Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
File: 9386a656-dfeb-4ebf-847d-bd931e09dd13.roa (raw, json)
Hash identifier: X86sxapfGMX0D0s3QGtB/28LrSt9vWGqqlR6e0BjZ9k=
Subject key identifier: 5F:1B:44:0E:2E:FB:A2:61:DC:78:78:D4:8D:F2:7F:3F:5E:55:B0:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F25BE271E61626311D3123ED6748F432AEB262B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
Signing time: Mon 16 Jun 2025 19:30:08 +0000
ROA not before: Mon 16 Jun 2025 19:30:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:25:be:27:1e:61:62:63:11:d3:12:3e:d6:74:8f:43:2a:eb:26:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:30:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=3a2269ffe5caa62dda4dd57ae3e5073fc0d75727be52d740445dc43af217700e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f6:cb:62:ae:5e:50:d7:16:cb:2c:1a:eb:de:
30:42:1b:63:34:83:98:aa:a0:5f:c0:a3:1f:12:77:
38:92:35:17:88:24:a7:4d:01:96:5c:5f:df:10:7e:
e2:6b:12:3b:4d:9d:3c:48:35:8c:ee:00:2e:7d:f8:
99:6d:ce:15:27:0a:da:bb:03:36:ba:3d:1f:93:43:
07:c1:bc:e1:78:f2:e5:db:22:a7:4b:13:5c:86:42:
30:f3:02:66:d1:bc:ed:f0:c3:bd:57:31:c5:61:9c:
3b:ad:b3:54:af:6a:13:fa:c9:57:34:b5:c9:30:fe:
67:de:c6:3f:70:a0:6f:e3:76:e7:5c:da:a6:03:47:
3b:e3:9e:a3:b5:1c:9c:96:8f:8b:18:79:7d:3e:86:
d8:26:3a:92:7a:04:b6:07:57:1c:b1:5e:73:27:3e:
22:7d:6b:9a:86:1b:16:5e:9e:b7:9c:ed:f9:7a:a3:
20:90:b1:02:bf:44:5d:c4:ee:a6:84:1b:b6:04:e5:
98:91:1e:37:2c:90:f5:cd:7c:71:70:76:73:b0:a1:
c6:6d:cf:35:e8:9a:c6:28:a0:6e:06:38:b4:43:83:
28:75:c1:50:57:5d:64:a9:2a:72:e0:7d:5a:47:1f:
4a:c7:35:85:e4:cc:0c:d2:4b:1f:a1:dd:f8:bd:dc:
c8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1B:44:0E:2E:FB:A2:61:DC:78:78:D4:8D:F2:7F:3F:5E:55:B0:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:9a:31:01:9b:fa:00:95:da:cc:62:fa:d7:05:3a:b6:a7:07:
3a:b1:fa:1e:49:e6:54:b2:6a:d3:17:d2:29:10:19:ed:5f:5f:
8a:98:50:9a:16:75:cf:4a:91:ff:dc:49:59:32:7c:28:25:08:
ed:2b:d2:fa:a9:34:0d:76:4c:5a:bb:36:93:99:50:64:de:5c:
a7:96:db:ee:b4:78:53:60:bb:57:1a:a5:2f:ac:ef:6d:16:f5:
91:76:6f:b1:e9:15:da:d1:9b:36:25:ef:d5:59:9f:c2:ca:1c:
91:c4:63:5e:34:d0:17:90:70:cd:2d:aa:c0:e9:69:06:f1:ac:
b5:95:4d:ac:13:5c:32:25:95:2a:20:ad:cc:25:a9:d3:c4:c5:
08:ee:e0:dc:fb:b1:75:03:7a:a0:00:ec:fa:f8:c3:70:25:d3:
67:f9:2b:59:c1:16:f3:5b:e0:6f:b4:9f:01:8b:e1:75:2c:97:
43:e8:86:ea:8d:bc:0e:94:4d:a3:63:af:32:e9:c8:d9:14:6d:
03:37:07:6e:3c:3f:3b:ff:4c:0e:3d:9d:d1:dc:ec:00:0f:11:
3a:87:3a:3d:85:5a:ea:f0:ba:0c:f8:31:a9:2a:bf:ff:b9:60:
31:3e:b2:2a:59:c7:0b:40:11:e9:e2:f0:4c:4e:10:97:d8:77:
3c:84:92:7a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULyW+Jx5hYmMR0xI+1nSPQyrrJiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTMwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhMjI2OWZmZTVjYWE2MmRkYTRkZDU3YWUzZTUwNzNmYzBkNzU3MjdiZTUy
ZDc0MDQ0NWRjNDNhZjIxNzcwMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMr2y2KuXlDXFsssGuveMEIbYzSDmKqgX8CjHxJ3OJI1F4gkp00Bllxf3xB+
4msSO02dPEg1jO4ALn34mW3OFScK2rsDNro9H5NDB8G84Xjy5dsip0sTXIZCMPMC
ZtG87fDDvVcxxWGcO62zVK9qE/rJVzS1yTD+Z97GP3Cgb+N251zapgNHO+Oeo7Uc
nJaPixh5fT6G2CY6knoEtgdXHLFecyc+In1rmoYbFl6et5zt+XqjIJCxAr9EXcTu
poQbtgTlmJEeNyyQ9c18cXB2c7Chxm3PNeiaxiigbgY4tEODKHXBUFddZKkqcuB9
WkcfSsc1heTMDNJLH6Hd+L3cyLsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRfG0QO
LvuiYdx4eNSN8n8/XlWw7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM4NmE2NTYtZGZlYi00ZWJmLTg0N2QtYmQ5MzFlMDlkZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAfZoxAZv6AJXazGL61wU6tqcHOrH6HknmVLJq0xfS
KRAZ7V9fiphQmhZ1z0qR/9xJWTJ8KCUI7SvS+qk0DXZMWrs2k5lQZN5cp5bb7rR4
U2C7VxqlL6zvbRb1kXZvsekV2tGbNiXv1VmfwsockcRjXjTQF5BwzS2qwOlpBvGs
tZVNrBNcMiWVKiCtzCWp08TFCO7g3PuxdQN6oADs+vjDcCXTZ/krWcEW81vgb7Sf
AYvhdSyXQ+iG6o28DpRNo2OvMunI2RRtAzcHbjw/O/9MDj2d0dzsAA8ROoc6PYVa
6vC6DPgxqSq//7lgMT6yKlnHC0AR6eLwTE4Ql9h3PISSeg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:50:02 2025 by rpki-client