Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
File: 9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa (raw, json)
Hash identifier: 2tnU7ZCdIru0jWPwbIJ3cWUpkq5CcCendKhewg6lB7A=
Subject key identifier: B7:C0:78:A0:D5:EC:AD:B6:6F:5D:4C:52:B1:91:40:1F:50:1D:3F:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27AAE87963C3C9E283E6B8AE3C5EBFAABEACEDD9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
Signing time: Tue 01 Jul 2025 15:00:10 +0000
ROA not before: Tue 01 Jul 2025 15:00:10 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:aa:e8:79:63:c3:c9:e2:83:e6:b8:ae:3c:5e:bf:aa:be:ac:ed:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:10 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=899c5b242344dcd8ed7f81b832c657c51f31634caf2aa49e162caec037aeae87, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ca:88:77:e6:c8:7a:ea:a3:35:a8:c2:ad:0f:
19:c4:c2:ec:0e:3c:02:8b:d2:f0:16:69:41:74:18:
e7:93:14:fa:2d:7f:1f:6d:22:bd:64:2f:e7:b9:bb:
4e:74:94:a7:dc:ac:39:23:3b:55:82:13:04:c5:1d:
c3:9b:52:f7:d0:88:00:3d:6c:46:55:bc:48:f5:f0:
44:f3:37:e6:f6:6a:db:d5:24:53:5d:2c:e2:1e:13:
97:41:f4:01:9a:52:5f:8a:22:08:03:a3:94:0c:24:
45:4c:ca:f0:9c:d2:0a:0e:50:b2:e5:03:0c:19:11:
52:db:ab:5c:ec:21:69:c8:26:d3:ce:59:2f:2b:26:
36:61:2e:27:6b:77:6a:b4:f7:ee:df:22:49:96:8b:
f0:f6:43:85:97:69:b8:75:8d:bb:ba:16:46:9e:4a:
3c:a4:61:33:71:13:52:f1:b3:ef:6b:0d:cf:94:fb:
4f:cf:ba:df:2e:ae:e4:53:c4:2d:5d:45:24:0b:5c:
e9:d9:ac:0b:90:af:0b:3e:8a:7d:28:df:fc:a8:bb:
a5:de:2c:ba:54:94:f4:23:a8:72:28:fc:59:f2:c5:
36:e7:bc:21:83:39:03:fe:54:e1:96:2e:57:d8:19:
9f:a9:de:4b:b3:68:66:f0:12:59:48:80:00:a3:bd:
da:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C0:78:A0:D5:EC:AD:B6:6F:5D:4C:52:B1:91:40:1F:50:1D:3F:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/20
Signature Algorithm: sha256WithRSAEncryption
a5:a8:a3:1f:56:92:27:d1:02:00:3e:42:67:26:86:e0:21:0b:
1a:9c:3d:d7:8b:a8:61:f9:46:64:5a:94:c3:80:5a:4e:ca:06:
f5:c1:24:89:02:03:26:ed:ba:07:79:07:f2:54:c2:93:4b:ce:
dd:64:4f:6e:9b:f2:4a:e7:73:22:b7:fb:5f:5e:01:76:72:c4:
40:0d:db:44:b6:d3:2e:0c:45:6f:a7:91:ce:04:c4:a6:7e:f9:
10:5e:8d:c5:74:1c:d6:13:61:63:d9:2c:34:3d:08:5b:fa:ce:
60:04:2b:66:16:cc:3e:8d:e2:76:fd:90:e0:bf:37:96:09:bc:
b6:c5:12:2f:1d:db:87:5f:8f:a1:c8:cd:fe:10:0a:9d:df:55:
df:75:b4:e1:64:5a:e3:55:55:92:77:bd:d0:d5:c5:2a:b8:e7:
83:22:dd:94:07:26:9b:a5:bb:65:97:ee:50:64:34:d9:3f:38:
43:6c:20:c4:82:d1:56:95:f1:07:10:12:6f:b7:c3:ef:84:aa:
c1:7b:9e:2a:c8:bb:63:a8:b4:b0:8a:a3:77:bb:97:69:f2:46:
c5:b5:36:58:2f:e9:16:5b:a3:5a:30:c7:e9:46:e1:26:08:8f:
67:28:bb:eb:8c:cc:30:b8:a5:a2:79:88:32:3c:09:73:36:19:
c8:9d:7f:98
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJ6roeWPDyeKD5riuPF6/qr6s7dkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMTBaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5OWM1YjI0MjM0NGRjZDhlZDdmODFiODMyYzY1N2M1MWYzMTYzNGNhZjJh
YTQ5ZTE2MmNhZWMwMzdhZWFlODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7KiHfmyHrqozWowq0PGcTC7A48AovS8BZpQXQY55MU+i1/H20ivWQv57m7
TnSUp9ysOSM7VYITBMUdw5tS99CIAD1sRlW8SPXwRPM35vZq29UkU10s4h4Tl0H0
AZpSX4oiCAOjlAwkRUzK8JzSCg5QsuUDDBkRUturXOwhacgm085ZLysmNmEuJ2t3
arT37t8iSZaL8PZDhZdpuHWNu7oWRp5KPKRhM3ETUvGz72sNz5T7T8+63y6u5FPE
LV1FJAtc6dmsC5CvCz6KfSjf/Ki7pd4sulSU9COocij8WfLFNue8IYM5A/5U4ZYu
V9gZn6neS7NoZvASWUiAAKO92mMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS3wHig
1eyttm9dTFKxkUAfUB0/hjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5NzI4NWYtZGRiZS00NTI1LWFjNjItYTk2ZDJmYmI1Y2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEApaijH1aSJ9ECAD5CZyaG4CELGpw914uoYflGZFqU
w4BaTsoG9cEkiQIDJu26B3kH8lTCk0vO3WRPbpvySudzIrf7X14BdnLEQA3bRLbT
LgxFb6eRzgTEpn75EF6NxXQc1hNhY9ksND0IW/rOYAQrZhbMPo3idv2Q4L83lgm8
tsUSLx3bh1+PocjN/hAKnd9V33W04WRa41VVkne90NXFKrjngyLdlAcmm6W7ZZfu
UGQ02T84Q2wgxILRVpXxBxASb7fD74SqwXueKsi7Y6i0sIqjd7uXafJGxbU2WC/p
FlujWjDH6UbhJgiPZyi764zMMLilonmIMjwJczYZyJ1/mA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:21 2025 by rpki-client