Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
File: ea9f1f24-552b-49dd-a167-4872d5575c1d.roa (raw, json)
Hash identifier: YeeuWeWw2hNGZayfL6dkmvaQeSqlAsollPVOWqpPmqA=
Subject key identifier: 38:19:69:63:56:75:E4:4A:87:5A:17:58:A8:1B:54:82:95:AE:C2:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 302A15C26E5468798031DE3C028E7092ADDB2EAC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
Signing time: Tue 05 Aug 2025 18:40:07 +0000
ROA not before: Tue 05 Aug 2025 18:40:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:2a:15:c2:6e:54:68:79:80:31:de:3c:02:8e:70:92:ad:db:2e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=542a9a1719ab5b839a43430d38ba7b34100ecbf89f4338c054f127bb048b9d24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:4c:91:bd:65:c2:d4:18:b5:5f:93:33:ce:
cb:ac:e9:7f:fa:a2:ca:15:1f:c2:40:5b:e6:70:88:
c8:50:1e:ab:87:94:5f:a5:8c:a6:b0:c4:a9:99:1d:
d4:3e:90:27:95:b5:1b:3d:5f:bf:da:41:27:32:55:
c0:a9:6f:aa:a7:21:2a:29:9c:82:03:d2:b5:02:81:
da:46:d1:24:05:5b:da:92:8d:d6:1d:37:04:dd:7d:
55:89:99:e8:35:4e:18:b8:ae:c4:fa:0c:08:4b:3c:
98:a4:52:5f:04:3f:a3:b3:35:95:a7:48:b8:fa:08:
e2:d6:98:2a:9d:3e:69:a3:4e:80:41:dc:d2:62:79:
0e:4a:73:1b:23:3d:8c:3f:b8:6d:86:fa:d6:2e:f3:
4b:b1:10:27:60:32:2d:a9:96:76:c5:2b:53:67:2d:
16:f4:a6:7e:9c:fa:d7:6e:14:73:8f:88:f7:31:9c:
1c:b4:75:7a:63:6d:4e:2b:14:9f:17:dd:96:57:a7:
b9:3d:c6:4e:6a:92:e3:d6:af:e9:0d:ef:3f:15:33:
ab:d4:7d:ad:e1:e5:a3:55:c1:4d:ae:46:03:29:c5:
35:67:4a:40:88:a7:92:7c:30:3a:15:b0:c0:d4:93:
14:6d:74:b0:c2:ef:92:f5:7f:59:97:fb:a8:ca:19:
29:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:19:69:63:56:75:E4:4A:87:5A:17:58:A8:1B:54:82:95:AE:C2:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.120.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:9c:5d:87:8b:58:ac:19:ea:8d:87:0b:f5:ca:02:fc:64:a4:
20:ea:07:65:84:b7:cd:87:c9:75:ce:b8:c7:8d:2b:ff:75:3d:
77:6e:55:3d:4d:6f:c7:95:f2:97:0b:22:c6:91:39:3f:20:2b:
0d:b7:0d:0b:02:51:b9:90:41:3d:bb:b7:d6:72:fe:0d:fe:46:
f3:38:f2:89:75:6b:18:af:9b:46:5f:44:1a:eb:d8:80:99:41:
7c:3a:1c:c5:aa:8c:17:c6:13:75:04:bf:d2:4a:7c:aa:78:4c:
4f:d0:d9:d1:67:42:a9:07:47:69:a9:35:1d:0a:0a:d4:f6:d0:
28:fc:5b:76:de:11:f6:99:18:c2:e3:b4:0c:05:25:40:32:b6:
fc:4b:1c:72:9c:28:1c:be:5e:2b:22:a5:1d:90:75:94:28:a8:
09:dc:ad:7b:e3:5e:03:6b:37:d0:2d:f9:18:f2:ff:08:a3:c4:
2b:f4:75:34:94:f3:be:4c:ad:73:11:fd:aa:61:d2:39:b9:c0:
26:3f:86:dc:b5:bc:7c:19:19:22:e4:96:0d:eb:ec:18:fb:59:
40:ea:8d:98:73:e6:28:7a:cb:a8:ab:55:18:fb:b0:f0:88:3d:
a4:72:07:f0:3b:15:77:ea:c0:a5:65:8c:af:08:27:c6:10:59:
06:ed:ce:b1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMCoVwm5UaHmAMd48Ao5wkq3bLqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MmE5YTE3MTlhYjViODM5YTQzNDMwZDM4YmE3YjM0MTAwZWNiZjg5ZjQz
MzhjMDU0ZjEyN2JiMDQ4YjlkMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYcTJG9ZcLUGLVfkzPOy6zpf/qiyhUfwkBb5nCIyFAeq4eUX6WMprDEqZkd
1D6QJ5W1Gz1fv9pBJzJVwKlvqqchKimcggPStQKB2kbRJAVb2pKN1h03BN19VYmZ
6DVOGLiuxPoMCEs8mKRSXwQ/o7M1ladIuPoI4taYKp0+aaNOgEHc0mJ5DkpzGyM9
jD+4bYb61i7zS7EQJ2AyLamWdsUrU2ctFvSmfpz6124Uc4+I9zGcHLR1emNtTisU
nxfdllenuT3GTmqS49av6Q3vPxUzq9R9reHlo1XBTa5GAynFNWdKQIinknwwOhWw
wNSTFG10sMLvkvV/WZf7qMoZKX8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ4GWlj
VnXkSodaF1ioG1SCla7C1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE5ZjFmMjQtNTUyYi00OWRkLWExNjctNDg3MmQ1NTc1YzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgeDAN
BgkqhkiG9w0BAQsFAAOCAQEAyZxdh4tYrBnqjYcL9coC/GSkIOoHZYS3zYfJdc64
x40r/3U9d25VPU1vx5XylwsixpE5PyArDbcNCwJRuZBBPbu31nL+Df5G8zjyiXVr
GK+bRl9EGuvYgJlBfDocxaqMF8YTdQS/0kp8qnhMT9DZ0WdCqQdHaak1HQoK1PbQ
KPxbdt4R9pkYwuO0DAUlQDK2/EsccpwoHL5eKyKlHZB1lCioCdyte+NeA2s30C35
GPL/CKPEK/R1NJTzvkytcxH9qmHSObnAJj+G3LW8fBkZIuSWDevsGPtZQOqNmHPm
KHrLqKtVGPuw8Ig9pHIH8DsVd+rApWWMrwgnxhBZBu3OsQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:38 2025 by rpki-client