Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
File: 1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa (raw, json)
Hash identifier: 6Hx+pzZXv/3VF1jwGgYcvOoJu3WCHMMFRnxiTsHBPxQ=
Subject key identifier: 55:36:A6:C0:FF:34:A9:C9:AC:6A:15:52:42:B5:94:FB:40:05:B6:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AF91D5DE0266272AAC95B22FCA650FAB45A292B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
Signing time: Tue 01 Jul 2025 15:00:06 +0000
ROA not before: Tue 01 Jul 2025 15:00:06 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:f9:1d:5d:e0:26:62:72:aa:c9:5b:22:fc:a6:50:fa:b4:5a:29:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:06 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=3e0e4fb7460060392e02a5da9c778356c694794319f483611b3a5d8adac7ae88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:60:c0:fc:dd:fb:d5:98:9e:51:28:af:b7:de:
5c:e7:f0:c7:88:f2:7f:ae:57:a2:b7:18:ae:d4:8b:
d7:dd:ef:bb:b2:14:dc:ce:93:c8:4d:7b:af:73:a3:
3e:52:ed:89:b9:c8:03:51:39:3a:0b:22:43:11:13:
41:f0:51:ce:1a:16:a0:b4:6d:aa:f3:3d:a4:7c:47:
b7:0e:c7:f8:ec:27:d8:d7:a6:92:2e:c4:54:49:ff:
25:81:5d:14:9d:74:b2:57:db:b4:6f:fa:98:6c:49:
dc:99:84:c1:9b:c4:07:0e:d7:f2:c5:d8:65:dd:c7:
56:5d:d9:69:58:61:60:25:c1:9c:c2:c7:ef:db:89:
d6:7c:5d:5e:0d:15:aa:21:4b:0f:e0:c4:c6:6d:c7:
c3:46:05:64:31:e6:20:fd:27:ef:45:46:dc:74:dc:
35:ea:6f:d7:ed:1f:fa:f9:58:9e:fa:93:a6:f4:c1:
23:da:4a:8d:9d:fd:a9:30:b6:ef:52:c7:c6:d2:b1:
d7:43:d7:09:90:7c:c6:10:20:8f:66:f8:a9:04:16:
ab:d7:29:84:0a:bc:72:31:eb:d6:06:3f:a0:ff:b4:
5e:7f:35:20:95:ce:9e:8c:df:2b:95:80:c0:65:bb:
3e:dc:00:07:37:85:25:fa:6c:52:10:89:59:37:da:
82:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:36:A6:C0:FF:34:A9:C9:AC:6A:15:52:42:B5:94:FB:40:05:B6:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.124.0/23
Signature Algorithm: sha256WithRSAEncryption
89:d0:f5:2a:9a:cc:c9:7f:95:36:52:a4:fe:48:18:6c:40:42:
f2:08:2f:2b:fe:ae:56:49:b1:d3:aa:98:ce:cb:f8:f9:9d:b6:
c3:e5:eb:aa:84:41:b4:2d:90:20:d5:95:c0:25:da:83:22:52:
8f:ec:44:64:bd:b6:d6:19:47:a6:c5:14:b1:d7:b7:09:3e:78:
d4:76:7c:f1:d8:7e:13:9e:28:d7:0e:e0:1d:d0:33:77:22:a5:
a5:58:9f:37:fa:88:fa:41:a0:19:0c:0f:57:9a:50:8c:df:5c:
95:cc:cd:58:d3:fd:f6:df:ff:b9:69:e5:31:9b:5b:da:b8:97:
a2:05:08:4d:8d:a6:da:1c:a4:70:f2:59:af:9f:c0:2a:b3:20:
d7:bf:d9:ff:3f:2a:b8:ce:b5:01:58:f5:63:b5:fe:76:61:32:
d8:6b:eb:be:f6:6d:bb:af:80:64:ff:17:7f:14:69:98:93:5f:
49:31:89:fb:bf:73:15:25:b1:12:9e:b8:d3:07:a6:f6:34:95:
af:bb:d5:b2:c3:14:49:16:9b:ad:f7:c2:1b:73:81:54:b9:6f:
89:3d:db:ed:95:72:84:fc:a2:f8:a7:ce:98:f1:af:23:a8:e3:
b6:ec:3e:10:7c:e7:14:03:bd:82:24:50:d7:80:60:85:a6:59:
25:fa:50:ef
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUevkdXeAmYnKqyVsi/KZQ+rRaKSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMDZaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlMGU0ZmI3NDYwMDYwMzkyZTAyYTVkYTljNzc4MzU2YzY5NDc5NDMxOWY0
ODM2MTFiM2E1ZDhhZGFjN2FlODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpgwPzd+9WYnlEor7feXOfwx4jyf65XorcYrtSL193vu7IU3M6TyE17r3Oj
PlLtibnIA1E5OgsiQxETQfBRzhoWoLRtqvM9pHxHtw7H+Own2Nemki7EVEn/JYFd
FJ10slfbtG/6mGxJ3JmEwZvEBw7X8sXYZd3HVl3ZaVhhYCXBnMLH79uJ1nxdXg0V
qiFLD+DExm3Hw0YFZDHmIP0n70VG3HTcNepv1+0f+vlYnvqTpvTBI9pKjZ39qTC2
71LHxtKx10PXCZB8xhAgj2b4qQQWq9cphAq8cjHr1gY/oP+0Xn81IJXOnozfK5WA
wGW7PtwABzeFJfpsUhCJWTfagtECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRVNqbA
/zSpyaxqFVJCtZT7QAW2FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4YTcwNzYtMGM3OC00YWE2LTljMWUtZGZlYjk0NzE4OWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfDAN
BgkqhkiG9w0BAQsFAAOCAQEAidD1KprMyX+VNlKk/kgYbEBC8ggvK/6uVkmx06qY
zsv4+Z22w+XrqoRBtC2QINWVwCXagyJSj+xEZL221hlHpsUUsde3CT541HZ88dh+
E54o1w7gHdAzdyKlpVifN/qI+kGgGQwPV5pQjN9clczNWNP99t//uWnlMZtb2riX
ogUITY2m2hykcPJZr5/AKrMg17/Z/z8quM61AVj1Y7X+dmEy2GvrvvZtu6+AZP8X
fxRpmJNfSTGJ+79zFSWxEp640wem9jSVr7vVssMUSRabrffCG3OBVLlviT3b7ZVy
hPyi+KfOmPGvI6jjtuw+EHznFAO9giRQ14BghaZZJfpQ7w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:32:34 2025 by rpki-client