Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
File: e5744d03-14d6-49dd-bcc7-bbf41846c647.roa (raw, json)
Hash identifier: r1xFjQ3z2g7jusyN8n++CH5Tup3gUaHP/exgvMSUvRo=
Subject key identifier: 32:E8:92:79:C7:B4:85:62:AB:6B:5D:E4:D3:7E:72:0E:2C:0D:84:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: F11C5578395DDEF4D20AA346D60FD7C5335A27
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
Signing time: Tue 05 Aug 2025 18:40:05 +0000
ROA not before: Tue 05 Aug 2025 18:40:05 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f1:1c:55:78:39:5d:de:f4:d2:0a:a3:46:d6:0f:d7:c5:33:5a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:05 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=532b89fafbb0a9995ce3d6397a743af52269bd0d52861b44a1f714d936befbf8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:03:ae:c7:af:ac:c6:48:cb:e9:b1:6b:f4:b2:
db:fa:4b:ee:47:61:70:44:bd:ff:b1:3e:51:7e:4e:
1d:dd:10:2e:ec:f9:ba:bf:8d:e7:7b:ca:72:49:1a:
8f:43:52:a7:bf:f3:d2:2b:a6:4d:3c:f6:03:ea:d7:
5e:99:98:5d:80:1e:6a:31:9f:58:39:e4:25:73:91:
03:51:ff:13:77:eb:b7:e4:b9:72:8e:f3:74:c5:ad:
7f:8b:8b:f6:88:3b:c0:53:92:94:c8:e3:94:48:b2:
92:ad:18:d8:e5:13:70:17:28:29:07:5c:e2:5a:1f:
e6:ab:de:77:fc:21:2d:3e:10:9e:80:ab:d0:e4:f5:
37:f4:ab:2a:cc:9e:34:4b:11:5f:cf:f2:54:a1:b0:
46:82:eb:02:67:59:cd:3a:ef:84:a1:6f:9e:86:96:
3a:a4:a4:69:ba:39:8a:c5:8a:7f:ab:2a:06:40:b6:
bd:29:c4:5a:48:66:61:2b:b3:64:7f:65:fd:62:20:
44:c4:36:21:4d:37:47:47:03:47:f7:25:e4:20:a3:
0a:d7:f4:9d:82:5a:43:6c:3f:ba:81:ae:0d:8c:b1:
bf:52:e6:4f:41:6d:19:95:32:3f:f4:12:97:df:0a:
68:93:43:36:74:fe:d9:b0:90:f7:e9:51:3d:71:32:
b3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E8:92:79:C7:B4:85:62:AB:6B:5D:E4:D3:7E:72:0E:2C:0D:84:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5744d03-14d6-49dd-bcc7-bbf41846c647.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.126.0/23
Signature Algorithm: sha256WithRSAEncryption
49:ef:fa:71:d9:dc:be:06:bc:9b:cf:d9:d9:be:6d:7e:5c:84:
f1:b8:73:03:ee:eb:cc:e8:35:00:d4:14:5e:0d:d9:9d:a8:da:
47:d2:be:0c:b5:a5:6f:62:9a:d3:14:71:71:dc:95:a8:91:c7:
04:fe:e4:7d:81:af:82:c0:8c:93:77:93:bf:7c:69:2f:fe:a9:
ff:63:12:1c:88:d4:01:8a:2a:06:bc:12:d3:b1:e8:ed:2f:bd:
d9:f2:47:47:87:52:86:a4:92:fb:92:84:be:fc:87:ff:cd:ba:
2d:f7:3c:b2:a8:31:af:63:32:64:3c:09:07:26:17:2f:ae:e4:
fa:60:11:b6:88:2b:36:18:d9:71:c8:d1:38:5f:31:b9:79:c0:
af:29:7f:52:8d:d8:8f:50:60:75:d2:5d:a0:8e:4f:fb:7e:5a:
97:18:23:aa:fa:7d:fc:bd:21:e8:61:23:93:07:cf:e7:df:81:
10:8b:4f:f6:ef:4a:e1:35:70:af:89:08:e2:49:2f:57:45:65:
9e:89:4d:90:37:6d:a8:ac:28:ba:fc:c1:9d:8a:b9:59:75:86:
1e:2c:6d:38:9c:70:d7:56:33:a2:44:9a:f0:e9:6a:80:67:b7:
34:f6:bb:4a:23:7f:ab:e4:c6:6a:1a:0d:4c:e9:a4:b0:b8:c4:
20:33:09:6c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAPEcVXg5Xd700gqjRtYP18UzWicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwMDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMmI4OWZhZmJiMGE5OTk1Y2UzZDYzOTdhNzQzYWY1MjI2OWJkMGQ1Mjg2
MWI0NGExZjcxNGQ5MzZiZWZiZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcDrsevrMZIy+mxa/Sy2/pL7kdhcES9/7E+UX5OHd0QLuz5ur+N53vKckka
j0NSp7/z0iumTTz2A+rXXpmYXYAeajGfWDnkJXORA1H/E3frt+S5co7zdMWtf4uL
9og7wFOSlMjjlEiykq0Y2OUTcBcoKQdc4lof5qved/whLT4QnoCr0OT1N/SrKsye
NEsRX8/yVKGwRoLrAmdZzTrvhKFvnoaWOqSkabo5isWKf6sqBkC2vSnEWkhmYSuz
ZH9l/WIgRMQ2IU03R0cDR/cl5CCjCtf0nYJaQ2w/uoGuDYyxv1LmT0FtGZUyP/QS
l98KaJNDNnT+2bCQ9+lRPXEys2MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQy6JJ5
x7SFYqtrXeTTfnIOLA2EPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTU3NDRkMDMtMTRkNi00OWRkLWJjYzctYmJmNDE4NDZjNjQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfjAN
BgkqhkiG9w0BAQsFAAOCAQEASe/6cdncvga8m8/Z2b5tflyE8bhzA+7rzOg1ANQU
Xg3ZnajaR9K+DLWlb2Ka0xRxcdyVqJHHBP7kfYGvgsCMk3eTv3xpL/6p/2MSHIjU
AYoqBrwS07Ho7S+92fJHR4dShqSS+5KEvvyH/826Lfc8sqgxr2MyZDwJByYXL67k
+mARtogrNhjZccjROF8xuXnAryl/Uo3Yj1BgddJdoI5P+35alxgjqvp9/L0h6GEj
kwfP59+BEItP9u9K4TVwr4kI4kkvV0VlnolNkDdtqKwouvzBnYq5WXWGHixtOJxw
11YzokSa8OlqgGe3NPa7SiN/q+TGahoNTOmksLjEIDMJbA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:39 2025 by rpki-client