Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
File: ea9f1f24-552b-49dd-a167-4872d5575c1d.roa (raw, json)
Hash identifier: 8AKrqpFLR2P5eF/Hi4fo6QyPBs3I4YR5rqM7abTB5Yw=
Subject key identifier: C5:9D:8F:F8:E7:8E:4F:D1:BF:24:83:74:99:C3:55:0D:89:70:C3:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BDB33E92EA89DB323069CF93A47817CCA988469
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
Signing time: Tue 20 May 2025 18:20:03 +0000
ROA not before: Tue 20 May 2025 18:20:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:db:33:e9:2e:a8:9d:b3:23:06:9c:f9:3a:47:81:7c:ca:98:84:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f28711fec8ef8fbd7d220fbdc0d71e882527d379190978148d49c3154ed8c890, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3c:b1:6e:ba:55:e3:0c:ee:df:63:23:77:a4:
72:a8:fe:dd:30:20:8d:89:cf:fc:5b:16:39:38:2a:
3a:db:e5:9e:82:30:dc:5f:8d:35:b4:29:2e:01:4a:
95:8f:56:e8:ea:72:65:fd:fe:44:f6:89:4b:14:07:
0b:ea:9a:3e:86:1f:6d:7f:2f:aa:12:80:8d:b5:1e:
ad:61:82:8f:b0:64:9a:5c:a5:67:52:8f:75:9b:35:
f6:9e:cd:c1:82:96:96:19:2d:02:65:a1:88:cd:df:
94:77:e3:41:53:14:ea:a1:75:d4:a1:0a:eb:57:aa:
49:2f:7e:d5:c8:5a:37:f3:fc:57:d3:b3:76:cf:ce:
92:dd:f0:e3:22:c2:c1:cc:65:8d:ca:9c:62:b9:83:
0c:e2:dd:b1:b0:5c:d2:aa:15:65:02:e6:2c:d9:e4:
b4:c6:b7:35:bf:dc:21:81:c9:34:44:81:cf:fd:e9:
6f:66:a7:32:c0:54:c7:f0:a5:66:eb:95:c1:d3:3c:
38:10:6d:ca:56:15:e5:e7:f5:f8:eb:9e:74:d9:4d:
f0:98:bf:39:52:44:b2:44:85:90:1a:68:49:bb:d3:
1a:dd:06:c4:77:98:57:84:65:de:d0:03:f2:85:14:
48:83:a0:98:bd:18:05:6a:9e:1d:c1:f3:18:4d:35:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9D:8F:F8:E7:8E:4F:D1:BF:24:83:74:99:C3:55:0D:89:70:C3:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.120.0/22
Signature Algorithm: sha256WithRSAEncryption
09:56:f7:66:c9:00:f2:80:d5:12:ce:39:d8:fa:e0:ad:75:9f:
9f:6b:36:2b:e6:e6:ab:85:48:52:85:ad:6f:7c:d3:49:7c:53:
46:1a:c0:70:2b:55:f9:0e:57:94:28:96:46:9d:e3:2f:c4:cd:
2c:9f:af:b8:1e:25:8a:96:dc:03:46:c7:bd:44:d4:5f:a0:a3:
4d:2b:d9:d1:4f:83:6c:04:cc:e3:b3:7a:3d:c0:9a:e3:6a:fb:
f9:94:e8:ad:ca:60:89:51:7c:4d:8f:ac:40:5b:62:a9:5b:1f:
c4:d4:02:5f:17:be:2a:08:3f:a9:41:9c:3d:51:57:05:69:19:
5d:42:fe:27:41:c4:91:24:58:93:f1:78:0a:03:c3:ed:a0:34:
9c:e1:31:35:36:0b:ba:83:10:06:ba:46:c0:10:20:42:58:90:
ae:15:65:a9:34:c0:fb:71:26:85:e2:14:24:6f:ca:5b:7d:53:
6e:39:39:7e:aa:aa:ae:f6:22:b1:6c:6e:a3:72:b6:9e:41:da:
4b:8a:f9:cf:be:9b:4c:ec:e8:13:da:0a:6a:91:45:85:81:a0:
b4:1d:29:76:af:6a:f0:55:42:eb:98:9d:ff:73:a0:c2:a4:e5:
91:3a:6f:b5:a6:a1:69:53:65:15:5b:79:4b:0d:30:44:60:f2:
f7:03:80:30
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC9sz6S6onbMjBpz5OkeBfMqYhGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyODcxMWZlYzhlZjhmYmQ3ZDIyMGZiZGMwZDcxZTg4MjUyN2QzNzkxOTA5
NzgxNDhkNDljMzE1NGVkOGM4OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKg8sW66VeMM7t9jI3ekcqj+3TAgjYnP/FsWOTgqOtvlnoIw3F+NNbQpLgFK
lY9W6OpyZf3+RPaJSxQHC+qaPoYfbX8vqhKAjbUerWGCj7BkmlylZ1KPdZs19p7N
wYKWlhktAmWhiM3flHfjQVMU6qF11KEK61eqSS9+1chaN/P8V9Ozds/Okt3w4yLC
wcxljcqcYrmDDOLdsbBc0qoVZQLmLNnktMa3Nb/cIYHJNESBz/3pb2anMsBUx/Cl
ZuuVwdM8OBBtylYV5ef1+OuedNlN8Ji/OVJEskSFkBpoSbvTGt0GxHeYV4Rl3tAD
8oUUSIOgmL0YBWqeHcHzGE01q0sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTFnY/4
545P0b8kg3SZw1UNiXDDqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE5ZjFmMjQtNTUyYi00OWRkLWExNjctNDg3MmQ1NTc1YzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgeDAN
BgkqhkiG9w0BAQsFAAOCAQEACVb3ZskA8oDVEs452PrgrXWfn2s2K+bmq4VIUoWt
b3zTSXxTRhrAcCtV+Q5XlCiWRp3jL8TNLJ+vuB4lipbcA0bHvUTUX6CjTSvZ0U+D
bATM47N6PcCa42r7+ZTorcpgiVF8TY+sQFtiqVsfxNQCXxe+Kgg/qUGcPVFXBWkZ
XUL+J0HEkSRYk/F4CgPD7aA0nOExNTYLuoMQBrpGwBAgQliQrhVlqTTA+3EmheIU
JG/KW31Tbjk5fqqqrvYisWxuo3K2nkHaS4r5z76bTOzoE9oKapFFhYGgtB0pdq9q
8FVC65id/3OgwqTlkTpvtaahaVNlFVt5Sw0wRGDy9wOAMA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:42 2025 by rpki-client