52e-da2bf03e90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.40.0/22
Signature Algorithm: sha256WithRSAEncryption
15:97:ae:01:f0:fd:87:bb:14:f8:9f:2e:e6:8e:13:8b:99:57:
27:94:f6:6b:11:7f:90:2e:52:53:fc:21:08:b3:06:b9:7a:ad:
e1:c8:36:bb:68:8f:9b:0a:27:47:22:82:e3:c2:e2:fe:16:66:
d6:c6:b9:42:1e:fb:29:09:67:3d:30:ff:ce:3e:ab:54:9a:f9:
f4:97:cf:68:e1:a8:ff:1f:f8:33:93:6e:4b:d7:62:03:75:b8:
24:57:94:6a:ae:a2:9d:21:93:9b:6e:9f:64:24:a7:c1:a8:be:
31:3c:5e:2c:86:cd:61:fc:9a:71:f7:99:e6:ec:e3:7b:1d:d8:
98:90:76:46:3b:fa:51:2b:f3:66:ea:a3:0e:67:f1:a9:8a:ba:
c7:e2:e6:ea:54:94:99:6a:a2:d4:e3:8c:38:88:b6:b9:74:57:
a0:6c:a3:28:a0:ac:b9:1a:3c:b9:72:9b:09:f8:2f:c6:48:a3:
20:5e:74:56:af:38:2c:63:27:63:b5:83:85:b6:95:32:62:32:
f5:b3:aa:7c:7b:09:cd:b8:9e:33:d7:1e:e8:b8:fd:84:c4:8c:
9b:02:88:7a:7d:d4:b0:08:2a:1c:98:c4:22:fb:a5:d2:b8:0b:
1b:32:98:45:6b:ea:89:7f:df:ea:62:10:bd:2a:ae:d2:9c:02:
9e:31:22:54
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYsi0F2RDBuSqk7Y7oSJh0OGO23AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMzBaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxMzk3ZjFmZmY4Y2IwODhhMmQ5N2ZiYzdiZDY0NmIwNGYzNTA5NThjNTVj
NmRiODc0ODdjMTU4ZDczZWUwMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO01ijGTvlSP4A1XkDG4JiOMTLuEFNOyslW9mISItCNtLz0a0nccs5zdhsXU
+btsg8B4rrdOz4OxiSnp3ipTotUUUjKZgVmF2JzqDk2TY33cdMntwTjA7gfAT1CP
hcfdVPuWGJ3745vTOY9/V12GHGMUY03E2cNUk0/OLhIgVAXYcaDUw/NhPAzxMtF6
hvyvbjCGVPLhOdn9yWv0H+LpD2ihCXXIPmL01NilgdahNYmt8dIM3TWbyMCm5hXD
bHN27ejvhNH1Tp/vXz2soAq2KEV8utWdnJoqrXp88KrXl7hInAefexTz+8kclqX6
8HqGzOxXrwNOUIqsaTgWrKChuJECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQChe5B
KTVxHZ8jOqj8GVsdicSDkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUyZTlkYWQtY2JmMy00YWMwLWE1MmUtZGEyYmYwM2U5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiKDAN
BgkqhkiG9w0BAQsFAAOCAQEAFZeuAfD9h7sU+J8u5o4Ti5lXJ5T2axF/kC5SU/wh
CLMGuXqt4cg2u2iPmwonRyKC48Li/hZm1sa5Qh77KQlnPTD/zj6rVJr59JfPaOGo
/x/4M5NuS9diA3W4JFeUaq6inSGTm26fZCSnwai+MTxeLIbNYfyacfeZ5uzjex3Y
mJB2Rjv6USvzZuqjDmfxqYq6x+Lm6lSUmWqi1OOMOIi2uXRXoGyjKKCsuRo8uXKb
CfgvxkijIF50Vq84LGMnY7WDhbaVMmIy9bOqfHsJzbieM9ce6Lj9hMSMmwKIen3U
sAgqHJjEIvul0rgLGzKYRWvqiX/f6mIQvSqu0pwCnjEiVA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:25 2025 by rpki-client