Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
File: e5744d03-14d6-49dd-bcc7-bbf41846c647.roa (raw, json)
Hash identifier: Vqz4qtuDzlqXvvP6I7Ab1Oyiy0GW+WiUwY9URcHGfcw=
Subject key identifier: B9:63:20:73:78:8D:38:C1:7F:A2:F8:FF:40:8D:B2:4E:69:30:CF:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21D677E2A8C57FA3DB633402492F4E3576AAD72C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
Signing time: Mon 01 Sep 2025 19:30:08 +0000
ROA not before: Mon 01 Sep 2025 19:30:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:d6:77:e2:a8:c5:7f:a3:db:63:34:02:49:2f:4e:35:76:aa:d7:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:30:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=26ec15a7f095b4288f5c4bf2c5e53aed6e2c2e1d9ec107020cdf58add4835d66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:93:16:fb:7a:e8:04:b9:3e:e6:b5:3c:81:
28:42:77:5d:46:5a:e7:48:aa:74:22:78:b8:94:65:
c4:5f:20:d6:a4:b9:4e:0c:1d:41:6b:b4:59:19:ee:
60:fa:36:f7:d3:29:b8:89:8a:35:48:b5:d3:7c:d8:
b4:3b:9b:b1:66:d5:2f:e9:69:d6:dc:0d:91:8e:8e:
86:e9:a8:26:38:c3:aa:da:fb:1d:d8:3f:bc:7a:93:
11:79:79:2a:06:21:1c:1c:35:0d:ab:56:ab:f2:15:
69:08:14:89:fd:17:ef:ed:b5:8f:c8:ca:fb:df:26:
57:4b:7a:5f:ad:51:0f:18:1f:0e:4e:ee:24:ed:5c:
a9:7f:ee:ef:fd:80:2c:92:9a:3b:7d:fa:f2:87:92:
04:03:bd:0a:0b:98:20:48:43:33:63:76:49:05:05:
fd:56:bc:41:d5:3e:38:97:99:19:bb:46:9d:8c:c9:
c4:65:8b:b5:e3:3e:7f:9e:29:11:1d:5e:97:23:5a:
a3:6d:3f:8a:05:cc:60:4f:56:eb:f0:49:05:80:dc:
e7:b5:6d:13:76:3a:19:e9:da:ea:b8:9c:40:6c:00:
a1:f1:70:95:c8:eb:1f:c8:51:32:1f:6d:1c:45:3e:
d6:8a:1f:31:21:8b:16:c9:e1:8b:16:5c:50:59:2d:
f2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:63:20:73:78:8D:38:C1:7F:A2:F8:FF:40:8D:B2:4E:69:30:CF:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.126.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:ed:f2:82:4b:d1:7e:85:d2:d9:20:e1:1f:b9:16:69:d7:b2:
c3:ca:f5:ca:7b:b9:ab:86:ca:4f:7a:07:9a:dd:e8:cc:e1:04:
1e:3b:93:e7:d7:67:89:c1:eb:7a:a7:a5:8a:b3:8c:3b:1f:88:
5f:3d:31:83:d8:ad:ca:c0:d4:6c:f5:f3:c4:d7:8c:c1:78:8b:
af:c0:4e:c8:9c:af:61:a2:c4:0a:b7:f2:99:e8:97:c5:2a:aa:
9b:83:63:ca:cb:15:46:49:61:2c:30:88:b2:ad:81:b4:c7:2d:
b5:fb:34:6f:b5:bc:95:8c:44:d1:4f:d6:6a:1a:f0:a6:81:e2:
ed:05:a2:03:e1:21:5e:e9:88:5a:02:7a:13:76:08:f6:80:16:
4a:d3:09:e9:50:3a:7a:83:ec:77:31:9d:b8:ce:29:cb:7e:7a:
66:59:24:ff:84:8d:7b:7d:21:00:50:01:96:cd:d1:f9:e1:87:
2c:09:a0:fa:4e:3c:5d:d5:c5:70:50:5d:e2:8f:26:ac:e9:03:
2b:63:4d:e9:dd:65:7d:c3:a5:15:54:a4:77:34:86:94:8c:a2:
c5:1e:dc:2c:6e:46:f3:9f:b9:27:eb:4b:b1:be:8a:8c:ca:65:
75:5d:d0:43:df:44:9e:12:ec:f2:9b:39:f3:cf:51:9c:a7:c4:
75:ba:f8:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIdZ34qjFf6PbYzQCSS9ONXaq1ywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTMwMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2ZWMxNWE3ZjA5NWI0Mjg4ZjVjNGJmMmM1ZTUzYWVkNmUyYzJlMWQ5ZWMx
MDcwMjBjZGY1OGFkZDQ4MzVkNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALP7kxb7eugEuT7mtTyBKEJ3XUZa50iqdCJ4uJRlxF8g1qS5TgwdQWu0WRnu
YPo299MpuImKNUi103zYtDubsWbVL+lp1twNkY6OhumoJjjDqtr7Hdg/vHqTEXl5
KgYhHBw1DatWq/IVaQgUif0X7+21j8jK+98mV0t6X61RDxgfDk7uJO1cqX/u7/2A
LJKaO3368oeSBAO9CguYIEhDM2N2SQUF/Va8QdU+OJeZGbtGnYzJxGWLteM+f54p
ER1elyNao20/igXMYE9W6/BJBYDc57VtE3Y6Gena6ricQGwAofFwlcjrH8hRMh9t
HEU+1oofMSGLFsnhixZcUFkt8rsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS5YyBz
eI04wX+i+P9AjbJOaTDPHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU3NDRkMDMtMTRkNi00OWRkLWJjYzctYmJmNDE4NDZjNjQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfjAN
BgkqhkiG9w0BAQsFAAOCAQEAmu3ygkvRfoXS2SDhH7kWadeyw8r1ynu5q4bKT3oH
mt3ozOEEHjuT59dnicHreqelirOMOx+IXz0xg9itysDUbPXzxNeMwXiLr8BOyJyv
YaLECrfymeiXxSqqm4NjyssVRklhLDCIsq2BtMcttfs0b7W8lYxE0U/WahrwpoHi
7QWiA+EhXumIWgJ6E3YI9oAWStMJ6VA6eoPsdzGduM4py356Zlkk/4SNe30hAFAB
ls3R+eGHLAmg+k48XdXFcFBd4o8mrOkDK2NN6d1lfcOlFVSkdzSGlIyixR7cLG5G
85+5J+tLsb6KjMpldV3QQ99EnhLs8ps5889RnKfEdbr49g==
-----END CERTIFICATE-----
Generated at Sat Sep 13 17:12:15 2025 by rpki-client