Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json)
Hash identifier: ZtiuhDCnZS8ABHzThyRqkvLXCIwiHXeP5cfWvPWfdQQ=
Subject key identifier: D7:60:59:92:F7:5C:88:E5:29:B0:17:BB:AE:86:1F:A6:71:67:1E:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B8135A9810EDBFDB40883C686F0740FFB1B6F2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
Signing time: Mon 28 Jul 2025 16:00:14 +0000
ROA not before: Mon 28 Jul 2025 16:00:14 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:81:35:a9:81:0e:db:fd:b4:08:83:c6:86:f0:74:0f:fb:1b:6f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:14 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=f2d6f2f577aca402b51f3840e7412e024ecb46c4b91ead4d6b18220711015b38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:20:90:86:42:d3:59:70:ab:d9:7a:0b:ce:53:
f0:40:b8:92:e1:e8:df:af:e3:ec:d1:97:04:52:0f:
d1:38:f7:b8:33:ff:b5:be:cf:75:e2:e7:bf:49:23:
ff:b6:6f:08:1b:eb:9a:1d:ae:a4:05:64:70:7c:01:
26:59:e9:98:87:55:94:23:12:d5:69:6a:b1:94:58:
0d:94:ea:2f:dd:f3:88:b7:a8:6e:c3:11:af:41:2e:
30:d6:90:31:77:84:13:6a:3f:62:e1:85:66:51:3b:
16:bd:cc:95:7a:10:c5:2c:31:42:64:9d:ce:fc:59:
7a:5f:1c:31:0e:84:d2:a1:fd:ad:36:3e:cb:17:69:
ff:76:11:82:16:99:81:13:d1:11:7a:aa:4a:75:3f:
c9:78:c5:ef:6e:b8:35:f6:78:6c:86:a0:eb:71:83:
91:fd:af:6f:1c:dc:07:61:ba:94:27:b0:7f:76:fa:
25:8b:2c:1c:af:49:52:61:8c:d6:97:55:95:26:7e:
44:88:50:24:0d:2e:69:b2:f1:09:1d:4c:96:e9:8f:
60:cc:56:14:2e:bd:79:21:cd:b0:0c:e8:1a:3a:39:
5c:37:7c:82:0e:c9:2c:45:af:c6:bf:d4:8c:5e:c4:
a2:48:bb:7a:73:3c:fd:20:5d:98:29:0d:91:76:f1:
78:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:60:59:92:F7:5C:88:E5:29:B0:17:BB:AE:86:1F:A6:71:67:1E:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.88.0/21
Signature Algorithm: sha256WithRSAEncryption
38:16:3a:ba:15:c9:15:5e:b3:ca:61:7f:b8:81:a8:de:a9:8a:
0e:3c:2d:9d:2d:6e:6b:2f:61:07:9c:6e:68:11:16:6d:bd:b6:
36:13:08:f3:db:bc:dd:cb:e5:f7:93:f5:d8:02:55:a8:e1:f9:
dd:de:a2:3c:63:90:68:75:ba:01:47:06:39:c0:e3:a1:85:52:
dd:9d:fc:8a:63:f9:d2:3d:85:b8:de:c2:a7:8c:70:fa:11:b5:
2d:95:d9:47:ea:fc:fc:8b:ad:f3:1c:ee:1e:a7:b8:79:2c:d6:
82:f9:0d:69:58:f2:e5:df:01:ae:ea:a5:85:c3:3d:6e:18:b0:
45:62:dd:64:c7:1a:9b:85:b5:ee:a1:18:09:d5:37:e5:6d:8c:
bf:4d:9e:97:e5:d9:1e:7b:ee:95:31:7b:c3:3a:63:da:26:85:
03:5d:8f:a7:f9:12:65:52:b1:52:bc:00:c6:da:f1:ff:11:b4:
ce:8d:03:79:1d:84:dd:fc:60:b4:a8:cf:85:ec:c9:4e:0d:cb:
51:24:c7:c8:fa:e6:a8:07:5f:99:28:10:4a:4f:28:65:ea:8c:
3b:1d:13:14:fd:61:3c:0d:fe:f0:fa:24:75:0c:9c:0a:da:53:
61:98:73:c8:ae:f5:db:77:24:57:94:bd:ed:8a:75:34:dc:5a:
12:cd:83:47
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC4E1qYEO2/20CIPGhvB0D/sbby4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMTRaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyZDZmMmY1NzdhY2E0MDJiNTFmMzg0MGU3NDEyZTAyNGVjYjQ2YzRiOTFl
YWQ0ZDZiMTgyMjA3MTEwMTViMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUgkIZC01lwq9l6C85T8EC4kuHo36/j7NGXBFIP0Tj3uDP/tb7PdeLnv0kj
/7ZvCBvrmh2upAVkcHwBJlnpmIdVlCMS1WlqsZRYDZTqL93ziLeobsMRr0EuMNaQ
MXeEE2o/YuGFZlE7Fr3MlXoQxSwxQmSdzvxZel8cMQ6E0qH9rTY+yxdp/3YRghaZ
gRPREXqqSnU/yXjF7264NfZ4bIag63GDkf2vbxzcB2G6lCewf3b6JYssHK9JUmGM
1pdVlSZ+RIhQJA0uabLxCR1MlumPYMxWFC69eSHNsAzoGjo5XDd8gg7JLEWvxr/U
jF7Eoki7enM8/SBdmCkNkXbxeFsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTXYFmS
91yI5SmwF7uuhh+mcWceMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN
BgkqhkiG9w0BAQsFAAOCAQEAOBY6uhXJFV6zymF/uIGo3qmKDjwtnS1uay9hB5xu
aBEWbb22NhMI89u83cvl95P12AJVqOH53d6iPGOQaHW6AUcGOcDjoYVS3Z38imP5
0j2FuN7Cp4xw+hG1LZXZR+r8/Iut8xzuHqe4eSzWgvkNaVjy5d8BruqlhcM9bhiw
RWLdZMcam4W17qEYCdU35W2Mv02el+XZHnvulTF7wzpj2iaFA12Pp/kSZVKxUrwA
xtrx/xG0zo0DeR2E3fxgtKjPhezJTg3LUSTHyPrmqAdfmSgQSk8oZeqMOx0TFP1h
PA3+8PokdQycCtpTYZhzyK7123ckV5S97Yp1NNxaEs2DRw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:00:42 2025 by rpki-client