Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: 0/w793Aoj5dL24RbiKwOUvnoVrHPNJIIrr154OwmUMs=
Subject key identifier: DC:2B:F2:5C:FC:C0:F3:22:01:70:E3:41:76:F2:C8:45:62:E5:5E:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28138A2571861600B44F18D7584DEC4308CE916C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Fri 11 Jul 2025 18:40:32 +0000
ROA not before: Fri 11 Jul 2025 18:40:32 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:13:8a:25:71:86:16:00:b4:4f:18:d7:58:4d:ec:43:08:ce:91:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:32 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f37ebe02bbca5b942e3c1fa409bfbc4359764edbce9a13ec5f812580adcb57ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5c:a4:28:30:6a:eb:3a:a2:b3:76:48:0b:17:
32:c0:56:0d:13:be:1c:9c:2c:a9:a0:d9:3d:4b:f5:
32:28:04:3f:3d:54:af:87:06:32:03:31:b5:cd:33:
ac:a2:6c:d1:05:a6:5d:14:d2:07:12:c4:71:86:fd:
70:a9:21:e4:84:84:e1:12:e0:e0:26:64:a7:b5:9e:
d0:5c:04:1c:82:84:69:da:01:28:24:2c:f5:3b:aa:
c1:f0:8f:7b:c3:6a:c8:b9:5d:6e:ea:8d:70:fb:ae:
63:ec:7a:7a:be:4f:41:43:2d:ca:e1:50:64:28:83:
77:16:76:c7:c4:a8:92:b7:a7:c0:fc:db:c8:46:fd:
e0:51:9f:62:20:a9:09:5a:53:d2:d9:bb:03:32:95:
d9:4f:ce:2f:b1:d1:65:22:d3:9f:a1:1f:34:ff:68:
ff:57:e6:d2:ce:ad:2a:d2:b9:79:08:61:2e:2b:5a:
a7:c9:36:44:d3:00:96:7f:c4:aa:a0:09:1b:d1:93:
41:f7:6f:e2:94:4e:e2:46:dc:44:6a:22:d5:70:fc:
0f:94:fd:2e:b5:aa:4c:61:bd:ff:62:24:ea:59:95:
a9:11:0a:9a:d4:d0:38:a3:e3:e6:95:44:9b:bb:e1:
d0:3e:77:4e:aa:3b:3a:46:ab:ae:a0:cd:da:19:0d:
51:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2B:F2:5C:FC:C0:F3:22:01:70:E3:41:76:F2:C8:45:62:E5:5E:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
71:9d:32:78:5e:5f:23:34:11:96:8c:82:ab:c3:fb:ea:eb:d0:
86:5e:62:01:75:bd:34:aa:56:84:7f:22:0e:bf:6c:03:26:13:
36:9e:03:f6:48:a9:c5:a5:3c:9a:4b:30:6f:65:9b:dd:a3:22:
25:8d:04:c8:5a:41:31:5f:63:31:7d:b3:70:25:d1:b6:81:11:
d3:0a:25:86:d9:c2:7d:6b:a4:f9:f7:5d:c3:26:c0:76:49:41:
e7:c4:28:aa:13:bc:80:e4:c8:20:ad:39:17:99:6c:35:99:9a:
f8:75:25:1e:c9:66:e5:6e:7f:1b:a6:6c:18:aa:1c:4a:0c:1f:
3e:ef:4d:f1:58:25:79:8e:82:77:ce:85:47:9e:c9:a9:3b:a0:
7d:97:7e:63:96:af:0d:d2:34:5f:e7:9d:8e:e8:18:70:bb:75:
d6:ba:6b:8b:3f:90:94:fd:ee:9d:9f:f6:9b:99:27:43:fd:ff:
99:69:0d:3a:aa:63:8e:bc:51:b6:86:cc:88:98:94:c8:d1:27:
7a:c4:4c:6c:40:9d:8a:bb:98:3a:66:d3:48:c9:39:1c:80:87:
59:dc:b6:07:61:c8:6b:03:89:bf:97:a5:d3:4b:9c:92:2b:7f:
14:90:51:fe:3d:c3:3b:14:4c:d0:05:28:b6:2b:ea:9f:c0:76:
fd:16:8e:f2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKBOKJXGGFgC0TxjXWE3sQwjOkWwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMzJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzN2ViZTAyYmJjYTViOTQyZTNjMWZhNDA5YmZiYzQzNTk3NjRlZGJjZTlh
MTNlYzVmODEyNTgwYWRjYjU3Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1cpCgwaus6orN2SAsXMsBWDRO+HJwsqaDZPUv1MigEPz1Ur4cGMgMxtc0z
rKJs0QWmXRTSBxLEcYb9cKkh5ISE4RLg4CZkp7We0FwEHIKEadoBKCQs9TuqwfCP
e8NqyLldbuqNcPuuY+x6er5PQUMtyuFQZCiDdxZ2x8SokrenwPzbyEb94FGfYiCp
CVpT0tm7AzKV2U/OL7HRZSLTn6EfNP9o/1fm0s6tKtK5eQhhLitap8k2RNMAln/E
qqAJG9GTQfdv4pRO4kbcRGoi1XD8D5T9LrWqTGG9/2Ik6lmVqREKmtTQOKPj5pVE
m7vh0D53Tqo7OkarrqDN2hkNUXcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTcK/Jc
/MDzIgFw40F28shFYuVetjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAcZ0yeF5fIzQRloyCq8P76uvQhl5iAXW9NKpWhH8i
Dr9sAyYTNp4D9kipxaU8mkswb2Wb3aMiJY0EyFpBMV9jMX2zcCXRtoER0wolhtnC
fWuk+fddwybAdklB58QoqhO8gOTIIK05F5lsNZma+HUlHslm5W5/G6ZsGKocSgwf
Pu9N8VgleY6Cd86FR57JqTugfZd+Y5avDdI0X+edjugYcLt11rpriz+QlP3unZ/2
m5knQ/3/mWkNOqpjjrxRtobMiJiUyNEnesRMbECdiruYOmbTSMk5HICHWdy2B2HI
awOJv5el00uckit/FJBR/j3DOxRM0AUotivqn8B2/RaO8g==
-----END CERTIFICATE-----
Generated at Thu Jul 24 00:00:19 2025 by rpki-client