Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
File: aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa (raw, json)
Hash identifier: wfBvtbcSt7NhV12r8JYeWy9+wLmvbl5GewVkyRgeeJw=
Subject key identifier: 14:50:F1:DA:63:41:69:0F:EB:92:3F:C0:FB:65:D1:5D:B5:6F:95:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76AA8B92BF4D1D983A883ED305EA3E29FC31FD6A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
Signing time: Tue 15 Apr 2025 15:00:49 +0000
ROA not before: Tue 15 Apr 2025 15:00:49 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.144.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:aa:8b:92:bf:4d:1d:98:3a:88:3e:d3:05:ea:3e:29:fc:31:fd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:00:49 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=63cf4341952877daecbd3fb15c132effbdbfbaa3bf1bc4d23d3210848bee4359, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:41:ac:20:10:30:61:a5:62:ea:e4:7c:4c:58:
a2:5f:9c:94:f2:c7:1c:5d:94:36:04:30:b9:ff:da:
89:96:5a:a5:44:35:1a:71:56:f8:4f:bc:fd:9a:40:
51:7b:fe:96:5a:39:7f:df:3c:73:ac:7d:a7:45:69:
72:31:e3:bf:0b:79:86:a6:a5:1e:1e:85:5c:5e:48:
44:1c:63:0e:25:ee:4b:62:35:ed:e8:c0:17:6a:04:
c9:f0:48:a1:7a:30:85:27:e7:51:57:fa:60:1c:05:
03:a7:36:95:96:e3:a3:d9:5c:6d:ed:72:97:10:9e:
04:d0:fb:46:6b:32:88:65:8b:d8:ed:54:65:1d:8c:
30:f4:fe:0f:53:96:35:49:e4:2e:a9:e5:f3:6f:72:
aa:ff:46:c0:b9:a4:65:53:e5:2a:37:6f:cc:b4:14:
ed:53:20:60:5b:10:07:3d:c8:84:84:1e:be:ab:86:
f2:3d:34:f0:3b:f0:39:9c:c3:0f:04:1e:88:9c:80:
90:5b:e6:0e:65:1c:31:49:f1:c4:da:15:b2:39:52:
10:1f:2c:93:89:5e:03:58:1a:a0:63:be:0d:c5:69:
be:32:54:c5:d3:d0:4d:c7:d8:29:2b:08:40:b7:72:
7f:9f:33:18:42:e6:18:46:df:cb:df:c5:bb:70:db:
ae:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:50:F1:DA:63:41:69:0F:EB:92:3F:C0:FB:65:D1:5D:B5:6F:95:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa79bb18-b74d-4cc3-ba05-20af0f9435b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.144.0/20
Signature Algorithm: sha256WithRSAEncryption
c3:cc:a5:fd:96:08:19:6d:a8:26:d2:b3:6a:fb:4c:f7:6a:40:
a8:ff:8e:27:22:52:2f:0e:45:b0:39:f2:13:92:c4:dc:6f:18:
ed:b2:0f:b2:52:f3:74:52:15:03:54:d6:6e:4b:d9:0a:e9:8d:
d2:07:74:15:37:f3:05:18:12:44:9a:ed:d9:6b:e9:f6:1c:6a:
6f:bc:61:5b:c1:12:42:45:1d:96:49:d1:4e:33:b3:ff:a0:6e:
0f:22:75:c9:58:6c:41:72:87:98:63:90:46:78:d8:5b:af:a8:
6b:a4:a5:3c:a5:9e:ad:ca:0f:90:ea:ab:c8:0d:1a:cc:b6:fb:
9f:76:f3:3a:2e:33:6c:9c:ca:bc:59:18:1f:8d:0d:53:fa:6d:
86:ef:74:e3:57:2c:be:15:ce:1a:e7:1a:16:1a:1a:29:66:99:
e1:af:8d:37:7e:4c:93:2e:c5:99:2a:7c:2e:93:94:4c:31:60:
8e:b1:de:90:ef:1b:49:6b:8f:0f:74:47:50:bb:29:2b:8b:5c:
77:4f:a4:2f:a7:94:1c:8e:d3:ca:28:81:0d:c5:b8:75:dc:d5:
68:e9:36:9f:93:d3:dc:73:28:12:75:37:99:98:62:76:8f:53:
bf:0c:67:96:eb:d8:07:73:98:0a:2e:34:aa:07:ff:3c:5f:22:
b9:c5:aa:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdqqLkr9NHZg6iD7TBeo+Kfwx/WowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAwNDlaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzY2Y0MzQxOTUyODc3ZGFlY2JkM2ZiMTVjMTMyZWZmYmRiZmJhYTNiZjFi
YzRkMjNkMzIxMDg0OGJlZTQzNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5BrCAQMGGlYurkfExYol+clPLHHF2UNgQwuf/aiZZapUQ1GnFW+E+8/ZpA
UXv+llo5f988c6x9p0VpcjHjvwt5hqalHh6FXF5IRBxjDiXuS2I17ejAF2oEyfBI
oXowhSfnUVf6YBwFA6c2lZbjo9lcbe1ylxCeBND7RmsyiGWL2O1UZR2MMPT+D1OW
NUnkLqnl829yqv9GwLmkZVPlKjdvzLQU7VMgYFsQBz3IhIQevquG8j008DvwOZzD
DwQeiJyAkFvmDmUcMUnxxNoVsjlSEB8sk4leA1gaoGO+DcVpvjJUxdPQTcfYKSsI
QLdyf58zGELmGEbfy9/Fu3DbrtcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQUUPHa
Y0FpD+uSP8D7ZdFdtW+VjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWE3OWJiMTgtYjc0ZC00Y2MzLWJhMDUtMjBhZjBmOTQzNWIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAikDAN
BgkqhkiG9w0BAQsFAAOCAQEAw8yl/ZYIGW2oJtKzavtM92pAqP+OJyJSLw5FsDny
E5LE3G8Y7bIPslLzdFIVA1TWbkvZCumN0gd0FTfzBRgSRJrt2Wvp9hxqb7xhW8ES
QkUdlknRTjOz/6BuDyJ1yVhsQXKHmGOQRnjYW6+oa6SlPKWercoPkOqryA0azLb7
n3bzOi4zbJzKvFkYH40NU/pthu9041csvhXOGucaFhoaKWaZ4a+NN35Mky7FmSp8
LpOUTDFgjrHekO8bSWuPD3RHULspK4tcd0+kL6eUHI7TyiiBDcW4ddzVaOk2n5PT
3HMoEnU3mZhido9TvwxnluvYB3OYCi40qgf/PF8iucWq/Q==
-----END CERTIFICATE-----
Generated at Mon May 5 10:34:22 2025 by rpki-client