Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
File: 1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa (raw, json)
Hash identifier: c5991mBcTm4fsfr5e6t5kYTCcYQYRiTYyBQo1Ub+Q5o=
Subject key identifier: D8:F8:40:D8:02:57:E1:7D:3F:C5:8B:C1:B9:30:8D:C7:3F:CD:73:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F5AB827CD873EF9237F447E1AA88BC5AD8D7BAF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
Signing time: Fri 06 Jun 2025 15:00:06 +0000
ROA not before: Fri 06 Jun 2025 15:00:06 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:5a:b8:27:cd:87:3e:f9:23:7f:44:7e:1a:a8:8b:c5:ad:8d:7b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:06 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=d58d901e35830cac8677692e8af13b9bb72ce86c5d05c01fe7417641f57a31a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bd:a9:9a:c2:e2:ea:31:9f:cc:c7:d0:51:00:
7c:5e:08:96:52:32:c8:f2:e1:64:7d:44:61:ee:d7:
73:07:ba:af:11:c8:07:76:39:32:4f:65:8e:7a:3e:
93:31:ea:1b:f4:53:11:05:b5:04:31:19:b8:6e:d6:
d0:ea:77:ca:e2:84:cf:e8:ae:2c:02:8b:09:da:a9:
ae:d7:07:06:71:77:70:e3:df:09:2d:c8:10:66:f7:
76:cd:94:4f:b3:d3:df:5c:03:f0:07:87:9a:b8:84:
4e:d6:60:d4:46:63:de:3f:0b:39:d1:b6:88:64:e7:
a0:29:72:22:6b:a8:90:be:97:21:63:f3:7b:ad:1f:
df:d3:ec:ea:f3:61:a2:a7:b6:3b:c9:f1:26:a9:f9:
5f:21:4d:6b:67:1a:0b:c2:ad:37:97:09:4a:46:63:
a6:05:8a:09:0b:c2:5e:55:14:9a:0d:7f:9e:2e:cc:
73:ac:c3:b3:24:d3:af:eb:c9:05:44:88:f6:da:e4:
1f:b2:fa:51:82:38:53:f1:73:a4:7c:60:95:dc:77:
06:27:c5:27:f0:61:25:8e:5c:fb:3d:a2:8f:23:97:
13:e2:bf:f7:2d:d3:12:98:6a:39:13:ba:34:f4:a1:
7d:71:07:fe:a1:27:67:c5:f1:ea:67:7c:b8:08:f3:
26:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F8:40:D8:02:57:E1:7D:3F:C5:8B:C1:B9:30:8D:C7:3F:CD:73:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.124.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:b6:82:29:e7:8d:8b:3f:b9:31:d3:d1:9e:8c:cb:5f:43:ad:
31:3f:9d:1f:e6:89:0d:9d:35:52:91:b9:5e:ed:d1:d8:52:da:
a4:13:3a:89:71:96:1d:a7:9f:eb:41:e4:c4:cf:ab:a3:47:95:
3f:a7:69:82:a1:51:31:a6:37:11:e5:41:27:7c:fb:82:1b:e7:
6e:46:49:5c:16:4c:b3:86:7c:35:dc:c3:cf:95:e9:bd:ef:fa:
96:32:a9:cd:d7:43:c5:5b:f0:3d:e8:18:fb:17:48:1e:19:a7:
86:70:07:6b:a1:73:4f:b8:eb:6d:34:3a:82:42:52:2b:cb:89:
49:14:ec:e0:e9:01:c9:31:6c:0e:68:49:3b:7f:82:06:4b:52:
30:e8:84:4a:a4:76:86:cf:97:86:48:bd:c6:22:c3:d2:7a:44:
89:42:f8:76:4a:66:db:e6:2f:2c:39:1b:76:e1:8b:50:de:c2:
dc:84:76:88:94:82:95:84:fe:0b:d0:6a:06:b0:d8:6e:00:77:
f5:95:7c:dd:cd:01:62:94:8c:1e:89:78:ed:15:c1:95:de:67:
69:9b:91:b4:24:12:2d:3e:d3:a3:96:a5:d6:7d:4e:08:c9:3d:
e0:ce:39:18:ea:20:ae:1d:26:bc:36:e3:08:03:93:39:74:40:
38:0c:1e:aa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUD1q4J82HPvkjf0R+GqiLxa2Ne68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMDZaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1OGQ5MDFlMzU4MzBjYWM4Njc3NjkyZThhZjEzYjliYjcyY2U4NmM1ZDA1
YzAxZmU3NDE3NjQxZjU3YTMxYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMK9qZrC4uoxn8zH0FEAfF4IllIyyPLhZH1EYe7Xcwe6rxHIB3Y5Mk9ljno+
kzHqG/RTEQW1BDEZuG7W0Op3yuKEz+iuLAKLCdqprtcHBnF3cOPfCS3IEGb3ds2U
T7PT31wD8AeHmriETtZg1EZj3j8LOdG2iGTnoClyImuokL6XIWPze60f39Ps6vNh
oqe2O8nxJqn5XyFNa2caC8KtN5cJSkZjpgWKCQvCXlUUmg1/ni7Mc6zDsyTTr+vJ
BUSI9trkH7L6UYI4U/FzpHxgldx3BifFJ/BhJY5c+z2ijyOXE+K/9y3TEphqORO6
NPShfXEH/qEnZ8Xx6md8uAjzJnECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTY+EDY
AlfhfT/Fi8G5MI3HP81zujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4YTcwNzYtMGM3OC00YWE2LTljMWUtZGZlYjk0NzE4OWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfDAN
BgkqhkiG9w0BAQsFAAOCAQEASraCKeeNiz+5MdPRnozLX0OtMT+dH+aJDZ01UpG5
Xu3R2FLapBM6iXGWHaef60HkxM+ro0eVP6dpgqFRMaY3EeVBJ3z7ghvnbkZJXBZM
s4Z8NdzDz5Xpve/6ljKpzddDxVvwPegY+xdIHhmnhnAHa6FzT7jrbTQ6gkJSK8uJ
SRTs4OkByTFsDmhJO3+CBktSMOiESqR2hs+Xhki9xiLD0npEiUL4dkpm2+YvLDkb
duGLUN7C3IR2iJSClYT+C9BqBrDYbgB39ZV83c0BYpSMHol47RXBld5naZuRtCQS
LT7To5al1n1OCMk94M45GOogrh0mvDbjCAOTOXRAOAweqg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:33 2025 by rpki-client