Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: rmJwkos1VqfKKEymvrqOn7sb9W4/z5E8cvWNhgAWsHs=
Subject key identifier: 15:8C:5A:34:80:74:C6:E3:1B:48:5E:9C:89:07:88:C4:8A:53:D5:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5453EF09A7C66872B4A0FC3B49C312882050CC73
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Tue 05 Aug 2025 18:40:08 +0000
ROA not before: Tue 05 Aug 2025 18:40:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:53:ef:09:a7:c6:68:72:b4:a0:fc:3b:49:c3:12:88:20:50:cc:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=db5c13702851bd95b3a19a20fdafc0390f1893dd6f4b0b6dcc2609dbc11c1e1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:73:b6:ed:21:1f:d7:8d:a1:b1:d4:02:f5:c5:
13:5f:d2:94:dd:95:1e:f3:8c:6b:8b:be:5a:30:db:
dd:fe:57:f4:7e:11:3d:2a:6b:07:66:95:74:1c:08:
c8:e9:a3:b7:59:dd:7b:0a:8c:56:5b:0b:4a:13:c1:
31:46:f2:03:e0:46:96:43:4b:3e:6a:af:84:22:c2:
56:ad:91:f5:33:c6:ae:7d:fa:9e:82:ce:08:01:e0:
f7:cd:46:8b:6a:6b:8f:84:3c:0f:d7:49:c1:9e:e3:
de:52:90:c3:b0:0d:5b:c8:90:79:3f:ea:80:24:26:
13:f0:97:dc:08:16:de:ad:44:8d:7c:0b:a9:c0:af:
ff:65:d1:44:16:f7:59:da:aa:1d:de:46:2e:65:59:
b3:28:2f:bf:e1:64:92:df:46:44:46:0d:90:e2:08:
b7:41:61:69:83:f0:8d:44:10:80:5b:3e:64:4c:45:
e3:d5:5b:9d:22:0b:dc:33:f4:59:e5:a8:ae:12:2c:
31:bc:32:22:d6:65:1e:be:57:7c:de:3e:05:2d:44:
b5:09:a7:c9:b9:46:91:77:91:2a:4e:aa:2f:7f:21:
77:81:06:4d:24:08:c4:e0:ed:8a:8e:94:81:1a:61:
7c:d7:37:a1:30:03:fd:85:4f:ac:7c:2b:b6:94:50:
69:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:8C:5A:34:80:74:C6:E3:1B:48:5E:9C:89:07:88:C4:8A:53:D5:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:19:5d:2b:0e:00:74:8c:ae:2a:4d:8d:60:29:ff:26:1c:7f:
c3:87:18:e4:44:c6:48:c9:6c:9f:96:3f:22:f9:32:d6:ba:4d:
6c:b1:4d:8e:ac:d0:a5:8e:fe:65:2d:89:6b:a6:d0:b2:ef:1a:
e4:ee:fa:24:3d:7f:78:c7:ff:b1:2e:48:63:f8:11:19:1d:c3:
84:24:99:90:d4:fd:13:fe:9f:d6:c2:d9:58:10:9e:57:c3:4f:
37:ad:6c:06:b4:8c:db:41:9a:9b:cc:63:2e:fa:6e:47:9d:12:
ce:6a:1c:68:fd:8c:40:3d:90:0d:26:ef:67:00:3c:05:88:2f:
73:96:89:33:b8:09:42:5a:0c:d8:4a:32:d6:f6:d0:13:e9:59:
c0:68:de:2e:91:d0:8c:f3:3c:ad:10:28:94:9a:70:ee:dd:93:
f2:96:ae:5e:b5:81:87:b4:61:90:c2:84:53:19:6e:f0:cd:6d:
ff:2c:be:92:f3:89:bd:ed:fc:51:1d:88:b8:18:ed:b1:89:62:
28:6f:68:62:3c:91:7a:94:2d:60:9a:20:b2:95:18:e3:8e:37:
1c:29:80:2b:fc:f9:c0:87:bf:93:2b:ff:0f:49:e6:9c:21:15:
75:19:53:6a:70:f8:97:dc:04:9e:28:5a:db:72:2e:78:46:62:
f9:ca:d5:90
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVFPvCafGaHK0oPw7ScMSiCBQzHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNWMxMzcwMjg1MWJkOTViM2ExOWEyMGZkYWZjMDM5MGYxODkzZGQ2ZjRi
MGI2ZGNjMjYwOWRiYzExYzFlMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhztu0hH9eNobHUAvXFE1/SlN2VHvOMa4u+WjDb3f5X9H4RPSprB2aVdBwI
yOmjt1ndewqMVlsLShPBMUbyA+BGlkNLPmqvhCLCVq2R9TPGrn36noLOCAHg981G
i2prj4Q8D9dJwZ7j3lKQw7ANW8iQeT/qgCQmE/CX3AgW3q1EjXwLqcCv/2XRRBb3
WdqqHd5GLmVZsygvv+Fkkt9GREYNkOIIt0FhaYPwjUQQgFs+ZExF49VbnSIL3DP0
WeWorhIsMbwyItZlHr5XfN4+BS1EtQmnyblGkXeRKk6qL38hd4EGTSQIxODtio6U
gRphfNc3oTAD/YVPrHwrtpRQaeMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQVjFo0
gHTG4xtIXpyJB4jEilPVkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAThldKw4AdIyuKk2NYCn/Jhx/w4cY5ETGSMlsn5Y/
Ivky1rpNbLFNjqzQpY7+ZS2Ja6bQsu8a5O76JD1/eMf/sS5IY/gRGR3DhCSZkNT9
E/6f1sLZWBCeV8NPN61sBrSM20Gam8xjLvpuR50SzmocaP2MQD2QDSbvZwA8BYgv
c5aJM7gJQloM2Eoy1vbQE+lZwGjeLpHQjPM8rRAolJpw7t2T8pauXrWBh7RhkMKE
Uxlu8M1t/yy+kvOJve38UR2IuBjtsYliKG9oYjyRepQtYJogspUY4443HCmAK/z5
wIe/kyv/D0nmnCEVdRlTanD4l9wEniha23IueEZi+crVkA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:37 2025 by rpki-client