Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json)
Hash identifier: vepAQbJizLquqQrLCt997z2QsOw547PyAqUAoC2bOg8=
Subject key identifier: E2:4E:B8:AD:66:05:FA:75:2E:17:5C:E0:8F:13:38:64:DA:61:90:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A050111798B8A342D3CF8535C829763549C4FF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
Signing time: Mon 12 May 2025 16:10:09 +0000
ROA not before: Mon 12 May 2025 16:10:09 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:05:01:11:79:8b:8a:34:2d:3c:f8:53:5c:82:97:63:54:9c:4f:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:10:09 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=ca71700541073c312a4cb7d740bd129e93585f12ccdb048e8e935f3f52e58654, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:87:5f:cb:87:35:5b:e7:89:48:e8:9d:be:1f:
01:d2:c1:d4:75:da:e2:e6:e8:15:39:56:d5:73:6c:
cd:f4:08:de:7f:33:16:cf:b8:c7:af:54:fd:d2:ed:
5b:f6:9d:d6:6e:69:69:9b:fa:79:0e:1d:08:d1:e6:
20:6c:10:5f:c6:7c:5c:8c:8e:9c:85:40:07:a1:ab:
95:6e:3a:ff:86:c7:a1:13:67:67:3a:2a:de:3f:f8:
e5:9c:53:d1:da:0d:a9:ef:27:73:6f:3e:85:9a:14:
2b:74:3f:57:08:e4:28:e6:99:fc:88:e8:37:86:ba:
22:36:d5:b5:29:31:c0:fd:c2:5c:8b:18:3d:db:3b:
24:53:a4:be:76:99:52:44:3b:1d:13:d4:f9:33:64:
d1:51:aa:3e:82:9d:04:d0:d5:ad:b9:1a:40:66:79:
71:55:a0:e9:d5:16:cb:b2:0a:f6:28:fc:dc:72:2d:
96:89:9d:7f:f2:ae:3b:80:20:5a:61:00:3f:e7:5b:
07:4a:66:83:68:28:a9:63:0d:a5:26:47:bc:48:b9:
e1:04:8d:42:6b:f8:3a:b3:23:91:45:22:61:52:4a:
0c:ae:d0:df:94:4f:32:b0:be:1b:b2:40:2b:a3:92:
2b:2c:1a:dc:2b:c6:40:cb:d3:54:2e:46:ff:fd:a2:
2f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4E:B8:AD:66:05:FA:75:2E:17:5C:E0:8F:13:38:64:DA:61:90:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.88.0/21
Signature Algorithm: sha256WithRSAEncryption
a9:c2:cf:64:68:63:2d:3e:ff:ef:17:ca:54:d4:40:7f:a5:4a:
49:57:c3:a6:a6:a7:0f:be:73:ad:60:ce:b5:05:b2:ef:16:a3:
50:4d:c2:89:f3:ca:ec:f7:95:61:ea:29:b6:c2:35:d1:5f:ae:
c4:8c:bb:26:47:15:ff:f2:48:d9:15:1c:40:f7:c1:30:7f:4b:
78:e0:8d:ee:84:0c:1c:fc:e9:2a:36:45:12:55:7f:be:ce:3f:
10:0f:cf:12:c4:c0:38:04:13:f4:28:87:4f:31:a7:23:1a:14:
15:60:fc:d5:74:78:a2:8d:fa:e7:4b:06:09:76:73:44:8b:f5:
d7:42:53:52:66:65:ce:e8:36:79:1e:7d:8a:60:c6:dc:c5:3b:
e4:55:6b:ec:89:43:a5:92:65:b4:82:e8:9d:4c:15:d3:2c:3d:
2f:4d:01:c8:48:ac:fe:a7:f7:26:82:25:30:e1:b0:66:a7:87:
8a:07:2a:d2:09:25:5d:9e:00:2b:10:29:99:44:9e:bf:1e:c4:
1e:35:db:d9:66:07:5a:d0:3e:af:06:e4:b0:dd:30:6b:e8:43:
02:7c:b6:1c:4b:29:29:d1:cb:37:8a:77:b7:d4:e9:01:52:95:
fa:05:cc:3a:7e:62:21:ea:a0:0b:ad:24:39:a8:93:1a:a8:1d:
fb:df:f1:4f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSgUBEXmLijQtPPhTXIKXY1ScT/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjEwMDlaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhNzE3MDA1NDEwNzNjMzEyYTRjYjdkNzQwYmQxMjllOTM1ODVmMTJjY2Ri
MDQ4ZThlOTM1ZjNmNTJlNTg2NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOHX8uHNVvniUjonb4fAdLB1HXa4uboFTlW1XNszfQI3n8zFs+4x69U/dLt
W/ad1m5paZv6eQ4dCNHmIGwQX8Z8XIyOnIVAB6GrlW46/4bHoRNnZzoq3j/45ZxT
0doNqe8nc28+hZoUK3Q/VwjkKOaZ/IjoN4a6IjbVtSkxwP3CXIsYPds7JFOkvnaZ
UkQ7HRPU+TNk0VGqPoKdBNDVrbkaQGZ5cVWg6dUWy7IK9ij83HItlomdf/KuO4Ag
WmEAP+dbB0pmg2goqWMNpSZHvEi54QSNQmv4OrMjkUUiYVJKDK7Q35RPMrC+G7JA
K6OSKywa3CvGQMvTVC5G//2iL+ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTiTrit
ZgX6dS4XXOCPEzhk2mGQDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN
BgkqhkiG9w0BAQsFAAOCAQEAqcLPZGhjLT7/7xfKVNRAf6VKSVfDpqanD75zrWDO
tQWy7xajUE3CifPK7PeVYeoptsI10V+uxIy7JkcV//JI2RUcQPfBMH9LeOCN7oQM
HPzpKjZFElV/vs4/EA/PEsTAOAQT9CiHTzGnIxoUFWD81XR4oo3650sGCXZzRIv1
10JTUmZlzug2eR59imDG3MU75FVr7IlDpZJltILonUwV0yw9L00ByEis/qf3JoIl
MOGwZqeHigcq0gklXZ4AKxApmUSevx7EHjXb2WYHWtA+rwbksN0wa+hDAny2HEsp
KdHLN4p3t9TpAVKV+gXMOn5iIeqgC60kOaiTGqgd+9/xTw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:29:04 2025 by rpki-client