Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
File: 995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa (raw, json)
Hash identifier: jNhUTbFzjjif1JhkGiuP3WSivPQMrX7e4lpPr2yuLqw=
Subject key identifier: 5C:81:50:58:6E:24:F7:CF:2B:FC:C2:AA:03:A7:D2:5B:FE:76:6E:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14096C560818CD3706F4BE0679D2ED94BC1659C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
Signing time: Tue 15 Apr 2025 15:01:28 +0000
ROA not before: Tue 15 Apr 2025 15:01:28 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:09:6c:56:08:18:cd:37:06:f4:be:06:79:d2:ed:94:bc:16:59:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:28 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=d3ae79a2356d79a9d4141d4e44729b427c5254743c1c4c38a2f324f7808c1e3f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c7:f9:e3:0a:14:22:7b:0e:bc:64:fa:4e:e9:
71:b2:ee:0a:f4:00:0d:f6:4e:56:05:c7:c4:f6:28:
4f:62:42:15:31:43:21:7f:8c:af:72:b6:bb:b3:c4:
d1:93:3b:d8:1b:3a:f6:f6:26:80:3d:e2:71:f9:4c:
0e:23:ee:d8:e2:20:61:aa:8c:f9:0d:81:12:32:af:
06:56:3f:ca:8c:14:57:cb:bc:97:c3:62:a2:ff:5d:
62:38:4c:e6:82:5b:61:7a:a1:f0:30:2c:a9:a6:6c:
9a:16:78:b8:d5:30:af:00:60:ff:6a:c6:4a:6e:78:
49:cf:99:80:c7:44:b6:1f:0d:03:7c:2d:b2:48:dc:
ac:e2:b0:49:e8:40:f2:3d:c7:3d:30:69:d8:4d:d8:
1e:49:f1:62:2b:db:62:47:a3:0f:f1:51:47:91:17:
a0:f6:9a:dd:f9:ac:09:d6:c8:3f:43:82:90:2a:02:
7e:7d:b7:82:9f:2c:67:47:52:32:fa:89:02:e8:7e:
fb:ff:6b:83:7a:85:c6:7e:68:a2:f6:cd:b3:cb:82:
f8:43:24:ad:54:f6:54:c3:45:6f:08:aa:ac:57:d1:
b2:1e:76:0b:e7:3c:33:85:8f:11:26:77:2f:40:30:
1d:79:1f:ee:c0:23:d9:12:c9:c5:7b:41:a4:95:cb:
7b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:81:50:58:6E:24:F7:CF:2B:FC:C2:AA:03:A7:D2:5B:FE:76:6E:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/995d4f8d-0bcd-4b30-9dbe-42bcdbeb0464.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.16.0/22
Signature Algorithm: sha256WithRSAEncryption
32:53:0a:2d:43:84:52:c9:4d:4c:6e:06:2c:8a:6d:4b:7c:b1:
71:0f:d7:36:94:47:82:c2:8e:cb:91:28:d7:7c:c0:58:90:ef:
37:e2:2c:b6:83:3a:a6:f9:22:1d:e1:a8:07:f2:f9:80:24:57:
81:b0:44:33:a3:68:25:73:d4:db:32:97:ea:00:a4:5c:69:4f:
62:be:67:8d:cf:54:e9:51:98:dc:cc:55:c6:3b:22:52:74:58:
b5:b7:97:07:51:4d:10:4d:d9:f6:20:d6:58:83:e5:fd:aa:49:
7d:86:08:84:98:e6:07:14:b3:4b:5e:c4:f2:85:dd:e1:b7:15:
dd:3e:24:a3:5b:f7:84:c4:90:6a:60:f2:b3:3d:ea:ab:31:34:
4f:ff:66:c6:bc:1b:99:05:58:82:24:81:2e:cb:72:83:e6:f2:
d8:18:28:20:14:76:53:10:56:dd:df:3f:00:27:55:c7:32:47:
e5:07:e1:c4:f3:0b:d8:92:b7:7c:df:a0:86:d0:11:19:6c:79:
f3:fb:2d:20:81:18:37:af:19:32:16:23:e7:db:38:5b:0c:a9:
be:a2:f2:c3:fd:ed:70:f2:98:d7:73:c5:f6:f0:a2:db:e8:44:
ef:93:2e:f3:cd:6b:58:2e:aa:f2:02:ae:9d:e6:dc:b1:26:ef:
98:33:55:88
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFAlsVggYzTcG9L4GedLtlLwWWccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMjhaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzYWU3OWEyMzU2ZDc5YTlkNDE0MWQ0ZTQ0NzI5YjQyN2M1MjU0NzQzYzFj
NGMzOGEyZjMyNGY3ODA4YzFlM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvH+eMKFCJ7Drxk+k7pcbLuCvQADfZOVgXHxPYoT2JCFTFDIX+Mr3K2u7PE
0ZM72Bs69vYmgD3icflMDiPu2OIgYaqM+Q2BEjKvBlY/yowUV8u8l8Niov9dYjhM
5oJbYXqh8DAsqaZsmhZ4uNUwrwBg/2rGSm54Sc+ZgMdEth8NA3wtskjcrOKwSehA
8j3HPTBp2E3YHknxYivbYkejD/FRR5EXoPaa3fmsCdbIP0OCkCoCfn23gp8sZ0dS
MvqJAuh++/9rg3qFxn5oovbNs8uC+EMkrVT2VMNFbwiqrFfRsh52C+c8M4WPESZ3
L0AwHXkf7sAj2RLJxXtBpJXLe3sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRcgVBY
biT3zyv8wqoDp9Jb/nZuADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk1ZDRmOGQtMGJjZC00YjMwLTlkYmUtNDJiY2RiZWIwNDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiEDAN
BgkqhkiG9w0BAQsFAAOCAQEAMlMKLUOEUslNTG4GLIptS3yxcQ/XNpRHgsKOy5Eo
13zAWJDvN+IstoM6pvkiHeGoB/L5gCRXgbBEM6NoJXPU2zKX6gCkXGlPYr5njc9U
6VGY3MxVxjsiUnRYtbeXB1FNEE3Z9iDWWIPl/apJfYYIhJjmBxSzS17E8oXd4bcV
3T4ko1v3hMSQamDysz3qqzE0T/9mxrwbmQVYgiSBLstyg+by2BgoIBR2UxBW3d8/
ACdVxzJH5QfhxPML2JK3fN+ghtARGWx58/stIIEYN68ZMhYj59s4WwypvqLyw/3t
cPKY13PF9vCi2+hE75Mu881rWC6q8gKunebcsSbvmDNViA==
-----END CERTIFICATE-----
Generated at Mon May 5 13:25:25 2025 by rpki-client