Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
File: 9386a656-dfeb-4ebf-847d-bd931e09dd13.roa (raw, json)
Hash identifier: IATFdDrShmsWMIuYSv6rLHq0OZAtMkd+zcNj94FWNPo=
Subject key identifier: 0D:48:77:C4:0C:73:6D:AF:07:F7:36:F4:3E:BF:18:CB:D9:98:F4:6D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EAF1C28ABDF2512999C7BF2B9EC4F7A2B94846B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
Signing time: Tue 20 May 2025 18:20:07 +0000
ROA not before: Tue 20 May 2025 18:20:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:af:1c:28:ab:df:25:12:99:9c:7b:f2:b9:ec:4f:7a:2b:94:84:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=46d817fb24850fc48089170420e91221742bb45d0116e2b514385dd358b369ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:40:87:67:77:bd:85:02:e6:68:3b:4e:64:df:
12:f7:23:99:89:16:16:d6:70:64:31:f8:97:1d:31:
58:52:9d:d5:2c:4f:3e:fc:ec:a8:15:4b:3d:f0:80:
d0:d3:7f:bf:86:b0:20:30:f2:85:6e:4c:b9:11:1b:
7a:73:a0:78:5f:2f:56:7d:c0:b3:c2:4c:77:ef:7f:
17:62:82:a9:b8:7d:87:71:6a:a0:93:34:4a:06:53:
6d:31:82:c1:4e:d8:7c:69:9f:af:48:ec:83:34:66:
08:64:24:5b:08:b5:25:e7:70:b0:55:02:c3:5e:95:
22:71:e8:aa:39:30:5f:bd:55:74:6d:8d:fa:2f:f0:
41:94:94:18:57:dc:7c:fd:54:c9:84:48:a0:32:09:
ab:5f:0a:9d:a9:6a:37:37:9e:53:e8:a3:5d:87:d5:
14:eb:2b:e3:30:b8:65:63:a7:77:7c:8f:f3:34:56:
26:4d:b9:21:a4:a4:73:62:3d:ff:8f:91:a7:9e:0b:
c7:d2:6a:09:78:be:2c:29:4c:7e:57:16:71:6a:c0:
3c:34:92:07:0f:7c:12:8a:9e:61:5e:71:3c:11:ec:
16:30:2a:c7:23:d4:2c:e8:38:cd:d6:41:1e:f0:8f:
60:d6:7c:7d:6d:8d:f8:67:64:6d:43:b6:ed:0d:13:
cd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:48:77:C4:0C:73:6D:AF:07:F7:36:F4:3E:BF:18:CB:D9:98:F4:6D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:7c:9e:32:d4:41:d6:65:e9:8e:fb:ad:cc:2e:6d:aa:b7:d8:
77:25:96:f1:09:c5:1c:69:e8:04:57:c8:a0:55:62:07:09:b7:
37:2e:96:fa:ad:8a:6c:03:81:50:3a:bb:09:f6:70:a9:00:25:
e3:9d:98:4a:a9:e6:13:98:e5:0e:99:81:96:7c:c8:c9:1c:d8:
6b:93:41:fc:3f:22:30:28:a5:82:f4:53:6f:42:21:b2:6a:5c:
12:60:6d:1f:04:77:8f:fe:ff:4c:4f:60:36:d4:a2:9a:58:a2:
79:3a:04:53:e1:32:10:87:35:a5:e7:8a:36:94:1a:20:27:19:
64:3b:bf:65:1c:ab:e7:64:a7:58:bb:c8:90:84:61:0f:a5:91:
a9:dd:41:96:8d:e7:dd:0e:d7:52:c9:3b:60:98:f4:1f:d3:70:
e3:b2:dd:ed:d6:43:43:c2:2f:b4:38:1c:6e:34:67:da:d4:61:
00:95:f8:cc:45:00:1d:5d:d7:37:2f:88:8e:79:29:38:6e:72:
2c:21:b7:43:3c:04:33:e6:f6:6d:11:af:cb:42:f5:31:63:e4:
1b:72:ac:a0:6d:af:06:5e:3e:d4:a7:2c:49:2c:ad:75:2d:84:
cb:4c:20:f0:2d:04:8b:50:61:61:2f:12:f6:93:df:12:c1:ea:
e1:c9:e6:a4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXq8cKKvfJRKZnHvyuexPeiuUhGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ZDgxN2ZiMjQ4NTBmYzQ4MDg5MTcwNDIwZTkxMjIxNzQyYmI0NWQwMTE2
ZTJiNTE0Mzg1ZGQzNThiMzY5YWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5Ah2d3vYUC5mg7TmTfEvcjmYkWFtZwZDH4lx0xWFKd1SxPPvzsqBVLPfCA
0NN/v4awIDDyhW5MuREbenOgeF8vVn3As8JMd+9/F2KCqbh9h3FqoJM0SgZTbTGC
wU7YfGmfr0jsgzRmCGQkWwi1JedwsFUCw16VInHoqjkwX71VdG2N+i/wQZSUGFfc
fP1UyYRIoDIJq18KnalqNzeeU+ijXYfVFOsr4zC4ZWOnd3yP8zRWJk25IaSkc2I9
/4+Rp54Lx9JqCXi+LClMflcWcWrAPDSSBw98EoqeYV5xPBHsFjAqxyPULOg4zdZB
HvCPYNZ8fW2N+GdkbUO27Q0Tzd8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQNSHfE
DHNtrwf3NvQ+vxjL2Zj0bTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM4NmE2NTYtZGZlYi00ZWJmLTg0N2QtYmQ5MzFlMDlkZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEArnyeMtRB1mXpjvutzC5tqrfYdyWW8QnFHGnoBFfI
oFViBwm3Ny6W+q2KbAOBUDq7CfZwqQAl452YSqnmE5jlDpmBlnzIyRzYa5NB/D8i
MCilgvRTb0IhsmpcEmBtHwR3j/7/TE9gNtSimliieToEU+EyEIc1peeKNpQaICcZ
ZDu/ZRyr52SnWLvIkIRhD6WRqd1Blo3n3Q7XUsk7YJj0H9Nw47Ld7dZDQ8IvtDgc
bjRn2tRhAJX4zEUAHV3XNy+IjnkpOG5yLCG3QzwEM+b2bRGvy0L1MWPkG3KsoG2v
Bl4+1KcsSSytdS2Ey0wg8C0Ei1BhYS8S9pPfEsHq4cnmpA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:55 2025 by rpki-client