Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
File: ea9f1f24-552b-49dd-a167-4872d5575c1d.roa (raw, json)
Hash identifier: GWrF0OIztFb1QvJKAPjQ6mU+1umOHQCwOa53JaOrMPA=
Subject key identifier: 5C:72:24:92:DB:3B:85:1A:AE:DC:8A:80:8B:AA:A3:DA:1D:CF:77:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76245C089A985A0B7E9FFE4F54F77795C56E4CE6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
Signing time: Fri 11 Jul 2025 18:40:30 +0000
ROA not before: Fri 11 Jul 2025 18:40:30 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:24:5c:08:9a:98:5a:0b:7e:9f:fe:4f:54:f7:77:95:c5:6e:4c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:30 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=aeead833894da03a31cf2ef15735491408fd8727042dd7ca0ff738f713d5cda4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:36:af:07:b2:ff:00:45:da:d8:d6:83:3f:69:
e0:33:2e:fb:91:8d:19:ac:f3:b7:5f:29:88:28:9d:
14:c9:06:c9:2d:16:a3:53:94:2c:a7:38:fa:8a:c9:
a0:ec:bf:a5:9f:49:59:e8:b9:b1:7d:c4:cd:a2:43:
07:60:73:14:06:81:b7:c9:7c:fe:16:f6:4a:23:39:
35:30:c4:4e:2a:03:34:cf:84:a6:bb:68:83:b4:02:
b0:f1:20:01:46:3f:20:53:ec:cc:e1:f1:58:3b:68:
0e:24:bb:3a:cd:07:3a:ce:e0:03:b3:3e:1e:33:ab:
b6:e7:cb:fa:42:50:2f:12:92:f5:44:3a:19:40:20:
14:ff:16:25:dd:8f:ab:77:52:47:bd:70:89:cf:89:
f5:37:ce:9f:6a:da:06:10:99:ca:dc:df:b1:4e:31:
d1:73:1e:84:ce:fb:86:ab:e6:98:95:f9:eb:3a:24:
ec:73:3e:a1:47:1c:06:92:c5:4d:04:0d:2b:1a:e4:
bb:5c:b6:58:05:34:7b:a5:43:68:dd:6d:40:73:ca:
69:88:c6:93:3a:96:7d:08:27:fa:42:0e:e7:8f:6d:
15:2a:c0:2f:ad:12:43:7d:33:fc:94:5b:ed:99:b9:
4f:49:2b:fb:5b:15:ae:33:52:fb:e7:b1:fb:01:3e:
cf:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:72:24:92:DB:3B:85:1A:AE:DC:8A:80:8B:AA:A3:DA:1D:CF:77:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea9f1f24-552b-49dd-a167-4872d5575c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.120.0/22
Signature Algorithm: sha256WithRSAEncryption
87:e7:44:70:02:da:61:1c:a6:c0:ec:92:9d:6f:84:ed:37:59:
3e:89:62:45:d8:0b:8f:b8:b9:73:b0:7b:ba:5d:1b:99:6d:3a:
51:ea:09:98:c9:82:68:af:42:e9:3d:e2:21:e4:69:d8:5d:5b:
23:7d:8b:e8:cf:72:5b:8e:51:35:75:5b:96:9f:76:44:e9:0c:
3a:06:c2:12:9f:1a:e2:ff:35:4b:0e:62:29:5e:af:29:4e:b0:
9a:4e:0c:dc:46:45:5c:0e:38:6d:ee:02:e7:f8:6c:cb:96:70:
32:e6:58:23:23:d1:b8:66:fe:fd:6d:f0:a5:de:62:af:74:2d:
4f:a4:57:e2:f1:e9:51:45:70:e4:69:38:d3:ca:18:68:8f:17:
da:5a:32:77:ab:12:4b:5e:45:65:25:d3:4f:bf:06:d6:68:13:
c5:06:db:1d:0a:f5:65:9d:13:48:68:b7:f1:52:09:bf:21:3a:
de:58:de:04:2a:ae:cd:a5:12:48:02:f7:50:35:db:63:cd:2b:
1d:aa:fe:ae:41:11:c1:69:e4:7a:0c:19:f3:c5:e3:f8:4c:2d:
15:b6:7a:16:e3:b5:88:30:ec:5a:76:da:29:27:45:d5:9b:39:
76:35:43:b9:27:25:87:39:78:16:b9:31:22:3f:85:9e:7e:02:
0f:1e:b2:2a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdiRcCJqYWgt+n/5PVPd3lcVuTOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMzBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZWFkODMzODk0ZGEwM2EzMWNmMmVmMTU3MzU0OTE0MDhmZDg3MjcwNDJk
ZDdjYTBmZjczOGY3MTNkNWNkYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM42rwey/wBF2tjWgz9p4DMu+5GNGazzt18piCidFMkGyS0Wo1OULKc4+orJ
oOy/pZ9JWei5sX3EzaJDB2BzFAaBt8l8/hb2SiM5NTDETioDNM+Eprtog7QCsPEg
AUY/IFPszOHxWDtoDiS7Os0HOs7gA7M+HjOrtufL+kJQLxKS9UQ6GUAgFP8WJd2P
q3dSR71wic+J9TfOn2raBhCZytzfsU4x0XMehM77hqvmmJX56zok7HM+oUccBpLF
TQQNKxrku1y2WAU0e6VDaN1tQHPKaYjGkzqWfQgn+kIO549tFSrAL60SQ30z/JRb
7Zm5T0kr+1sVrjNS++ex+wE+z0UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRcciSS
2zuFGq7cioCLqqPaHc93VzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWE5ZjFmMjQtNTUyYi00OWRkLWExNjctNDg3MmQ1NTc1YzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgeDAN
BgkqhkiG9w0BAQsFAAOCAQEAh+dEcALaYRymwOySnW+E7TdZPoliRdgLj7i5c7B7
ul0bmW06UeoJmMmCaK9C6T3iIeRp2F1bI32L6M9yW45RNXVblp92ROkMOgbCEp8a
4v81Sw5iKV6vKU6wmk4M3EZFXA44be4C5/hsy5ZwMuZYIyPRuGb+/W3wpd5ir3Qt
T6RX4vHpUUVw5Gk408oYaI8X2loyd6sSS15FZSXTT78G1mgTxQbbHQr1ZZ0TSGi3
8VIJvyE63ljeBCquzaUSSAL3UDXbY80rHar+rkERwWnkegwZ88Xj+EwtFbZ6FuO1
iDDsWnbaKSdF1Zs5djVDuSclhzl4FrkxIj+Fnn4CDx6yKg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:58 2025 by rpki-client