Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
File: 9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa (raw, json)
Hash identifier: HC5TfNuEloU5wrVUgHdCpjABayEGCn3OVLVjcF9yB4I=
Subject key identifier: 3A:71:9D:1A:CB:AC:6D:D2:5F:2E:9B:A9:A9:AF:6D:27:71:DF:EE:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CA60E0CD8ADD58494206CD7C3CE70F9F2228176
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
Signing time: Mon 28 Jul 2025 16:00:15 +0000
ROA not before: Mon 28 Jul 2025 16:00:15 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:a6:0e:0c:d8:ad:d5:84:94:20:6c:d7:c3:ce:70:f9:f2:22:81:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:15 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=16b085ac66030068643f5fc57d49d10a0aed0f4b0b2f09765d5694a2a2abfa3f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c7:2f:94:65:e8:d0:56:ea:d0:33:70:a6:55:
39:18:0c:1a:46:4a:b3:f6:85:d6:16:5e:1e:38:71:
ff:21:35:6d:2a:2c:b3:b1:9d:94:b7:1b:90:e6:fc:
89:da:ee:77:f5:55:0b:63:44:02:f3:32:23:24:09:
2c:0d:5f:ae:ca:9f:18:c4:a0:bc:91:79:23:1c:6d:
e4:84:ac:af:00:54:bb:42:97:db:cf:ec:6e:0e:13:
14:92:b6:1a:bf:a6:5b:8c:76:e7:28:01:7f:7a:7d:
cb:b6:7f:88:36:ff:ef:36:38:01:ad:b8:76:ea:f1:
6b:66:3a:17:6e:a7:e8:5f:94:87:e5:3d:be:04:e7:
cd:34:cd:90:f6:ad:f1:76:40:b5:20:ce:79:76:01:
3f:ad:1d:36:a2:c7:ff:8c:82:61:00:0d:9a:9a:01:
6e:04:78:3d:8c:bb:87:91:af:ed:34:29:c1:5a:91:
11:9d:c1:b4:e4:f6:80:d5:f4:6c:7b:68:47:60:6b:
83:09:a9:7a:cf:e6:c1:04:47:2b:c6:61:54:9c:1f:
94:d6:09:b8:9f:1c:cf:cf:d0:a5:a4:59:21:cc:2d:
f0:ac:66:75:ec:67:9b:2b:60:4a:85:d6:49:a0:80:
d6:b6:2f:b3:0b:91:58:a4:53:f1:32:46:13:9d:22:
aa:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:71:9D:1A:CB:AC:6D:D2:5F:2E:9B:A9:A9:AF:6D:27:71:DF:EE:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9397285f-ddbe-4525-ac62-a96d2fbb5cd9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/20
Signature Algorithm: sha256WithRSAEncryption
82:70:22:b1:be:92:1e:b5:dd:e5:f6:59:f0:f6:82:36:eb:34:
df:9e:3c:e0:c9:41:77:58:b0:57:20:39:8d:12:4e:61:86:19:
ea:35:b5:c8:25:75:a9:25:bc:9e:16:29:ef:e0:03:a8:63:db:
97:48:23:11:76:f6:23:e1:ca:c6:87:6f:d1:f6:62:83:ae:8c:
06:38:d3:1e:28:52:be:ea:ed:a0:a2:3f:eb:8e:a5:76:59:4c:
10:97:d4:7a:42:62:99:ee:85:c5:98:ef:02:99:c7:a2:fe:8a:
36:28:9e:0f:34:31:01:6d:51:13:b3:ad:f9:6e:2b:b4:69:d7:
22:83:9a:bf:55:76:a3:c3:e7:5b:a5:06:ec:93:97:ac:78:f5:
90:26:62:99:49:15:a6:ce:ba:a5:cc:7f:66:99:dc:85:75:fd:
45:20:89:80:1c:9d:8b:c4:1f:a0:9c:33:f2:a2:66:d7:e1:ad:
8d:e1:9b:b2:20:3b:02:2e:7d:0a:0d:0d:d6:55:0e:a7:2b:83:
be:c3:36:0d:00:cf:88:76:c8:1e:b0:bc:4c:f8:82:45:bf:64:
b2:26:ff:5c:82:34:13:f9:f7:d8:47:d9:e8:64:1a:32:4b:ce:
d8:47:c0:42:e6:1f:1b:0f:9f:59:91:7a:a2:4e:02:04:e0:dc:
57:1d:aa:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULKYODNit1YSUIGzXw85w+fIigXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMTVaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2YjA4NWFjNjYwMzAwNjg2NDNmNWZjNTdkNDlkMTBhMGFlZDBmNGIwYjJm
MDk3NjVkNTY5NGEyYTJhYmZhM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7HL5Rl6NBW6tAzcKZVORgMGkZKs/aF1hZeHjhx/yE1bSoss7GdlLcbkOb8
idrud/VVC2NEAvMyIyQJLA1frsqfGMSgvJF5Ixxt5ISsrwBUu0KX28/sbg4TFJK2
Gr+mW4x25ygBf3p9y7Z/iDb/7zY4Aa24durxa2Y6F26n6F+Uh+U9vgTnzTTNkPat
8XZAtSDOeXYBP60dNqLH/4yCYQANmpoBbgR4PYy7h5Gv7TQpwVqREZ3BtOT2gNX0
bHtoR2Brgwmpes/mwQRHK8ZhVJwflNYJuJ8cz8/QpaRZIcwt8KxmdexnmytgSoXW
SaCA1rYvswuRWKRT8TJGE50iqlUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ6cZ0a
y6xt0l8um6mpr20ncd/uITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5NzI4NWYtZGRiZS00NTI1LWFjNjItYTk2ZDJmYmI1Y2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAgnAisb6SHrXd5fZZ8PaCNus035484MlBd1iwVyA5
jRJOYYYZ6jW1yCV1qSW8nhYp7+ADqGPbl0gjEXb2I+HKxodv0fZig66MBjjTHihS
vurtoKI/646ldllMEJfUekJime6FxZjvApnHov6KNiieDzQxAW1RE7Ot+W4rtGnX
IoOav1V2o8PnW6UG7JOXrHj1kCZimUkVps66pcx/ZpnchXX9RSCJgBydi8QfoJwz
8qJm1+GtjeGbsiA7Ai59Cg0N1lUOpyuDvsM2DQDPiHbIHrC8TPiCRb9ksib/XII0
E/n32EfZ6GQaMkvO2EfAQuYfGw+fWZF6ok4CBODcVx2qtw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:02 2025 by rpki-client