Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
File: b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa (raw, json)
Hash identifier: tYI0WLIXcaNUNQpPmXUDr5qlwOINmFeaQIJgJ4AIHHE=
Subject key identifier: 9C:9F:62:1B:F4:91:D8:A5:48:5B:2B:44:CF:B7:71:DB:3F:1A:54:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 305CD9675943CAED62DD87F1976C64A25C3A3F40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
Signing time: Tue 01 Jul 2025 15:00:08 +0000
ROA not before: Tue 01 Jul 2025 15:00:08 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:5c:d9:67:59:43:ca:ed:62:dd:87:f1:97:6c:64:a2:5c:3a:3f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:08 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=9a63873d8436b829a148bb946bc6f8a95ed6da3306526f08b69dc487348277fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8b:7a:ad:f2:a9:88:de:8d:03:8b:34:eb:0a:
48:55:c3:61:27:94:b2:11:2f:0d:be:e6:27:68:6d:
60:5c:a2:4e:33:f0:5b:42:c4:6a:92:c1:b8:bf:2e:
56:49:db:34:65:c7:fd:52:7d:9e:f4:52:dd:62:67:
2f:41:07:5f:5c:66:60:d0:26:70:57:eb:0f:23:10:
fc:69:d7:c7:33:19:47:47:e3:09:af:87:bb:13:17:
8a:88:af:a1:5b:2d:3b:01:9a:5e:cf:49:6c:4c:f1:
1c:a6:61:21:7e:29:8d:d6:e4:3f:f8:a0:c8:2a:ea:
a5:1a:d3:1c:f5:74:64:62:39:71:57:96:5b:e9:fc:
92:39:e6:4d:3a:0f:88:61:c9:a3:04:fd:aa:af:56:
be:79:96:40:be:27:ac:d1:76:af:8d:ed:c3:af:4f:
4a:0c:07:8f:66:48:cb:04:1f:4c:f5:91:aa:99:98:
08:c1:0b:0e:04:0f:c4:e4:f1:71:f3:93:26:ba:16:
12:92:a3:4f:de:3d:0f:4d:0f:12:61:3f:52:38:db:
9d:ce:8d:e8:57:7e:6f:60:44:3a:66:0b:cb:19:76:
84:a3:05:4b:f0:95:ce:0e:42:f6:63:a4:42:eb:35:
50:9f:9a:40:05:fe:f1:65:52:f7:4d:b0:2e:cf:9b:
40:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9F:62:1B:F4:91:D8:A5:48:5B:2B:44:CF:B7:71:DB:3F:1A:54:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:c0:8f:36:ed:c5:ea:ef:aa:7a:e9:b8:7a:36:ac:04:ce:a1:
cc:6b:84:98:5f:f1:89:a0:38:41:45:06:ee:df:95:11:82:05:
49:47:b9:6f:42:61:b7:89:dc:3d:5f:51:07:93:28:a2:4b:74:
8f:fb:0b:7f:fe:aa:f1:c0:54:2b:32:f2:ff:8d:3c:46:f2:76:
f0:ca:5f:11:29:ba:a1:c5:38:10:04:ed:41:a3:a6:8b:0e:ac:
d6:a2:54:30:18:ab:7b:c3:33:d6:04:9d:c9:1f:76:2e:4e:c1:
cb:26:40:89:78:ac:29:49:51:8b:68:b7:61:c8:c6:48:90:cf:
13:46:d3:4d:79:17:b5:44:ba:50:57:35:4f:aa:a6:79:7b:b7:
c9:48:26:a2:47:d4:11:68:79:b7:1b:60:fb:1d:20:76:f3:a5:
f1:d7:03:41:62:47:33:29:10:5e:7d:aa:3f:e3:af:f9:7e:93:
a6:26:8f:47:18:3e:62:5b:24:c6:c4:c6:a8:57:fe:20:ee:e9:
20:64:cd:8d:62:7b:06:b2:73:68:a3:d3:46:a4:71:02:e9:3a:
7f:ef:bc:72:18:75:b4:1e:da:b3:ce:31:f7:07:0d:3f:70:70:
4e:5b:a8:2e:12:cd:6a:cf:0b:3a:8b:f1:cb:ce:b9:56:fc:37:
97:5d:7a:0f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMFzZZ1lDyu1i3Yfxl2xkolw6P0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMDhaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhNjM4NzNkODQzNmI4MjlhMTQ4YmI5NDZiYzZmOGE5NWVkNmRhMzMwNjUy
NmYwOGI2OWRjNDg3MzQ4Mjc3ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyLeq3yqYjejQOLNOsKSFXDYSeUshEvDb7mJ2htYFyiTjPwW0LEapLBuL8u
VknbNGXH/VJ9nvRS3WJnL0EHX1xmYNAmcFfrDyMQ/GnXxzMZR0fjCa+HuxMXioiv
oVstOwGaXs9JbEzxHKZhIX4pjdbkP/igyCrqpRrTHPV0ZGI5cVeWW+n8kjnmTToP
iGHJowT9qq9WvnmWQL4nrNF2r43tw69PSgwHj2ZIywQfTPWRqpmYCMELDgQPxOTx
cfOTJroWEpKjT949D00PEmE/Ujjbnc6N6Fd+b2BEOmYLyxl2hKMFS/CVzg5C9mOk
Qus1UJ+aQAX+8WVS902wLs+bQEECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBScn2Ib
9JHYpUhbK0TPt3HbPxpULzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmZjM5MmUtMDljMC00YjdjLWJkZDUtNWZiMTMxNmUzOThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAPMCPNu3F6u+qeum4ejasBM6hzGuEmF/xiaA4QUUG
7t+VEYIFSUe5b0Jht4ncPV9RB5Mookt0j/sLf/6q8cBUKzLy/408RvJ28MpfESm6
ocU4EATtQaOmiw6s1qJUMBire8Mz1gSdyR92Lk7ByyZAiXisKUlRi2i3YcjGSJDP
E0bTTXkXtUS6UFc1T6qmeXu3yUgmokfUEWh5txtg+x0gdvOl8dcDQWJHMykQXn2q
P+Ov+X6TpiaPRxg+YlskxsTGqFf+IO7pIGTNjWJ7BrJzaKPTRqRxAuk6f++8chh1
tB7as84x9wcNP3BwTluoLhLNas8LOovxy865Vvw3l116Dw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:33:49 2025 by rpki-client