Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
File: cdc11efb-9ca2-4459-b55a-43b03e67b183.roa (raw, json)
Hash identifier: 9sjBFlMNTU666WMLwOSyylaks4CbDPsPYo9UtdrS4mU=
Subject key identifier: 52:B7:67:07:6F:21:B2:EE:3E:3E:C0:96:3B:6E:D8:08:1D:5B:D0:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5774CAB8B6FD2745031C50B9B8EEED7FE3ABCFC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
Signing time: Fri 25 Apr 2025 18:10:35 +0000
ROA not before: Fri 25 Apr 2025 18:10:35 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:74:ca:b8:b6:fd:27:45:03:1c:50:b9:b8:ee:ed:7f:e3:ab:cf:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:35 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f432e879256ecbc9bd6391d1b3061adf0a6a7ecbc235410917da15505e7296fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:22:ab:86:94:79:f2:70:47:76:1f:8b:a5:bd:
bd:c2:77:b6:3f:6b:7c:d6:f0:26:12:97:c4:60:25:
5f:db:4f:cd:0b:c2:be:3e:ef:24:83:a8:b1:b0:71:
bd:00:47:34:c4:f5:d9:24:7b:9f:b7:a3:e6:4f:7b:
42:dc:29:8e:76:2f:d6:17:50:cd:e3:1f:4e:6a:9b:
d3:df:7c:e8:c9:b2:86:cd:a6:2c:2b:43:0a:9d:cd:
58:48:a2:20:69:8b:20:4a:d0:9e:ba:22:eb:ab:3c:
ca:87:0d:ce:8c:a7:88:a8:2b:2c:a0:5b:df:ab:71:
f3:c1:e3:b8:b0:b9:46:61:85:e7:72:cf:02:58:16:
f0:df:43:b6:c8:b4:d9:fa:48:c7:50:86:33:1e:7e:
3d:b1:9f:1d:ff:3c:3a:76:1e:96:58:4d:aa:42:b9:
5b:ad:7b:36:5d:a9:5e:82:34:37:34:2f:63:04:a3:
c6:5d:96:82:5e:f8:9e:90:f1:ce:3d:70:6a:7a:56:
8c:ec:76:7e:6a:91:e9:e4:f1:75:00:cf:45:8f:43:
2d:23:a6:64:98:31:0d:cf:60:c4:46:6d:f3:54:50:
e9:fb:6d:06:27:53:b9:73:7f:10:73:19:d0:e1:9d:
3f:fd:fc:1e:30:06:4e:99:a0:04:ba:d0:1a:10:20:
9b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B7:67:07:6F:21:B2:EE:3E:3E:C0:96:3B:6E:D8:08:1D:5B:D0:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
02:9c:79:c9:64:e9:29:ab:84:64:29:33:1d:d3:bb:f9:89:28:
d4:b0:6f:32:d0:07:d7:55:e6:2c:e0:b2:0c:7d:19:c9:0e:63:
75:cb:d2:2a:a8:c6:dc:b4:8a:8a:b7:a1:35:28:4c:ca:2f:09:
16:0f:53:d7:eb:b7:04:1a:4d:27:f5:6f:1f:e9:9a:f6:cf:33:
63:ec:1b:52:e6:a8:32:fd:96:14:fb:40:8d:af:64:39:4c:e7:
f4:d8:c5:4a:8d:13:f3:c6:83:e1:29:59:ea:8f:27:81:1d:a8:
b6:24:e9:fd:75:e9:f3:41:f7:ae:e9:cd:48:20:26:aa:8f:5e:
84:95:47:51:57:23:e9:09:23:c5:71:08:8e:71:29:57:27:2f:
9d:8f:a1:c8:4e:d7:a6:43:4c:09:a1:55:ba:e6:88:4d:11:c6:
25:19:08:c8:eb:2a:88:a2:96:bf:ad:ce:35:af:3b:bd:1c:07:
98:9d:c4:d5:b8:75:b2:ba:c4:01:46:7d:7b:22:e0:d6:b4:01:
3b:bf:cf:2d:f3:4d:f2:42:38:03:f3:89:9b:73:90:7c:8e:ff:
fc:d1:cf:3b:83:d0:fc:01:39:c9:a1:9e:33:06:73:a3:d8:da:
d2:2b:9e:44:f0:41:71:86:a1:d9:8c:d7:ca:c3:cd:17:32:64:
ae:b6:77:9c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUV3TKuLb9J0UDHFC5uO7tf+Orz8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMzVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MzJlODc5MjU2ZWNiYzliZDYzOTFkMWIzMDYxYWRmMGE2YTdlY2JjMjM1
NDEwOTE3ZGExNTUwNWU3Mjk2ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALciq4aUefJwR3Yfi6W9vcJ3tj9rfNbwJhKXxGAlX9tPzQvCvj7vJIOosbBx
vQBHNMT12SR7n7ej5k97QtwpjnYv1hdQzeMfTmqb09986Mmyhs2mLCtDCp3NWEii
IGmLIErQnroi66s8yocNzoyniKgrLKBb36tx88HjuLC5RmGF53LPAlgW8N9Dtsi0
2fpIx1CGMx5+PbGfHf88OnYellhNqkK5W617Nl2pXoI0NzQvYwSjxl2Wgl74npDx
zj1wanpWjOx2fmqR6eTxdQDPRY9DLSOmZJgxDc9gxEZt81RQ6fttBidTuXN/EHMZ
0OGdP/38HjAGTpmgBLrQGhAgm70CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRSt2cH
byGy7j4+wJY7btgIHVvQGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RjMTFlZmItOWNhMi00NDU5LWI1NWEtNDNiMDNlNjdiMTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAApx5yWTpKauEZCkzHdO7+Yko1LBvMtAH11XmLOCy
DH0ZyQ5jdcvSKqjG3LSKirehNShMyi8JFg9T1+u3BBpNJ/VvH+ma9s8zY+wbUuao
Mv2WFPtAja9kOUzn9NjFSo0T88aD4SlZ6o8ngR2otiTp/XXp80H3runNSCAmqo9e
hJVHUVcj6QkjxXEIjnEpVycvnY+hyE7XpkNMCaFVuuaITRHGJRkIyOsqiKKWv63O
Na87vRwHmJ3E1bh1srrEAUZ9eyLg1rQBO7/PLfNN8kI4A/OJm3OQfI7//NHPO4PQ
/AE5yaGeMwZzo9ja0iueRPBBcYah2YzXysPNFzJkrrZ3nA==
-----END CERTIFICATE-----
Generated at Mon May 5 13:25:22 2025 by rpki-client