Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
File: 9386a656-dfeb-4ebf-847d-bd931e09dd13.roa (raw, json)
Hash identifier: 1iYsq4roxN2EyMqsv2RtKbve6GtJqlrY3jSK1JFE2Cw=
Subject key identifier: 4E:C6:E9:34:CA:DB:9F:60:F8:4A:8D:F7:46:83:C7:FF:2E:59:82:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51E81E3E0C60176D7145CD42BECBEC5509EBFC63
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
Signing time: Tue 05 Aug 2025 18:40:09 +0000
ROA not before: Tue 05 Aug 2025 18:40:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:e8:1e:3e:0c:60:17:6d:71:45:cd:42:be:cb:ec:55:09:eb:fc:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=09af721e49e40f4ba6bf5f1f98981d949136cfa770b67d7054e15afba6e6f174, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1a:b2:98:8b:4d:63:f3:c9:22:05:90:1e:b8:
65:37:8c:59:76:18:65:a7:e1:e5:9f:18:d6:5a:6d:
2a:38:d6:1d:6b:96:98:23:5a:a7:d5:07:3d:b0:16:
d0:4d:56:44:75:73:ed:48:a5:16:3b:c6:93:e6:24:
6f:82:6f:02:29:64:85:5b:c7:e4:e2:46:2c:c8:b4:
ca:8b:1d:3f:79:28:23:df:b2:91:b6:86:6d:99:ce:
20:e2:d1:2b:f6:aa:0e:97:1d:27:e8:93:f3:d2:67:
b8:98:9a:74:37:cc:49:ee:e8:cb:76:56:52:e1:ef:
cc:d5:9d:43:25:e5:14:ad:ca:e1:b1:dc:b5:98:f2:
67:cc:a1:42:26:1a:16:c3:1d:7f:2c:da:71:c5:70:
5e:91:a6:12:22:56:3b:6f:ee:a1:ff:14:28:b7:27:
bb:08:4d:10:b9:00:92:64:20:59:d2:d9:43:f3:27:
1d:2c:2f:27:d8:c3:78:2c:33:f0:d9:d6:f6:ab:f1:
a9:50:ad:65:04:a2:a0:f0:f4:24:59:08:09:2e:84:
e2:33:f8:24:42:f2:22:e7:95:b1:75:f1:c4:a7:ed:
1d:7b:c2:eb:67:0a:2d:c6:90:c7:39:da:34:22:f2:
de:ca:81:0d:b8:2a:aa:d3:94:2d:69:4b:d7:eb:6d:
95:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C6:E9:34:CA:DB:9F:60:F8:4A:8D:F7:46:83:C7:FF:2E:59:82:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9386a656-dfeb-4ebf-847d-bd931e09dd13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
80:92:50:f2:34:6d:75:f5:e6:f5:0d:ca:e7:35:7a:12:3d:4b:
f2:68:62:86:7d:e9:ca:8b:e4:0a:eb:81:f2:ee:6f:e2:46:0a:
b0:33:24:cc:0b:46:14:16:be:50:a9:8c:e2:6b:a7:d1:fb:1b:
31:53:69:54:64:5c:5f:27:64:f6:38:5a:75:86:17:eb:08:e0:
4c:68:c1:68:ec:68:9d:54:9a:8b:4f:3f:1d:ae:ce:11:4b:7a:
4a:6f:41:6a:d5:94:4e:df:e1:4c:0f:00:9b:ff:9c:09:65:d9:
ca:e9:a2:80:1e:dd:be:28:8e:4c:28:14:43:cf:3b:15:bf:34:
70:c9:0d:c4:f0:f0:29:f6:00:69:fa:a5:73:39:89:e9:62:d6:
14:3c:9f:0f:b7:f7:f3:c2:a7:67:c9:0c:b8:da:4d:a3:26:3c:
9a:13:e2:5d:6e:7e:1b:35:50:b5:d6:56:a7:5e:32:b7:01:fa:
13:5e:4b:16:cd:21:0d:2f:7b:91:55:ef:da:d3:c2:e6:9d:e1:
01:6e:09:10:0b:1e:d9:f0:5e:76:dd:15:ee:45:b7:aa:00:3d:
8b:5b:c6:0c:0f:17:72:bd:26:42:27:ae:78:02:4d:6c:06:45:
93:1a:36:31:3a:3d:50:12:24:fa:71:ae:63:a8:c8:6d:bd:fa:
ed:97:e4:af
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUegePgxgF21xRc1CvsvsVQnr/GMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5YWY3MjFlNDllNDBmNGJhNmJmNWYxZjk4OTgxZDk0OTEzNmNmYTc3MGI2
N2Q3MDU0ZTE1YWZiYTZlNmYxNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkaspiLTWPzySIFkB64ZTeMWXYYZafh5Z8Y1lptKjjWHWuWmCNap9UHPbAW
0E1WRHVz7UilFjvGk+Ykb4JvAilkhVvH5OJGLMi0yosdP3koI9+ykbaGbZnOIOLR
K/aqDpcdJ+iT89JnuJiadDfMSe7oy3ZWUuHvzNWdQyXlFK3K4bHctZjyZ8yhQiYa
FsMdfyzaccVwXpGmEiJWO2/uof8UKLcnuwhNELkAkmQgWdLZQ/MnHSwvJ9jDeCwz
8NnW9qvxqVCtZQSioPD0JFkICS6E4jP4JELyIueVsXXxxKftHXvC62cKLcaQxzna
NCLy3sqBDbgqqtOULWlL1+ttlU8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBROxuk0
ytufYPhKjfdGg8f/LlmC3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM4NmE2NTYtZGZlYi00ZWJmLTg0N2QtYmQ5MzFlMDlkZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAgJJQ8jRtdfXm9Q3K5zV6Ej1L8mhihn3pyovkCuuB
8u5v4kYKsDMkzAtGFBa+UKmM4mun0fsbMVNpVGRcXydk9jhadYYX6wjgTGjBaOxo
nVSai08/Ha7OEUt6Sm9BatWUTt/hTA8Am/+cCWXZyumigB7dviiOTCgUQ887Fb80
cMkNxPDwKfYAafqlczmJ6WLWFDyfD7f388KnZ8kMuNpNoyY8mhPiXW5+GzVQtdZW
p14ytwH6E15LFs0hDS97kVXv2tPC5p3hAW4JEAse2fBedt0V7kW3qgA9i1vGDA8X
cr0mQieueAJNbAZFkxo2MTo9UBIk+nGuY6jIbb367Zfkrw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:22 2025 by rpki-client