Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json)
Hash identifier: 7HIgukqzWUoP5KH8Cy1NV38y8bzyV+iZJ9XiAPbpwsU=
Subject key identifier: FF:C8:72:F4:DB:33:A5:BE:D1:C2:AD:13:49:86:A3:6E:DD:3C:DA:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D55A9731234C69D390EF8375D7B99487142A423
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
Signing time: Tue 01 Jul 2025 15:00:10 +0000
ROA not before: Tue 01 Jul 2025 15:00:10 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:55:a9:73:12:34:c6:9d:39:0e:f8:37:5d:7b:99:48:71:42:a4:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:10 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=406219e42a5ccd37a10fd576c0e9f283f4f6336488a481c18cbfdfb729d9c962, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4d:90:1a:8c:b9:c4:3c:fa:4d:35:d7:ea:ec:
d8:b6:77:23:ab:dc:57:21:87:33:ff:d4:1f:dc:45:
a3:fe:76:d1:13:02:88:10:bb:65:8f:df:52:ff:e9:
32:9e:8e:56:a9:1e:77:8f:0c:c4:7b:78:da:e2:a7:
c5:74:5b:08:e3:4a:27:29:0a:28:5e:0d:f8:4b:20:
7d:95:c8:11:13:42:df:81:f0:ba:f1:38:21:da:1b:
cb:21:2c:78:75:3c:52:68:cf:7a:04:43:32:17:ed:
f5:bc:fd:ca:55:52:7c:f5:94:2c:a4:b9:ba:58:df:
c5:4a:6e:de:42:07:34:9e:3f:a8:5b:d9:fb:71:bf:
1a:e1:15:38:4c:64:e7:cb:34:41:bc:79:2e:3c:6c:
86:99:88:d3:14:1f:b8:2f:66:60:03:f8:91:4e:96:
1e:79:c8:7a:d0:45:42:60:06:b4:f1:03:83:61:4a:
51:0f:8a:46:f6:dc:0f:2a:41:cc:b6:bb:d7:86:a3:
31:10:69:5c:cc:40:ab:63:5d:3e:37:a6:70:13:f8:
0c:dc:73:85:0b:c4:b2:06:db:a4:7b:ac:8b:67:bd:
18:1e:87:64:36:70:e8:8b:98:14:9c:ce:a2:12:7b:
7b:38:75:ed:c7:c1:af:81:8d:dd:ef:e2:85:b0:eb:
32:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C8:72:F4:DB:33:A5:BE:D1:C2:AD:13:49:86:A3:6E:DD:3C:DA:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.88.0/21
Signature Algorithm: sha256WithRSAEncryption
95:c5:28:a6:28:56:99:6c:44:a8:e0:66:1f:45:73:41:e7:26:
2b:b1:34:0e:14:08:95:cb:9c:6b:5c:ff:be:7e:27:4a:4f:a3:
c5:5d:27:8f:30:81:54:32:8a:73:1e:0a:4a:9a:9f:aa:0a:ef:
db:ed:f1:49:38:3c:6b:06:83:f7:30:6b:38:76:f1:03:13:ba:
ca:6c:9e:8d:83:a4:df:5a:9d:e8:b2:ff:aa:02:b7:15:56:f0:
82:c4:c9:ff:b0:5e:c8:8f:9a:14:69:1d:8b:f9:19:87:3a:ad:
ca:51:7a:4f:46:82:d8:7b:db:38:ed:26:77:94:7e:b8:8b:d6:
d5:5b:73:36:8b:0d:e7:59:2d:95:1e:b5:35:a1:3e:a5:50:7d:
58:5c:b8:6c:7b:8e:df:da:41:d7:1e:92:85:5a:c6:61:8c:76:
c8:21:d2:88:e7:cb:85:b8:ad:87:ec:fa:33:8b:cc:23:72:d0:
27:f5:e9:81:87:e2:23:eb:e7:87:02:b1:27:a7:c7:55:b6:d6:
7d:97:21:a3:2e:70:c9:b8:d2:1e:e0:ff:97:bf:4d:85:50:24:
51:c9:d8:da:55:5b:f0:53:20:54:11:e9:cf:c8:d3:2f:c6:00:
70:98:5d:da:cf:5d:fc:3d:16:89:33:83:97:40:4a:b7:50:01:
5e:c1:3e:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHVWpcxI0xp05Dvg3XXuZSHFCpCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMTBaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNjIxOWU0MmE1Y2NkMzdhMTBmZDU3NmMwZTlmMjgzZjRmNjMzNjQ4OGE0
ODFjMThjYmZkZmI3MjlkOWM5NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1NkBqMucQ8+k011+rs2LZ3I6vcVyGHM//UH9xFo/520RMCiBC7ZY/fUv/p
Mp6OVqked48MxHt42uKnxXRbCONKJykKKF4N+EsgfZXIERNC34HwuvE4IdobyyEs
eHU8UmjPegRDMhft9bz9ylVSfPWULKS5uljfxUpu3kIHNJ4/qFvZ+3G/GuEVOExk
58s0Qbx5LjxshpmI0xQfuC9mYAP4kU6WHnnIetBFQmAGtPEDg2FKUQ+KRvbcDypB
zLa714ajMRBpXMxAq2NdPjemcBP4DNxzhQvEsgbbpHusi2e9GB6HZDZw6IuYFJzO
ohJ7ezh17cfBr4GN3e/ihbDrMo0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT/yHL0
2zOlvtHCrRNJhqNu3TzaRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN
BgkqhkiG9w0BAQsFAAOCAQEAlcUopihWmWxEqOBmH0VzQecmK7E0DhQIlcuca1z/
vn4nSk+jxV0njzCBVDKKcx4KSpqfqgrv2+3xSTg8awaD9zBrOHbxAxO6ymyejYOk
31qd6LL/qgK3FVbwgsTJ/7BeyI+aFGkdi/kZhzqtylF6T0aC2HvbOO0md5R+uIvW
1VtzNosN51ktlR61NaE+pVB9WFy4bHuO39pB1x6ShVrGYYx2yCHSiOfLhbith+z6
M4vMI3LQJ/XpgYfiI+vnhwKxJ6fHVbbWfZchoy5wybjSHuD/l79NhVAkUcnY2lVb
8FMgVBHpz8jTL8YAcJhd2s9d/D0WiTODl0BKt1ABXsE+/Q==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:39 2025 by rpki-client