Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: J6EdbeEGSHaZHvIFIObelkMmi68AxbBkQgjvNCL9XmI=
Subject key identifier: C6:F3:6C:0E:70:5C:1F:56:57:90:4D:80:7D:CF:13:C5:73:EC:E2:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DD937F618854C621C98D417EF7159AACB598B10
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Fri 25 Apr 2025 18:10:39 +0000
ROA not before: Fri 25 Apr 2025 18:10:39 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:d9:37:f6:18:85:4c:62:1c:98:d4:17:ef:71:59:aa:cb:59:8b:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 25 18:10:39 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=c46f42bbd0387c87e42d649aaaf4759b31efc3febcb3adcec3c137f19e599aba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e7:78:dc:f5:7d:b0:7d:ef:6b:8d:a8:58:00:
a6:ec:7d:4e:3f:90:80:97:31:6f:e5:a7:94:d1:1c:
ac:ab:30:d3:80:8d:99:5e:ca:25:b1:b9:e8:55:54:
18:8c:a8:5a:80:3a:e1:62:ff:2f:31:03:f2:2d:1a:
bb:b2:23:15:5b:3e:d3:82:54:10:a3:ec:95:ae:ba:
65:c7:2e:aa:fe:88:92:08:ad:54:37:74:ab:25:8a:
db:09:16:12:49:8b:64:f1:08:4f:d5:a7:65:fb:f7:
35:57:17:c1:d4:fe:94:f4:ce:5e:04:19:6c:91:4b:
e0:25:ce:c9:73:68:85:c5:95:69:13:78:67:e3:07:
e9:69:52:cc:cd:59:c0:28:ff:73:6a:de:45:b6:88:
6a:0a:6d:16:a1:47:2b:b7:e7:dc:35:78:59:3f:4d:
12:1a:dd:e1:e5:7c:48:a1:25:c8:62:89:d4:8e:2c:
63:56:dc:45:25:3b:44:41:3a:93:57:61:75:8f:d0:
b0:3f:98:8c:b9:30:c7:4e:e1:d0:b2:62:d4:1e:9f:
ad:ac:a7:82:4b:63:cb:23:f5:99:31:07:c1:86:5c:
45:35:c6:91:78:1a:b8:43:d7:ee:52:ed:c0:51:2f:
94:d5:af:0f:fa:87:6d:8e:68:d9:a4:87:83:db:2b:
be:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F3:6C:0E:70:5C:1F:56:57:90:4D:80:7D:CF:13:C5:73:EC:E2:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
40:4e:de:6d:66:ad:fb:61:81:ed:0e:18:c8:c7:5a:ff:70:40:
c7:76:3f:10:52:be:22:87:21:12:21:43:10:e2:ea:7e:44:cc:
43:fc:c7:c1:e4:08:91:c1:ad:51:b7:18:ba:90:0d:d6:c9:c4:
6a:e9:fc:8a:6e:36:d4:d0:de:c7:7b:af:75:96:54:02:f4:64:
d8:76:3b:d4:b9:c6:5a:de:fd:39:d9:c3:31:9a:f1:bc:b2:ac:
2e:4f:46:a2:97:e2:f5:bc:33:96:40:30:5f:c9:c7:ff:49:0c:
3f:d7:9c:77:4e:3b:e7:c0:a7:f6:71:36:37:61:a7:8c:0d:2b:
0c:d9:6a:5f:76:b8:c4:2e:fd:36:de:6d:c0:29:d4:55:89:7e:
de:e5:01:c8:41:8d:57:c4:bb:e6:72:d9:13:f0:23:81:1c:73:
cd:f6:f6:1c:f4:a3:a0:99:f6:35:7c:92:9d:57:99:d3:dd:31:
c7:3b:5e:80:12:f7:85:f2:5d:a7:81:9e:8c:5c:45:ac:70:82:
3c:b1:5c:f1:36:78:22:2a:ae:e0:ba:f9:80:10:b6:6a:6a:0b:
64:29:66:9e:7d:cf:6d:f0:6b:d0:ba:14:53:8e:eb:df:9f:d8:
02:ab:29:71:1d:3c:b0:f8:95:4a:da:65:b1:b5:78:10:b8:9d:
55:1e:1b:86
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfdk39hiFTGIcmNQX73FZqstZixAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjUxODEwMzlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0NmY0MmJiZDAzODdjODdlNDJkNjQ5YWFhZjQ3NTliMzFlZmMzZmViY2Iz
YWRjZWMzYzEzN2YxOWU1OTlhYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrneNz1fbB972uNqFgApux9Tj+QgJcxb+WnlNEcrKsw04CNmV7KJbG56FVU
GIyoWoA64WL/LzED8i0au7IjFVs+04JUEKPsla66Zccuqv6IkgitVDd0qyWK2wkW
EkmLZPEIT9WnZfv3NVcXwdT+lPTOXgQZbJFL4CXOyXNohcWVaRN4Z+MH6WlSzM1Z
wCj/c2reRbaIagptFqFHK7fn3DV4WT9NEhrd4eV8SKElyGKJ1I4sY1bcRSU7REE6
k1dhdY/QsD+YjLkwx07h0LJi1B6frayngktjyyP1mTEHwYZcRTXGkXgauEPX7lLt
wFEvlNWvD/qHbY5o2aSHg9srvgcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTG82wO
cFwfVleQTYB9zxPFc+ziijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAQE7ebWat+2GB7Q4YyMda/3BAx3Y/EFK+IochEiFD
EOLqfkTMQ/zHweQIkcGtUbcYupAN1snEaun8im421NDex3uvdZZUAvRk2HY71LnG
Wt79OdnDMZrxvLKsLk9Gopfi9bwzlkAwX8nH/0kMP9ecd04758Cn9nE2N2GnjA0r
DNlqX3a4xC79Nt5twCnUVYl+3uUByEGNV8S75nLZE/AjgRxzzfb2HPSjoJn2NXyS
nVeZ090xxztegBL3hfJdp4GejFxFrHCCPLFc8TZ4Iiqu4Lr5gBC2amoLZClmnn3P
bfBr0LoUU47r35/YAqspcR08sPiVStplsbV4ELidVR4bhg==
-----END CERTIFICATE-----
Generated at Mon May 5 10:33:44 2025 by rpki-client