Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
File: cdc11efb-9ca2-4459-b55a-43b03e67b183.roa (raw, json)
Hash identifier: jnh4MXjBgMpbfZ0EjF+qMBjYPq76EX0KrjOF6gi/RfA=
Subject key identifier: 66:1F:2F:34:05:6A:DD:DA:D2:68:7F:49:1C:55:09:C3:D8:B4:29:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D8B00907F08146C1128EBF024FD3B0ADA127F4F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
Signing time: Fri 11 Jul 2025 18:40:29 +0000
ROA not before: Fri 11 Jul 2025 18:40:29 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:8b:00:90:7f:08:14:6c:11:28:eb:f0:24:fd:3b:0a:da:12:7f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:29 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f15ce1e2635fbaf11460d2bffaf61726f17fb1eb99aeb244a2a1e887deb6fc46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:dc:eb:7d:6f:49:dc:12:94:bd:ea:ce:c9:a9:
2e:d7:13:0b:bc:8e:05:0c:74:fc:94:d5:6f:2c:95:
cb:eb:17:83:98:44:0b:42:f7:5f:c1:a9:84:71:53:
a9:09:1e:17:8c:90:e3:34:94:48:a1:23:b1:07:82:
0c:88:6b:e8:e9:9b:97:95:64:3c:96:ff:dd:c6:ae:
c9:97:9d:cf:99:9f:6b:46:9c:2c:77:30:51:01:0a:
00:b2:f4:b3:26:4d:76:9c:1c:9d:8d:fe:80:82:cd:
e6:ab:cd:5f:8a:0b:f2:52:b7:32:13:3d:79:01:c1:
69:a7:7d:96:d2:cd:d1:5b:45:0e:5b:07:e0:a5:1a:
0e:10:d7:84:81:e3:a0:18:11:21:c7:96:26:ca:e5:
88:7f:cc:53:80:0d:0d:15:09:f4:e1:14:f1:7f:0c:
f7:08:71:b1:5b:62:bd:fc:75:4f:c1:19:37:d7:ee:
bb:ce:83:cb:5f:b6:97:77:fe:ad:44:8d:2c:4d:2f:
c8:79:85:be:13:a3:65:c6:1b:b3:c2:1e:c0:bc:54:
8b:27:6b:9a:cd:71:d1:5c:dd:bc:5d:f8:4d:19:65:
1b:c4:29:93:24:28:eb:22:08:bf:a8:8b:50:4c:a0:
fb:48:b3:7b:4e:e2:d8:d1:d6:1a:e1:60:e2:14:23:
5a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1F:2F:34:05:6A:DD:DA:D2:68:7F:49:1C:55:09:C3:D8:B4:29:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
92:90:57:a0:a8:97:01:ea:c4:0d:9e:ec:d7:09:17:fa:a0:5c:
6f:97:a2:57:aa:44:f1:ac:3f:24:18:a6:bf:52:f8:3e:1e:f2:
dc:5a:f1:8c:d5:a6:a8:65:4e:c5:df:87:a1:89:78:d5:7d:17:
0c:93:3f:02:92:bb:c1:d0:90:a9:e2:09:e8:4d:fc:df:2e:ad:
70:5d:38:64:ea:63:30:75:56:53:1d:09:ee:10:e7:eb:ae:19:
32:3a:23:12:b0:fb:93:d6:22:53:36:f2:df:cb:47:ab:4e:e8:
0f:36:a8:0e:ad:ac:57:d1:f8:f6:ef:11:46:b4:4d:15:d3:b8:
00:a5:7b:d6:8f:cd:9a:d2:29:dc:9b:99:f6:1a:8e:56:28:4b:
7d:58:57:80:d1:18:6b:81:5f:95:cd:bf:d5:1d:44:41:f4:3f:
2f:57:20:10:f8:6b:ba:a7:4e:e7:25:75:82:90:a0:5a:64:bc:
da:73:e3:61:35:e5:fc:90:2a:a4:f2:e6:00:ff:07:df:bc:43:
4b:96:85:85:e8:78:3c:97:65:a7:14:a3:18:5b:12:e7:44:6c:
3d:67:0d:7b:0d:f1:d5:19:f3:4a:07:17:63:e1:90:e7:a2:79:
f1:0b:86:40:55:08:f6:15:54:f0:fb:01:f0:18:a6:4a:5c:6b:
e8:a1:dc:e6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDYsAkH8IFGwRKOvwJP07CtoSf08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMjlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxNWNlMWUyNjM1ZmJhZjExNDYwZDJiZmZhZjYxNzI2ZjE3ZmIxZWI5OWFl
YjI0NGEyYTFlODg3ZGViNmZjNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzc631vSdwSlL3qzsmpLtcTC7yOBQx0/JTVbyyVy+sXg5hEC0L3X8GphHFT
qQkeF4yQ4zSUSKEjsQeCDIhr6Ombl5VkPJb/3cauyZedz5mfa0acLHcwUQEKALL0
syZNdpwcnY3+gILN5qvNX4oL8lK3MhM9eQHBaad9ltLN0VtFDlsH4KUaDhDXhIHj
oBgRIceWJsrliH/MU4ANDRUJ9OEU8X8M9whxsVtivfx1T8EZN9fuu86Dy1+2l3f+
rUSNLE0vyHmFvhOjZcYbs8IewLxUiydrms1x0VzdvF34TRllG8QpkyQo6yIIv6iL
UEyg+0ize07i2NHWGuFg4hQjWhsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRmHy80
BWrd2tJof0kcVQnD2LQpJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RjMTFlZmItOWNhMi00NDU5LWI1NWEtNDNiMDNlNjdiMTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAkpBXoKiXAerEDZ7s1wkX+qBcb5eiV6pE8aw/JBim
v1L4Ph7y3FrxjNWmqGVOxd+HoYl41X0XDJM/ApK7wdCQqeIJ6E383y6tcF04ZOpj
MHVWUx0J7hDn664ZMjojErD7k9YiUzby38tHq07oDzaoDq2sV9H49u8RRrRNFdO4
AKV71o/NmtIp3JuZ9hqOVihLfVhXgNEYa4Fflc2/1R1EQfQ/L1cgEPhruqdO5yV1
gpCgWmS82nPjYTXl/JAqpPLmAP8H37xDS5aFheh4PJdlpxSjGFsS50RsPWcNew3x
1RnzSgcXY+GQ56J58QuGQFUI9hVU8PsB8BimSlxr6KHc5g==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:49 2025 by rpki-client