Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: /cfaHQ0OUoQYq4IyZHBu9Lf5KyfCwVuEXj8LxqsHh0o=
Subject key identifier: 63:F8:E0:11:BA:1E:CE:60:A9:FB:99:95:52:A7:34:83:0E:90:A4:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 350DFB96E13709CD1B5EBD11EDCAF1951EF812FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Tue 20 May 2025 18:20:06 +0000
ROA not before: Tue 20 May 2025 18:20:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:0d:fb:96:e1:37:09:cd:1b:5e:bd:11:ed:ca:f1:95:1e:f8:12:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4554086021f6993d8d968b3f872fb4cb136aefcf6aa2aa109d7805dfe0b5d67c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5c:29:58:25:ff:dd:69:db:12:f5:89:97:86:
5c:4e:6a:50:02:ff:c2:ca:b0:61:f2:2b:58:b1:ab:
0c:5d:85:cf:bf:89:73:b6:db:9c:5d:25:7c:b4:bd:
a7:e5:c6:01:94:42:0c:2f:64:8f:a9:0e:f6:07:b0:
62:fc:9f:4b:92:2d:c6:96:c9:be:a1:1e:12:a0:22:
82:ba:a6:4c:44:5c:b7:c4:92:dd:dc:31:be:55:1a:
65:7b:06:64:95:65:10:d0:60:c6:bf:db:32:93:8f:
fe:16:b3:16:d6:98:eb:a7:6f:78:9e:cb:69:64:0e:
3b:a5:5f:06:41:5d:a6:04:94:03:ed:16:30:4f:7f:
20:e5:a7:b9:2d:ee:ff:37:61:07:c0:07:67:76:fc:
2f:32:41:0a:38:a6:51:11:26:d8:d2:8f:80:2a:f8:
3a:27:bb:68:87:0b:a8:d7:d0:fb:f2:a1:68:0b:b5:
a9:56:c2:b0:bd:ac:bb:7d:1e:30:23:02:f1:98:10:
99:c7:7a:43:ef:1f:dc:f8:b4:94:44:6d:c5:55:53:
75:ab:53:45:dd:f3:b8:28:d0:24:4c:01:4a:a2:4f:
0d:6a:59:c9:23:73:cc:59:d3:34:11:c9:8a:0c:22:
00:f3:f9:54:8e:df:92:7f:03:73:0f:51:4b:72:67:
1d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F8:E0:11:BA:1E:CE:60:A9:FB:99:95:52:A7:34:83:0E:90:A4:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:67:1b:50:ec:f2:5d:81:99:3b:31:fe:96:cc:42:da:a0:43:
eb:23:56:5c:b0:38:67:9a:05:11:af:f6:cc:a6:da:4c:b7:2f:
58:f1:1e:95:a1:0e:3f:86:74:64:52:a4:e8:85:a0:b4:0d:55:
0b:7f:ce:47:04:5a:2d:2a:bd:d3:78:61:82:c9:f6:bd:9d:a3:
0e:de:cc:35:32:a6:fc:e0:cd:77:25:85:15:06:e3:88:68:dd:
e0:e3:f7:ce:9d:3b:9a:82:69:b8:43:b9:97:bb:b4:88:6d:f7:
cf:ee:83:8f:16:f9:23:5e:61:d3:9a:61:0c:ff:d3:8d:b3:18:
c7:9b:65:17:c8:b4:15:a4:3b:13:ca:2c:2f:7a:ee:c1:f7:20:
d1:60:98:61:e1:0b:23:bc:d2:b6:8f:f2:36:92:81:67:03:ab:
a1:a0:97:fb:45:93:21:a2:a9:36:3c:61:d1:0d:3b:63:7a:dc:
e5:16:6c:45:dd:c2:87:6c:b0:e5:3b:9b:03:ce:a4:f5:da:f4:
66:a3:95:25:3b:77:5b:12:f3:80:a5:46:61:8d:b5:7b:18:23:
81:0b:e8:51:cb:4c:4a:76:f6:f5:5e:94:57:b4:a2:ee:40:97:
fe:70:97:23:97:98:04:4d:0b:1e:c8:45:9f:5d:23:e5:7a:2d:
7e:9a:c6:81
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNQ37luE3Cc0bXr0R7crxlR74EvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1NTQwODYwMjFmNjk5M2Q4ZDk2OGIzZjg3MmZiNGNiMTM2YWVmY2Y2YWEy
YWExMDlkNzgwNWRmZTBiNWQ2N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZcKVgl/91p2xL1iZeGXE5qUAL/wsqwYfIrWLGrDF2Fz7+Jc7bbnF0lfLS9
p+XGAZRCDC9kj6kO9gewYvyfS5ItxpbJvqEeEqAigrqmTERct8SS3dwxvlUaZXsG
ZJVlENBgxr/bMpOP/hazFtaY66dveJ7LaWQOO6VfBkFdpgSUA+0WME9/IOWnuS3u
/zdhB8AHZ3b8LzJBCjimUREm2NKPgCr4Oie7aIcLqNfQ+/KhaAu1qVbCsL2su30e
MCMC8ZgQmcd6Q+8f3Pi0lERtxVVTdatTRd3zuCjQJEwBSqJPDWpZySNzzFnTNBHJ
igwiAPP5VI7fkn8Dcw9RS3JnHU8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRj+OAR
uh7OYKn7mZVSpzSDDpCk4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAimcbUOzyXYGZOzH+lsxC2qBD6yNWXLA4Z5oFEa/2
zKbaTLcvWPEelaEOP4Z0ZFKk6IWgtA1VC3/ORwRaLSq903hhgsn2vZ2jDt7MNTKm
/ODNdyWFFQbjiGjd4OP3zp07moJpuEO5l7u0iG33z+6Djxb5I15h05phDP/TjbMY
x5tlF8i0FaQ7E8osL3ruwfcg0WCYYeELI7zSto/yNpKBZwOroaCX+0WTIaKpNjxh
0Q07Y3rc5RZsRd3Ch2yw5TubA86k9dr0ZqOVJTt3WxLzgKVGYY21exgjgQvoUctM
Snb29V6UV7Si7kCX/nCXI5eYBE0LHshFn10j5XotfprGgQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:22 2025 by rpki-client