Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
File: 1172536b-2edc-4ffb-9fca-b111f3d038a9.roa (raw, json)
Hash identifier: +VrFSSM2WQ0sSFN9zFX+Cx4gS2FI4mr5H2Hb9Q/ZLEs=
Subject key identifier: 63:DC:AE:CC:24:AD:20:CB:5F:B0:E8:BE:D6:EB:E9:81:8A:BC:40:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BDD6A9348C65E580627FE4D2AF1B2C2CB923B8F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
Signing time: Tue 05 Aug 2025 18:40:07 +0000
ROA not before: Tue 05 Aug 2025 18:40:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:dd:6a:93:48:c6:5e:58:06:27:fe:4d:2a:f1:b2:c2:cb:92:3b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=6c2778b5cd189cce4c19b8051f7bdbf3ddb97a2a433b767d8860ea3bf9327b24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a0:3d:42:5a:bf:fa:2b:4d:f5:ac:67:d8:53:
b1:a8:96:26:98:a1:11:2f:4a:11:2c:9a:82:f0:13:
96:47:8e:bf:1e:4a:ac:1f:83:bd:6d:40:a8:bd:2c:
62:f0:28:de:c0:da:97:a5:3e:60:a2:08:88:88:f7:
04:04:1c:69:58:2e:ff:fa:10:06:38:a6:c2:d4:30:
97:9e:df:fc:bd:d6:44:53:9f:e7:46:83:fa:0e:7f:
4c:59:1f:98:db:d6:83:e9:12:32:69:68:e8:aa:fd:
0e:68:6a:ea:32:0d:5f:68:e5:84:b0:ba:a0:75:4b:
04:af:c0:d4:40:0a:e7:37:f1:f4:d3:00:e3:2e:3a:
45:52:f5:2f:6c:e9:51:6e:97:69:dd:be:3a:ac:2f:
95:4c:8b:28:fd:22:a0:82:75:ae:ca:48:14:a4:b5:
f1:ae:2b:70:04:3e:17:b2:21:24:e1:f0:c4:bb:98:
33:cc:c0:df:ea:e0:c9:4c:ad:fb:90:a3:ee:cb:36:
68:df:46:86:c9:e2:16:36:62:62:86:c2:0f:15:8e:
c1:37:5f:77:79:e4:74:f4:98:be:48:6b:f3:0d:be:
0e:f8:a7:ea:aa:23:f7:2f:6a:f5:75:c3:97:20:db:
2d:e4:bc:7b:56:64:4a:73:7e:71:bc:8e:53:78:ee:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DC:AE:CC:24:AD:20:CB:5F:B0:E8:BE:D6:EB:E9:81:8A:BC:40:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.112.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:25:45:b6:e9:96:2d:bb:af:1e:70:4d:4c:ee:fb:3f:66:91:
a7:6a:58:32:c1:4e:20:03:7e:6a:a9:b7:53:b2:08:fd:4b:b5:
6b:55:26:34:b1:53:65:d8:02:7d:6b:d5:24:ef:07:40:2b:2a:
07:99:d1:9a:7b:0f:59:4b:51:23:e0:3c:11:0a:72:5e:97:cd:
83:c1:05:60:bc:19:cf:9d:16:9d:fe:64:cb:eb:fc:29:6e:9b:
a8:4b:db:5b:7d:cd:c0:b3:36:26:47:c6:da:95:9b:64:70:12:
68:a5:e0:d8:93:d6:30:34:fe:c3:52:9e:56:1e:45:25:ed:95:
70:96:fd:d1:7a:43:71:ee:aa:d6:29:c0:c5:c7:bc:67:dd:c3:
e7:7a:c8:63:66:e5:0f:5a:09:9b:82:64:63:96:0f:4b:9b:fd:
8e:99:fc:2a:d4:57:c4:31:6a:47:19:ba:95:29:4d:24:da:f2:
bc:cc:10:65:d7:e9:0f:79:94:16:b9:a3:78:45:c4:39:80:6e:
5b:87:7a:11:14:64:d8:79:b1:bc:3a:03:fc:94:c4:dc:56:e6:
16:a5:11:93:9f:c6:8a:f7:c0:b9:b5:82:b8:95:6e:8b:d7:47:
14:c7:d4:ec:73:51:5f:db:4c:c3:7b:2e:61:91:1d:31:07:aa:
1a:05:c5:aa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW91qk0jGXlgGJ/5NKvGywsuSO48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjMjc3OGI1Y2QxODljY2U0YzE5YjgwNTFmN2JkYmYzZGRiOTdhMmE0MzNi
NzY3ZDg4NjBlYTNiZjkzMjdiMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOgPUJav/orTfWsZ9hTsaiWJpihES9KESyagvATlkeOvx5KrB+DvW1AqL0s
YvAo3sDal6U+YKIIiIj3BAQcaVgu//oQBjimwtQwl57f/L3WRFOf50aD+g5/TFkf
mNvWg+kSMmlo6Kr9Dmhq6jINX2jlhLC6oHVLBK/A1EAK5zfx9NMA4y46RVL1L2zp
UW6Xad2+OqwvlUyLKP0ioIJ1rspIFKS18a4rcAQ+F7IhJOHwxLuYM8zA3+rgyUyt
+5Cj7ss2aN9GhsniFjZiYobCDxWOwTdfd3nkdPSYvkhr8w2+Dvin6qoj9y9q9XXD
lyDbLeS8e1ZkSnN+cbyOU3juy5UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRj3K7M
JK0gy1+w6L7W6+mBirxApzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3MjUzNmItMmVkYy00ZmZiLTlmY2EtYjExMWYzZDAzOGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgcDAN
BgkqhkiG9w0BAQsFAAOCAQEAniVFtumWLbuvHnBNTO77P2aRp2pYMsFOIAN+aqm3
U7II/Uu1a1UmNLFTZdgCfWvVJO8HQCsqB5nRmnsPWUtRI+A8EQpyXpfNg8EFYLwZ
z50Wnf5ky+v8KW6bqEvbW33NwLM2JkfG2pWbZHASaKXg2JPWMDT+w1KeVh5FJe2V
cJb90XpDce6q1inAxce8Z93D53rIY2blD1oJm4JkY5YPS5v9jpn8KtRXxDFqRxm6
lSlNJNryvMwQZdfpD3mUFrmjeEXEOYBuW4d6ERRk2HmxvDoD/JTE3FbmFqURk5/G
ivfAubWCuJVui9dHFMfU7HNRX9tMw3suYZEdMQeqGgXFqg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:22 2025 by rpki-client