Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
File: b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa (raw, json)
Hash identifier: 6UtDGSakoTBvTJQBP8vsU4+iRUn0ymUVQpngSvaWG4M=
Subject key identifier: 76:39:62:F5:4C:B2:CB:F0:78:4B:46:11:DD:34:37:CA:D0:23:03:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41DF735EBB1CF3C6E6A654CD62AAE89D11CEF2FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
Signing time: Fri 06 Jun 2025 15:00:09 +0000
ROA not before: Fri 06 Jun 2025 15:00:09 +0000
ROA not after: Fri 11 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:df:73:5e:bb:1c:f3:c6:e6:a6:54:cd:62:aa:e8:9d:11:ce:f2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 6 15:00:09 2025 GMT
Not After : Jul 11 23:59:59 2025 GMT
Subject: serialNumber=a1aab2d8759274686338ab2bd6d0620f80f48a6e31eae8fb5d3dd20b7a9da12a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:03:a6:aa:22:b8:cb:f4:73:69:49:28:8b:97:
a2:d2:a5:60:2c:ba:da:a6:a3:7c:ad:18:e1:e0:61:
ed:5d:4c:86:ba:ee:5b:39:d1:4d:38:d3:7c:90:39:
bd:ab:b6:87:fa:d5:62:40:73:d7:e9:67:da:4c:28:
f1:e2:17:b3:83:e9:ed:77:32:fb:94:22:65:53:aa:
6c:84:ef:a7:29:1f:6c:b5:fe:db:90:73:b5:d8:45:
cc:02:61:97:95:3c:79:15:55:2b:48:bf:8f:cf:55:
9a:69:7b:e6:2c:51:2f:52:65:ad:1f:29:50:d0:7e:
93:1b:c3:51:e2:5a:20:72:79:79:92:2f:53:43:a8:
25:1e:79:1c:17:35:18:93:03:b7:10:d8:00:1f:91:
6d:1c:37:b3:0d:2b:e2:16:39:fd:92:b2:6f:1a:fb:
a4:ae:90:e7:2b:24:47:db:57:b6:d7:61:a6:9e:d9:
c6:5f:67:71:4b:61:cb:6f:8a:34:47:43:8b:9d:3b:
60:68:c5:29:dd:c6:07:d2:1c:a4:24:10:bd:56:1f:
a4:8a:41:46:c8:59:99:aa:b1:62:fd:f3:e8:fb:02:
32:52:aa:62:a4:be:46:03:42:d0:52:bc:1a:5d:b1:
6a:de:e1:e6:71:d0:67:e7:e8:a3:ab:75:92:e8:80:
df:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:39:62:F5:4C:B2:CB:F0:78:4B:46:11:DD:34:37:CA:D0:23:03:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
46:95:25:bd:ce:e2:b2:1f:e9:5f:73:99:95:a4:8b:c2:bb:0d:
77:f9:e3:30:60:4c:c3:08:d8:1c:ac:5d:08:ce:7c:e5:fd:f1:
e9:30:9c:75:0e:48:2a:d7:45:9c:b9:9c:19:d6:81:e4:e1:8c:
41:38:21:78:c1:f8:ad:b4:62:4a:7a:e3:0a:30:af:24:2e:88:
be:da:34:3b:cc:6f:43:ce:bb:73:ca:79:62:d8:8f:e1:85:07:
72:b6:2b:25:e8:0c:e4:a7:82:87:23:3b:dc:ad:bb:0a:d1:e6:
02:05:6e:ff:bd:17:69:67:a9:ab:c7:f7:a2:22:a0:67:25:2b:
a2:99:45:4a:90:d4:61:1d:20:37:7d:21:7b:93:1c:c8:7f:13:
0f:83:8c:66:c9:29:bb:e9:24:19:9b:84:8d:02:5b:92:ac:d8:
bc:32:80:d1:25:b5:f3:d9:b7:51:38:97:47:30:e1:5a:e0:a9:
3a:c2:ef:3e:da:ab:41:6a:f8:89:53:0f:e7:50:9b:f6:60:92:
a1:5b:06:a8:27:49:ef:1a:35:87:f4:89:05:fe:94:49:7c:2c:
aa:7d:a9:9d:46:af:67:a9:95:2e:21:6b:2f:5c:fb:17:f5:82:
e4:e3:f4:62:00:a3:6f:15:41:c2:6a:01:8e:b4:ae:2c:8c:4f:
05:c0:91:94
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQd9zXrsc88bmplTNYqronRHO8vswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDYxNTAwMDlaFw0yNTA3MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYWFiMmQ4NzU5Mjc0Njg2MzM4YWIyYmQ2ZDA2MjBmODBmNDhhNmUzMWVh
ZThmYjVkM2RkMjBiN2E5ZGExMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYDpqoiuMv0c2lJKIuXotKlYCy62qajfK0Y4eBh7V1MhrruWznRTTjTfJA5
vau2h/rVYkBz1+ln2kwo8eIXs4Pp7Xcy+5QiZVOqbITvpykfbLX+25BztdhFzAJh
l5U8eRVVK0i/j89Vmml75ixRL1JlrR8pUNB+kxvDUeJaIHJ5eZIvU0OoJR55HBc1
GJMDtxDYAB+RbRw3sw0r4hY5/ZKybxr7pK6Q5yskR9tXttdhpp7Zxl9ncUthy2+K
NEdDi507YGjFKd3GB9IcpCQQvVYfpIpBRshZmaqxYv3z6PsCMlKqYqS+RgNC0FK8
Gl2xat7h5nHQZ+foo6t1kuiA37sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR2OWL1
TLLL8HhLRhHdNDfK0CMDaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmZjM5MmUtMDljMC00YjdjLWJkZDUtNWZiMTMxNmUzOThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEARpUlvc7ish/pX3OZlaSLwrsNd/njMGBMwwjYHKxd
CM585f3x6TCcdQ5IKtdFnLmcGdaB5OGMQTgheMH4rbRiSnrjCjCvJC6Ivto0O8xv
Q867c8p5YtiP4YUHcrYrJegM5KeChyM73K27CtHmAgVu/70XaWepq8f3oiKgZyUr
oplFSpDUYR0gN30he5McyH8TD4OMZskpu+kkGZuEjQJbkqzYvDKA0SW189m3UTiX
RzDhWuCpOsLvPtqrQWr4iVMP51Cb9mCSoVsGqCdJ7xo1h/SJBf6USXwsqn2pnUav
Z6mVLiFrL1z7F/WC5OP0YgCjbxVBwmoBjrSuLIxPBcCRlA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:25 2025 by rpki-client