Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: ZuGIBDGXq7FGYExKoj1vxoLlb5kOWTB2l7vWlkdweho=
Subject key identifier: 66:1E:6D:ED:20:AA:4E:C9:A5:D9:F2:71:E3:99:96:CE:10:EE:07:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2626F6ECA2A0A199F5D1681DDAFD47D7D7215984
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Mon 01 Sep 2025 19:30:11 +0000
ROA not before: Mon 01 Sep 2025 19:30:11 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:26:f6:ec:a2:a0:a1:99:f5:d1:68:1d:da:fd:47:d7:d7:21:59:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:30:11 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=0551d01f33d11fb9e4bd74609eb94733568a084a7c6be6d0b835b4d088e7a89e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c9:4f:eb:f2:5c:de:b4:20:1a:27:fc:28:75:
51:1c:eb:20:32:a9:82:73:ba:73:7c:27:01:33:d0:
32:d4:69:4e:35:f4:0f:48:bf:9c:45:11:7b:b0:b3:
26:9c:68:a9:06:47:31:01:b9:3b:ff:3f:52:b9:8b:
78:e5:8f:69:d5:54:4e:90:ce:39:ec:ef:52:01:36:
8a:77:a4:6a:fe:d5:e4:73:22:01:c3:68:e4:12:35:
43:90:7b:74:6f:56:76:a3:e0:83:1c:4b:9a:46:30:
28:e5:31:1f:ca:0d:da:ac:42:bb:70:2a:50:95:4c:
75:af:4c:e0:04:6f:18:64:24:57:ee:15:1a:cf:9b:
c0:79:c5:1f:3c:ba:60:63:a8:e5:b5:fd:9b:20:60:
92:2c:b6:6e:99:7b:ed:98:1e:af:3c:82:52:7f:e2:
7f:5c:89:33:59:90:d3:12:bf:7d:3f:e3:29:fd:e4:
2c:4d:c5:48:0d:2c:fd:5a:25:54:6a:4d:4c:2a:3c:
b2:80:97:79:c8:f8:b4:31:24:b2:4d:6c:86:da:87:
36:3e:3c:8c:ca:ec:6c:c1:42:a8:e1:2a:55:b4:53:
aa:b8:ae:d6:88:22:f4:50:67:1e:8d:7d:2e:1a:7d:
1e:bc:68:cd:48:c4:16:6c:21:92:36:48:cc:77:8c:
24:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1E:6D:ED:20:AA:4E:C9:A5:D9:F2:71:E3:99:96:CE:10:EE:07:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
b0:e1:86:d6:68:b8:1b:74:d1:5a:7f:32:be:49:56:82:d2:dd:
24:0b:1a:7e:9a:83:33:35:19:08:64:84:3f:39:5b:9c:f9:e2:
18:4a:cb:44:5f:98:76:13:1a:90:e2:17:3f:4e:be:af:4b:bc:
21:82:fe:8b:54:b7:6c:eb:a6:d3:82:2d:10:70:fd:39:21:d2:
59:20:f2:2b:d3:57:35:58:da:41:02:f6:47:f0:d0:f3:a4:30:
e5:e7:7c:ad:cd:33:dc:d2:fb:0c:0b:8e:ab:1c:4e:6a:44:a1:
0b:94:f9:cd:5d:82:71:db:87:78:8f:d5:ff:1d:67:18:d7:36:
f6:a5:20:63:45:23:de:ed:66:ae:1c:6d:bb:2b:c9:aa:75:19:
f1:9f:cc:40:8b:c6:d7:b4:1b:b2:09:43:c3:49:66:73:23:26:
a2:44:c4:ab:b5:b0:75:c3:21:01:78:ee:88:95:3b:d3:6e:6d:
97:d6:61:89:18:d2:4f:35:cb:a7:6a:0a:a4:2f:da:6e:9d:6f:
80:48:2d:3a:df:75:52:98:4c:5c:62:f0:7b:28:e9:3c:c5:45:
c8:88:fb:96:4d:24:73:a3:dd:a7:d4:af:db:bb:47:51:07:17:
fd:03:0e:ea:2a:ac:69:19:a9:6f:07:8d:1e:08:ad:3e:3d:46:
38:18:e3:81
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJib27KKgoZn10Wgd2v1H19chWYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTMwMTFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1NTFkMDFmMzNkMTFmYjllNGJkNzQ2MDllYjk0NzMzNTY4YTA4NGE3YzZi
ZTZkMGI4MzViNGQwODhlN2E4OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIXJT+vyXN60IBon/Ch1URzrIDKpgnO6c3wnATPQMtRpTjX0D0i/nEURe7Cz
JpxoqQZHMQG5O/8/UrmLeOWPadVUTpDOOezvUgE2inekav7V5HMiAcNo5BI1Q5B7
dG9WdqPggxxLmkYwKOUxH8oN2qxCu3AqUJVMda9M4ARvGGQkV+4VGs+bwHnFHzy6
YGOo5bX9myBgkiy2bpl77ZgerzyCUn/if1yJM1mQ0xK/fT/jKf3kLE3FSA0s/Vol
VGpNTCo8soCXecj4tDEksk1shtqHNj48jMrsbMFCqOEqVbRTqriu1ogi9FBnHo19
Lhp9HrxozUjEFmwhkjZIzHeMJLECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRmHm3t
IKpOyaXZ8nHjmZbOEO4HtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAsOGG1mi4G3TRWn8yvklWgtLdJAsafpqDMzUZCGSE
PzlbnPniGErLRF+YdhMakOIXP06+r0u8IYL+i1S3bOum04ItEHD9OSHSWSDyK9NX
NVjaQQL2R/DQ86Qw5ed8rc0z3NL7DAuOqxxOakShC5T5zV2CcduHeI/V/x1nGNc2
9qUgY0Uj3u1mrhxtuyvJqnUZ8Z/MQIvG17QbsglDw0lmcyMmokTEq7WwdcMhAXju
iJU7025tl9ZhiRjSTzXLp2oKpC/abp1vgEgtOt91UphMXGLweyjpPMVFyIj7lk0k
c6Pdp9Sv27tHUQcX/QMO6iqsaRmpbweNHgitPj1GOBjjgQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:00 2025 by rpki-client