Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
File: 9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa (raw, json)
Hash identifier: rQu3n3rRPe7OR07gDi82vfGcqduA9nQci+lMFeCwaeU=
Subject key identifier: EE:DB:42:EC:7B:8D:8D:00:08:1F:FC:1D:8C:E6:20:1E:56:CC:3A:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 325E29ED9271D701FECB7C1D678DF46CC3682292
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
Signing time: Fri 11 Jul 2025 18:40:32 +0000
ROA not before: Fri 11 Jul 2025 18:40:32 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:5e:29:ed:92:71:d7:01:fe:cb:7c:1d:67:8d:f4:6c:c3:68:22:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:32 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3a58b6503ea09b058b2a75beec74e232d6675677826e2bf565db37103a2119e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:21:62:23:68:f2:e0:51:7d:e2:c7:e6:05:cf:
6d:65:d9:a3:31:09:ca:f6:1b:ca:7a:09:c1:ce:de:
d0:ce:03:0a:28:30:89:e3:2e:0b:87:d9:4e:c3:be:
28:71:8a:65:24:55:fc:31:af:51:ef:06:9d:31:48:
c3:d6:c4:80:86:be:36:76:e3:2f:08:3b:aa:65:e6:
fe:25:4a:12:01:07:28:2b:3b:84:26:d5:72:7d:e1:
bf:d3:8b:64:1d:5f:32:83:e1:f2:8c:af:0d:26:66:
22:62:9f:89:9e:f6:7a:db:cb:de:e8:58:8b:0f:fb:
4b:e3:82:d7:54:9c:27:ca:5f:d9:b7:02:a8:7f:9c:
ab:54:ee:d0:7f:eb:8e:5e:f4:b2:7c:75:29:15:a5:
f7:bc:84:74:e6:f2:a9:e4:74:55:f4:40:0d:4a:86:
75:42:8b:0d:42:7d:af:52:cf:23:7a:2c:63:0a:51:
91:b1:8e:8b:c0:b0:c9:51:1c:38:bf:b0:ad:88:d8:
98:5a:dc:04:82:d5:6a:cb:05:7e:70:2a:42:4f:e8:
b3:b0:db:30:c9:9a:61:5e:95:45:88:84:c4:79:f8:
a4:62:6f:31:45:c9:2f:ef:24:61:0f:44:dd:49:35:
6f:18:ac:7a:6f:b2:e7:a6:24:78:77:7f:ba:53:78:
23:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DB:42:EC:7B:8D:8D:00:08:1F:FC:1D:8C:E6:20:1E:56:CC:3A:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9eecfa6d-eb1b-4f11-9ed3-450a21abdc1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.104.0/21
Signature Algorithm: sha256WithRSAEncryption
b2:cd:b3:2d:eb:85:22:63:ae:41:66:e5:18:37:5e:92:9d:0e:
f2:fb:c7:ac:15:af:4e:78:14:0b:52:19:03:41:1a:2b:00:1f:
f3:0d:09:ec:b0:23:d6:de:ff:65:7a:28:b6:b0:f5:22:17:70:
d4:06:39:3d:9a:d1:f2:6b:df:fb:33:3d:b1:97:ad:11:12:06:
89:d1:a6:0d:90:f7:11:2d:27:eb:d2:a6:e6:01:b4:b9:0f:a4:
8c:bb:45:ac:ba:1d:1c:59:bf:6d:fb:28:a3:c1:69:35:ee:4b:
99:a2:fc:63:6c:ea:03:e2:ac:0d:82:2a:10:3a:bb:cb:da:ca:
9e:52:f8:ed:a0:8f:5e:dd:4f:7d:bf:ca:d1:17:5c:e0:06:9e:
8c:36:77:60:99:4a:f5:cf:56:a1:a5:23:94:01:bb:62:ea:ce:
b7:25:60:7a:ac:2e:56:d4:56:7e:3b:59:20:66:75:a2:d7:33:
ed:04:d6:65:f2:79:94:8c:1e:4a:7a:0d:4b:64:cd:15:aa:eb:
fb:43:90:d5:24:21:f5:25:8c:b3:85:f6:fe:12:b3:9a:65:76:
09:c5:5b:42:f2:c1:5f:76:39:ff:12:f4:c3:86:da:e5:6c:cc:
c5:ef:ef:84:63:c2:bd:f0:13:03:7a:a1:f1:96:17:11:90:78:
87:6d:1b:13
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMl4p7ZJx1wH+y3wdZ430bMNoIpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMzJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhNThiNjUwM2VhMDliMDU4YjJhNzViZWVjNzRlMjMyZDY2NzU2Nzc4MjZl
MmJmNTY1ZGIzNzEwM2EyMTE5ZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkhYiNo8uBRfeLH5gXPbWXZozEJyvYbynoJwc7e0M4DCigwieMuC4fZTsO+
KHGKZSRV/DGvUe8GnTFIw9bEgIa+NnbjLwg7qmXm/iVKEgEHKCs7hCbVcn3hv9OL
ZB1fMoPh8oyvDSZmImKfiZ72etvL3uhYiw/7S+OC11ScJ8pf2bcCqH+cq1Tu0H/r
jl70snx1KRWl97yEdObyqeR0VfRADUqGdUKLDUJ9r1LPI3osYwpRkbGOi8CwyVEc
OL+wrYjYmFrcBILVassFfnAqQk/os7DbMMmaYV6VRYiExHn4pGJvMUXJL+8kYQ9E
3Uk1bxisem+y56YkeHd/ulN4I+8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTu20Ls
e42NAAgf/B2M5iAeVsw6STAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVlY2ZhNmQtZWIxYi00ZjExLTllZDMtNDUwYTIxYWJkYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgaDAN
BgkqhkiG9w0BAQsFAAOCAQEAss2zLeuFImOuQWblGDdekp0O8vvHrBWvTngUC1IZ
A0EaKwAf8w0J7LAj1t7/ZXootrD1Ihdw1AY5PZrR8mvf+zM9sZetERIGidGmDZD3
ES0n69Km5gG0uQ+kjLtFrLodHFm/bfsoo8FpNe5LmaL8Y2zqA+KsDYIqEDq7y9rK
nlL47aCPXt1Pfb/K0Rdc4AaejDZ3YJlK9c9WoaUjlAG7YurOtyVgeqwuVtRWfjtZ
IGZ1otcz7QTWZfJ5lIweSnoNS2TNFarr+0OQ1SQh9SWMs4X2/hKzmmV2CcVbQvLB
X3Y5/xL0w4ba5WzMxe/vhGPCvfATA3qh8ZYXEZB4h20bEw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:54 2025 by rpki-client