Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
File: 27619839-e7af-4103-a7dd-056323333518.roa (raw, json)
Hash identifier: oiTMTg8Db0hbgdJQmZP6E5tncXoUruAoDLJiaSTblh0=
Subject key identifier: 68:10:56:79:4C:76:2C:62:F6:DC:A3:DD:81:89:5D:AD:D8:BF:B8:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C75356D274629742FD7B4DF82B78319C4F49F24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
Signing time: Fri 22 Aug 2025 15:00:14 +0000
ROA not before: Fri 22 Aug 2025 15:00:14 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:75:35:6d:27:46:29:74:2f:d7:b4:df:82:b7:83:19:c4:f4:9f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:14 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=f8978620650eb00fa8daf81ba218bafcb76b202b8596c18aea117b35d240b212, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:34:55:d9:42:a1:70:7c:0e:d8:15:94:e3:76:
ca:4d:b8:13:6d:76:46:99:b6:e7:34:d5:69:8f:31:
c1:09:3a:bd:e8:9e:cb:3d:f1:69:9f:35:e2:9b:b2:
c5:b3:d4:9c:2b:50:4d:32:c5:80:89:3f:13:1c:5b:
e3:68:1b:14:b5:0a:ca:80:06:f3:6e:ed:f3:e0:f9:
37:61:c5:f8:51:5a:e0:6f:5c:61:ca:45:62:41:6e:
42:eb:e1:5c:ff:cc:ec:74:29:b7:b8:43:f5:8d:ff:
a7:9e:a5:1a:5b:8f:4f:19:04:be:fb:d4:4c:e0:25:
f2:db:43:f1:1c:1d:9d:5c:39:9d:28:58:54:86:05:
99:b3:c1:d3:c0:2f:44:62:7f:7d:df:a3:04:7a:60:
07:a9:0e:c6:7f:6f:a3:54:ca:2b:71:83:13:b5:92:
00:33:f7:11:db:57:4d:85:ff:00:57:3f:57:6a:4a:
da:ef:26:92:71:5a:7c:6c:6a:72:82:3a:49:66:30:
98:14:7b:fc:52:42:bf:e7:d6:49:d7:96:59:b0:1f:
3a:e5:31:c5:6c:f3:df:74:04:56:fc:f1:8a:7e:09:
75:dc:62:3f:23:7d:90:39:89:1c:4d:bc:77:83:de:
df:64:6f:2b:9d:1f:47:3a:6e:de:b1:5d:a0:e6:2b:
25:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:10:56:79:4C:76:2C:62:F6:DC:A3:DD:81:89:5D:AD:D8:BF:B8:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27619839-e7af-4103-a7dd-056323333518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.88.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:c2:2c:ed:d1:1f:4b:96:49:16:17:b4:4f:9c:a2:46:56:ae:
cd:54:57:1f:f4:84:74:77:57:88:b3:91:c5:93:9b:f7:d5:e3:
98:91:ad:f0:c2:3c:75:cc:09:64:5d:cd:59:98:9b:89:e2:77:
ab:83:34:be:00:a2:05:df:44:ea:ac:23:78:ee:c6:1d:f4:a4:
2f:7a:6d:a2:25:22:d6:a3:07:3c:c0:2a:29:52:a3:ed:13:28:
8a:e8:ea:59:86:29:08:ac:7e:86:5a:5e:34:b7:dc:e0:9a:67:
16:ba:3e:c6:36:f4:53:58:45:b3:c7:b3:16:df:24:75:e0:a1:
b8:f8:54:c8:db:9a:f5:c5:34:33:1a:f0:fb:9b:1b:6e:02:3f:
b2:9e:ba:21:ed:91:9e:28:8f:b5:ce:89:8d:86:53:2c:34:ed:
b8:e0:09:3e:c2:9e:72:d7:eb:a1:06:60:e6:c0:b1:1a:ff:d6:
73:3e:18:43:e4:7e:0e:ce:0d:85:8a:67:1c:f8:48:61:14:5d:
68:76:91:6c:85:4a:f4:0b:5e:17:d7:35:52:f9:30:2f:56:d0:
ee:f6:f6:46:57:29:9e:09:46:74:ea:61:3b:e5:42:1f:1c:de:
68:61:d7:a0:44:b1:5b:87:7f:7d:a5:bc:18:81:3d:34:6d:36:
af:7b:15:9a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbHU1bSdGKXQv17TfgreDGcT0nyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMTRaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4OTc4NjIwNjUwZWIwMGZhOGRhZjgxYmEyMThiYWZjYjc2YjIwMmI4NTk2
YzE4YWVhMTE3YjM1ZDI0MGIyMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ00VdlCoXB8DtgVlON2yk24E212Rpm25zTVaY8xwQk6veieyz3xaZ814puy
xbPUnCtQTTLFgIk/Exxb42gbFLUKyoAG827t8+D5N2HF+FFa4G9cYcpFYkFuQuvh
XP/M7HQpt7hD9Y3/p56lGluPTxkEvvvUTOAl8ttD8RwdnVw5nShYVIYFmbPB08Av
RGJ/fd+jBHpgB6kOxn9vo1TKK3GDE7WSADP3EdtXTYX/AFc/V2pK2u8mknFafGxq
coI6SWYwmBR7/FJCv+fWSdeWWbAfOuUxxWzz33QEVvzxin4JddxiPyN9kDmJHE28
d4Pe32RvK50fRzpu3rFdoOYrJccCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRoEFZ5
THYsYvbco92BiV2t2L+4hzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc2MTk4MzktZTdhZi00MTAzLWE3ZGQtMDU2MzIzMzMzNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgWDAN
BgkqhkiG9w0BAQsFAAOCAQEAbsIs7dEfS5ZJFhe0T5yiRlauzVRXH/SEdHdXiLOR
xZOb99XjmJGt8MI8dcwJZF3NWZibieJ3q4M0vgCiBd9E6qwjeO7GHfSkL3ptoiUi
1qMHPMAqKVKj7RMoiujqWYYpCKx+hlpeNLfc4JpnFro+xjb0U1hFs8ezFt8kdeCh
uPhUyNua9cU0Mxrw+5sbbgI/sp66Ie2RniiPtc6JjYZTLDTtuOAJPsKectfroQZg
5sCxGv/Wcz4YQ+R+Ds4NhYpnHPhIYRRdaHaRbIVK9AteF9c1UvkwL1bQ7vb2Rlcp
nglGdOphO+VCHxzeaGHXoESxW4d/faW8GIE9NG02r3sVmg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:16:51 2025 by rpki-client