Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
File: b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa (raw, json)
Hash identifier: nak8Dd5oNlXzD9OswJOfoZAm71petlawu1n90uKA1eU=
Subject key identifier: 26:9C:B1:F6:82:D0:06:8B:BD:46:CE:22:C7:92:A2:A4:8A:45:AA:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3597216EBA7E4403F524D8C0611C65CEEA401ECF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
Signing time: Tue 15 Apr 2025 15:01:16 +0000
ROA not before: Tue 15 Apr 2025 15:01:16 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:97:21:6e:ba:7e:44:03:f5:24:d8:c0:61:1c:65:ce:ea:40:1e:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 15 15:01:16 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=645e9125361722ae68bf6769bae7d82db3a2975f5051039ad2c8963b60865521, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:06:ee:f7:25:53:8f:7b:05:59:d9:ea:b3:e0:
37:f3:bb:80:70:e4:bb:4a:31:ba:42:86:88:c6:b4:
ac:5e:22:fb:ab:47:5b:6e:1a:fe:b2:9e:7c:14:52:
38:95:00:3a:1f:c1:9c:3c:47:66:6c:85:16:0d:f0:
b1:3e:78:01:ea:f8:51:ac:8d:50:31:7f:1f:cb:de:
9c:1a:f1:c0:2f:94:4a:82:ee:41:f5:26:95:8b:6e:
d1:66:5d:4e:9d:5f:bd:a5:ae:87:4e:35:57:22:ef:
95:f0:bd:de:bf:2c:49:7e:a0:80:d1:72:49:63:72:
d7:11:5a:6a:80:a6:4b:31:fa:47:89:b4:8a:44:46:
d7:87:bc:ef:ef:7d:ca:e0:26:7d:d6:58:b9:a3:74:
8a:42:92:f7:0d:2e:67:8b:97:cd:78:b1:d7:d5:c9:
ab:9d:c2:50:47:0e:1a:f6:45:b9:22:86:aa:a1:d7:
98:19:13:78:0f:11:e8:15:b9:a1:5b:fa:2b:35:c8:
6a:ac:09:d7:22:35:76:3b:77:bc:6f:57:e1:45:f3:
ae:be:f7:0d:fe:7e:db:43:ed:33:86:04:fe:75:5f:
2f:62:58:ca:87:01:49:a1:bc:21:90:66:93:e5:fb:
61:23:da:55:84:9a:01:86:8e:9f:51:d1:36:20:5f:
38:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9C:B1:F6:82:D0:06:8B:BD:46:CE:22:C7:92:A2:A4:8A:45:AA:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
1c:9a:3b:3e:35:7e:8d:0d:67:18:9a:9a:ed:69:95:7b:a8:a3:
a3:e9:df:e2:6a:ee:20:23:21:d6:fb:5c:00:90:d1:fc:48:50:
29:cf:dc:2a:b2:3a:5a:48:bb:93:3a:f8:3e:66:84:10:08:5b:
26:2a:53:4a:1b:a0:28:06:1d:05:c4:bb:8e:0a:81:ce:35:a8:
8a:f3:b4:a8:37:94:d8:9d:c2:17:fc:71:7d:1b:45:b9:e8:1c:
00:c3:f0:9f:83:1b:b4:c8:cf:e9:fc:24:b6:4a:6c:39:b0:cc:
5c:7e:e3:35:11:17:82:69:90:85:81:1f:c1:78:68:df:d8:20:
31:ab:54:a4:06:6f:1b:a3:95:ac:09:4b:4e:5c:c6:d4:03:e5:
6a:c8:d3:2d:ba:68:5f:fc:82:04:c5:48:20:94:4b:7e:0e:8f:
55:76:0d:be:d9:4d:cf:4b:f3:1e:1d:28:b8:fb:5c:ba:66:c5:
7b:c6:80:53:80:13:59:ba:87:c2:31:46:33:1e:05:33:30:c1:
07:ec:32:c1:3e:73:b9:15:42:ab:16:ce:85:98:bd:46:2a:94:
41:45:77:b8:69:d2:c7:1d:91:b9:cb:0f:8a:09:43:fd:79:4a:
9a:39:aa:df:ca:3b:63:85:ee:5d:ab:34:f6:41:25:01:1a:d6:
a6:46:a6:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNZchbrp+RAP1JNjAYRxlzupAHs8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTUxNTAxMTZaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NWU5MTI1MzYxNzIyYWU2OGJmNjc2OWJhZTdkODJkYjNhMjk3NWY1MDUx
MDM5YWQyYzg5NjNiNjA4NjU1MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQG7vclU497BVnZ6rPgN/O7gHDku0oxukKGiMa0rF4i+6tHW24a/rKefBRS
OJUAOh/BnDxHZmyFFg3wsT54Aer4UayNUDF/H8venBrxwC+USoLuQfUmlYtu0WZd
Tp1fvaWuh041VyLvlfC93r8sSX6ggNFySWNy1xFaaoCmSzH6R4m0ikRG14e87+99
yuAmfdZYuaN0ikKS9w0uZ4uXzXix19XJq53CUEcOGvZFuSKGqqHXmBkTeA8R6BW5
oVv6KzXIaqwJ1yI1djt3vG9X4UXzrr73Df5+20PtM4YE/nVfL2JYyocBSaG8IZBm
k+X7YSPaVYSaAYaOn1HRNiBfONMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQmnLH2
gtAGi71GziLHkqKkikWq8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmZjM5MmUtMDljMC00YjdjLWJkZDUtNWZiMTMxNmUzOThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHJo7PjV+jQ1nGJqa7WmVe6ijo+nf4mruICMh1vtc
AJDR/EhQKc/cKrI6Wki7kzr4PmaEEAhbJipTShugKAYdBcS7jgqBzjWoivO0qDeU
2J3CF/xxfRtFuegcAMPwn4MbtMjP6fwktkpsObDMXH7jNREXgmmQhYEfwXho39gg
MatUpAZvG6OVrAlLTlzG1APlasjTLbpoX/yCBMVIIJRLfg6PVXYNvtlNz0vzHh0o
uPtcumbFe8aAU4ATWbqHwjFGMx4FMzDBB+wywT5zuRVCqxbOhZi9RiqUQUV3uGnS
xx2RucsPiglD/XlKmjmq38o7Y4XuXas09kElARrWpkampg==
-----END CERTIFICATE-----
Generated at Tue May 6 06:36:07 2025 by rpki-client