Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
File: b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa (raw, json)
Hash identifier: SUYxpLbQF8ufyLCzFGrdu4nerWQxDl11Ai/3FJc9hqo=
Subject key identifier: 7A:BC:E6:A1:3D:9F:2D:33:CC:41:43:D8:29:41:A4:9D:A4:1A:89:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FE1B790121F401473B551C44EA8F667D76133BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
Signing time: Mon 28 Jul 2025 16:00:12 +0000
ROA not before: Mon 28 Jul 2025 16:00:12 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:e1:b7:90:12:1f:40:14:73:b5:51:c4:4e:a8:f6:67:d7:61:33:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:12 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=f811c2715cea6cdb4ff2dcb72b74ea39d75de2603f0e7ee600fa861b4aa9c81e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:21:bc:d0:71:65:f0:4d:ae:83:4b:dc:d3:30:
6d:12:63:ab:e0:83:4c:de:73:0d:98:bc:ff:6e:14:
62:1f:da:b2:d3:b1:d9:63:7a:f2:85:b3:00:33:94:
cd:ba:1b:88:62:ef:b8:d3:37:50:b0:57:95:ed:ec:
5a:5f:09:79:85:71:92:21:d9:de:b1:d5:60:cb:3f:
7f:bd:fb:9a:c4:3b:07:56:f7:a9:af:70:bf:8a:88:
e2:f1:be:17:a9:a3:e2:68:e2:4d:d4:a6:d9:48:cf:
68:5f:aa:e1:84:62:97:9b:ac:58:85:6c:1c:a8:c9:
43:cb:93:74:0a:53:8a:6f:c0:b3:08:29:e3:f5:b7:
d0:07:39:76:92:f9:d6:63:00:0f:d6:64:3a:a8:fd:
07:c8:80:87:51:38:94:20:fd:fc:d7:33:71:55:9f:
85:97:c2:ba:a2:8f:8f:c7:5e:13:df:04:aa:9e:26:
5d:44:d8:d8:6c:de:ba:4d:af:fe:e0:d0:4c:40:9b:
95:90:a9:60:10:a5:1e:e0:a7:a6:c8:c0:4c:04:9f:
d2:c0:4b:4a:00:f1:38:84:03:59:77:f8:61:59:d7:
e6:58:d4:b6:4b:15:6c:cb:9b:f7:e4:be:ca:8b:47:
7c:12:ff:00:95:c8:cc:60:40:87:6c:a2:6e:17:63:
de:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BC:E6:A1:3D:9F:2D:33:CC:41:43:D8:29:41:A4:9D:A4:1A:89:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c6:5d:c6:b2:90:10:56:ae:45:27:ee:0a:3b:ee:53:ad:27:8c:
ef:09:0f:ed:62:b8:26:a3:b3:37:7f:dd:cd:b7:7b:8a:a1:4a:
fb:9c:8c:a4:66:91:28:64:f9:cb:a8:d2:5e:a9:ad:4a:40:d4:
db:ab:89:3e:d0:2d:38:2a:15:49:05:47:07:f7:a7:7e:ca:69:
e6:dc:3b:43:be:1f:db:b7:1c:5b:bc:dc:d5:9d:47:c2:d4:e4:
fb:31:86:66:a3:24:5d:ef:32:b5:3a:a1:d0:69:d3:01:a4:f4:
f2:87:c6:ba:45:a7:01:6e:9d:66:22:69:2d:ba:2b:7c:45:c9:
1e:b8:91:e5:2e:69:14:8c:20:b5:ef:16:d2:f7:01:8a:20:38:
b2:7c:1d:a6:05:75:8b:bf:7e:cc:77:e0:2c:46:b6:bd:0a:be:
4e:c2:e6:86:19:29:03:65:08:f5:85:3b:f3:4e:cd:52:b0:e9:
18:16:c6:72:db:e6:cf:82:01:db:f6:6f:a1:53:b2:73:53:c5:
b1:19:48:a1:50:ac:64:bf:f5:97:13:5c:0c:4c:8e:9f:4d:be:
ea:d8:8d:9a:b6:5c:d6:df:c1:c9:3c:c1:7f:fb:60:d7:14:66:
1a:e8:31:b9:3f:ef:4d:3f:a0:fd:4d:85:fc:d0:43:ca:e9:53:
e8:0c:37:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP+G3kBIfQBRztVHETqj2Z9dhM7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMTJaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4MTFjMjcxNWNlYTZjZGI0ZmYyZGNiNzJiNzRlYTM5ZDc1ZGUyNjAzZjBl
N2VlNjAwZmE4NjFiNGFhOWM4MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIshvNBxZfBNroNL3NMwbRJjq+CDTN5zDZi8/24UYh/astOx2WN68oWzADOU
zbobiGLvuNM3ULBXle3sWl8JeYVxkiHZ3rHVYMs/f737msQ7B1b3qa9wv4qI4vG+
F6mj4mjiTdSm2UjPaF+q4YRil5usWIVsHKjJQ8uTdApTim/Aswgp4/W30Ac5dpL5
1mMAD9ZkOqj9B8iAh1E4lCD9/NczcVWfhZfCuqKPj8deE98Eqp4mXUTY2Gzeuk2v
/uDQTECblZCpYBClHuCnpsjATASf0sBLSgDxOIQDWXf4YVnX5ljUtksVbMub9+S+
yotHfBL/AJXIzGBAh2yibhdj3g0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR6vOah
PZ8tM8xBQ9gpQaSdpBqJfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmZjM5MmUtMDljMC00YjdjLWJkZDUtNWZiMTMxNmUzOThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAxl3GspAQVq5FJ+4KO+5TrSeM7wkP7WK4JqOzN3/d
zbd7iqFK+5yMpGaRKGT5y6jSXqmtSkDU26uJPtAtOCoVSQVHB/enfspp5tw7Q74f
27ccW7zc1Z1HwtTk+zGGZqMkXe8ytTqh0GnTAaT08ofGukWnAW6dZiJpLborfEXJ
HriR5S5pFIwgte8W0vcBiiA4snwdpgV1i79+zHfgLEa2vQq+TsLmhhkpA2UI9YU7
807NUrDpGBbGctvmz4IB2/ZvoVOyc1PFsRlIoVCsZL/1lxNcDEyOn02+6tiNmrZc
1t/ByTzBf/tg1xRmGugxuT/vTT+g/U2F/NBDyulT6Aw3lQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:54 2025 by rpki-client