Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
File: 9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa (raw, json)
Hash identifier: yKoggIfbPzqdaHraBKAEfuk8TxlCyC5Q99WZ/AxAUxs=
Subject key identifier: 79:20:AD:5D:1A:A5:15:BD:2F:6E:4B:13:A4:AA:46:E2:8D:3D:6C:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7814B2BFC271EB85013FB5F4C782AFC6A0CAC8BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
Signing time: Fri 06 Jun 2025 15:00:12 +0000
ROA not before: Fri 06 Jun 2025 15:00:12 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:14:b2:bf:c2:71:eb:85:01:3f:b5:f4:c7:82:af:c6:a0:ca:c8:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:12 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=05318716d6fe34ef568d45e3e8855f580200cceda3dce8638b2ad1343b897820, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7c:da:1b:c5:22:ae:aa:ad:a5:15:6f:18:45:
cc:db:ac:b4:cf:18:9d:1f:a3:e8:19:08:26:7a:98:
d3:5b:e4:d7:1d:29:ef:09:9f:7d:d0:45:6b:b7:1f:
fe:0c:83:60:3b:5e:c3:ea:ea:b6:fa:35:32:9a:ff:
00:0c:00:d9:a7:4e:0a:b6:0a:c7:23:f9:49:a3:81:
c9:00:a9:6d:d0:bd:89:2a:e4:dc:ff:b2:28:e8:2f:
24:07:fa:b1:ae:57:81:bb:ee:51:1c:5d:28:10:19:
fb:b5:00:c9:85:30:5b:86:bf:1c:28:ef:27:29:08:
b9:79:8c:db:8a:58:e5:79:64:58:5b:ed:ab:65:a8:
4a:1d:a0:f9:11:e7:96:0a:3c:d7:89:5d:65:ee:92:
37:d4:c0:4a:77:3d:b9:92:58:57:c1:a7:d0:9a:f5:
00:fa:19:cd:9a:28:1d:a6:39:d6:07:bd:47:42:16:
a9:5d:e0:29:cf:95:0c:8f:d6:81:37:ce:6c:95:81:
c0:07:53:ea:29:3b:20:d3:3f:d3:df:11:e9:e5:e5:
55:ff:2c:1b:b2:c9:50:0f:ad:68:98:61:dc:5c:41:
25:bf:c4:95:aa:c8:75:17:d2:37:ad:35:d7:c1:77:
5f:47:a2:fc:7e:92:1d:97:05:a9:28:bd:f4:35:90:
cc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:20:AD:5D:1A:A5:15:BD:2F:6E:4B:13:A4:AA:46:E2:8D:3D:6C:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/20
Signature Algorithm: sha256WithRSAEncryption
88:92:89:4d:54:e2:d4:7a:eb:07:4a:90:8b:ed:79:0f:40:14:
ca:07:aa:4a:1d:f1:62:90:3a:cc:0c:2d:59:fd:a4:38:e5:46:
12:36:73:60:de:5b:2d:f5:cd:12:3f:8c:49:5c:b6:eb:9f:ac:
ac:fa:49:93:f3:1c:f7:8b:7a:eb:8f:c3:ea:fb:e0:88:6e:90:
0a:47:c5:11:44:8e:00:47:b6:6d:0e:4c:72:61:d6:43:80:39:
72:4f:c5:62:82:20:df:03:1a:22:47:e3:8c:0e:d2:25:6d:78:
61:07:1d:86:cc:33:ac:71:3d:67:a8:2b:c0:de:11:9f:55:52:
2a:d7:7e:1e:d8:92:ae:18:c9:a6:d6:07:ba:83:34:9c:3f:cd:
b3:c7:b8:9e:b2:b0:e3:83:11:a3:f3:16:ed:ea:fa:24:e2:ff:
70:bf:8b:dc:74:5d:21:0b:0f:ec:07:be:36:4e:c6:f5:f4:b8:
9b:ba:29:ad:29:ac:ac:7c:45:cf:92:d1:e9:ae:4f:a7:f9:77:
c0:c0:d6:12:77:68:df:16:e6:51:26:f1:50:cd:96:bc:3a:40:
db:90:07:30:89:e9:f6:50:57:d9:cf:e0:68:d7:80:d0:d9:85:
dd:ab:d8:0d:3a:48:6b:22:68:21:02:e2:8d:7f:e7:85:eb:26:
34:41:f2:10
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeBSyv8Jx64UBP7X0x4KvxqDKyLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMTJaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MzE4NzE2ZDZmZTM0ZWY1NjhkNDVlM2U4ODU1ZjU4MDIwMGNjZWRhM2Rj
ZTg2MzhiMmFkMTM0M2I4OTc4MjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANd82hvFIq6qraUVbxhFzNustM8YnR+j6BkIJnqY01vk1x0p7wmffdBFa7cf
/gyDYDtew+rqtvo1Mpr/AAwA2adOCrYKxyP5SaOByQCpbdC9iSrk3P+yKOgvJAf6
sa5XgbvuURxdKBAZ+7UAyYUwW4a/HCjvJykIuXmM24pY5XlkWFvtq2WoSh2g+RHn
lgo814ldZe6SN9TASnc9uZJYV8Gn0Jr1APoZzZooHaY51ge9R0IWqV3gKc+VDI/W
gTfObJWBwAdT6ik7INM/098R6eXlVf8sG7LJUA+taJhh3FxBJb/ElarIdRfSN601
18F3X0ei/H6SHZcFqSi99DWQzF0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR5IK1d
GqUVvS9uSxOkqkbijT1sijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5NzI4NWYtZGRiZS00NTI1LWFjNjItYTk2ZDJmYmI1Y2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAiJKJTVTi1HrrB0qQi+15D0AUygeqSh3xYpA6zAwt
Wf2kOOVGEjZzYN5bLfXNEj+MSVy265+srPpJk/Mc94t664/D6vvgiG6QCkfFEUSO
AEe2bQ5McmHWQ4A5ck/FYoIg3wMaIkfjjA7SJW14YQcdhswzrHE9Z6grwN4Rn1VS
Ktd+HtiSrhjJptYHuoM0nD/Ns8e4nrKw44MRo/MW7er6JOL/cL+L3HRdIQsP7Ae+
Nk7G9fS4m7oprSmsrHxFz5LR6a5Pp/l3wMDWEndo3xbmUSbxUM2WvDpA25AHMInp
9lBX2c/gaNeA0NmF3avYDTpIayJoIQLijX/nhesmNEHyEA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:22 2025 by rpki-client