Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
File: b2928b95-2f30-4b39-bb79-f70b43a46278.roa (raw, json)
Hash identifier: ToSh5tZY9HHfUMd6NmCHAmc/+e8LIivJcsiiVqme6gw=
Subject key identifier: B7:59:4D:62:14:74:A2:9B:23:25:B9:AC:BF:D9:F5:D4:67:98:D6:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37973D16C347C91997C8A4B2AABD80B6AB2AB9D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
Signing time: Fri 22 Aug 2025 15:00:13 +0000
ROA not before: Fri 22 Aug 2025 15:00:13 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:97:3d:16:c3:47:c9:19:97:c8:a4:b2:aa:bd:80:b6:ab:2a:b9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:13 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=017172796fafd023d3b8a88f9f919dca880ea70a76ef63089a12d5a63541b383, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4e:af:33:a5:52:ec:a8:3d:ab:70:9d:c7:67:
06:67:36:6a:f0:fb:ad:6e:c3:d1:57:63:8a:f7:95:
db:41:21:e9:a2:0a:3b:74:9a:18:ec:b3:b4:fe:69:
02:0a:88:b2:bf:15:60:4b:cd:8b:65:0d:07:67:88:
5f:69:c5:40:d8:f4:0d:41:51:6a:6f:4b:0a:cd:24:
d1:9f:ed:66:e7:be:93:0b:6d:fe:31:9a:2d:03:b4:
d3:a4:46:e8:98:ec:6d:5b:9c:9c:04:44:dd:7e:f4:
0a:a3:dd:d3:23:a5:ca:c4:57:11:94:e2:d9:f0:4e:
f3:e8:4d:56:f6:ab:84:26:38:eb:99:8c:ce:4a:1d:
1b:ae:40:c1:ee:99:58:c8:63:65:50:ed:c2:e0:0b:
02:80:f5:00:98:27:e6:04:e1:63:93:1a:59:4d:3c:
17:c0:ac:24:6e:b4:23:d8:69:d2:c9:c0:39:d6:f2:
34:97:1a:c0:b8:51:35:db:0e:6d:65:ee:16:8c:de:
2b:fb:e3:28:d0:7a:fc:d0:9e:8e:4f:b1:23:d5:94:
7d:09:01:05:e8:5d:8d:c7:0a:5e:5b:af:cf:23:21:
4e:01:6a:5e:c9:7c:f5:cd:9e:1f:8b:a3:e7:43:15:
4c:7e:e4:f2:55:a7:77:1b:23:5d:7c:3d:b8:85:80:
80:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:59:4D:62:14:74:A2:9B:23:25:B9:AC:BF:D9:F5:D4:67:98:D6:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b2928b95-2f30-4b39-bb79-f70b43a46278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.84.0/22
Signature Algorithm: sha256WithRSAEncryption
22:47:c0:d7:ad:44:e1:37:4e:e9:fd:01:ed:5b:b2:85:25:1a:
0b:0a:a7:26:45:ba:1f:d0:71:16:c5:2b:89:bd:5a:95:1c:eb:
a1:32:aa:e2:66:fc:92:20:81:cc:7c:62:bb:ef:33:b2:73:ac:
0d:12:75:73:0a:23:f5:ce:0a:97:ad:14:63:f6:eb:9c:84:a5:
77:0d:3d:1d:13:3a:24:c5:28:64:95:f6:d4:a5:df:a7:bb:40:
f9:01:25:64:26:23:08:ac:5f:98:96:48:c5:1c:3b:14:41:22:
17:d1:77:ac:21:a5:c4:18:e8:4c:e6:a5:70:e2:71:81:d9:40:
05:a0:1b:c2:e6:dd:b1:04:36:c9:94:7f:06:fe:4c:ee:8a:96:
f1:f6:1d:9d:b4:4a:2b:50:09:d7:8b:37:c0:27:66:86:70:6f:
37:9d:a8:9a:4b:1b:a8:49:60:2f:d7:88:61:06:d2:bc:2f:59:
d2:b4:73:0b:b1:da:5c:61:6e:cf:7f:ff:57:05:76:b4:54:3a:
ea:94:3a:39:9e:a3:8f:ec:92:9b:d3:44:c7:c2:af:26:b3:3f:
ca:49:61:65:9e:72:7b:9c:e0:5b:07:91:a3:00:47:3c:cb:d7:
ef:39:35:2c:b6:9f:cf:b8:95:88:f2:f4:98:83:58:4f:73:d4:
ad:ce:19:a0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN5c9FsNHyRmXyKSyqr2AtqsqudAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMTNaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxNzE3Mjc5NmZhZmQwMjNkM2I4YTg4ZjlmOTE5ZGNhODgwZWE3MGE3NmVm
NjMwODlhMTJkNWE2MzU0MWIzODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFOrzOlUuyoPatwncdnBmc2avD7rW7D0VdjiveV20Eh6aIKO3SaGOyztP5p
AgqIsr8VYEvNi2UNB2eIX2nFQNj0DUFRam9LCs0k0Z/tZue+kwtt/jGaLQO006RG
6JjsbVucnARE3X70CqPd0yOlysRXEZTi2fBO8+hNVvarhCY465mMzkodG65Awe6Z
WMhjZVDtwuALAoD1AJgn5gThY5MaWU08F8CsJG60I9hp0snAOdbyNJcawLhRNdsO
bWXuFozeK/vjKNB6/NCejk+xI9WUfQkBBehdjccKXluvzyMhTgFqXsl89c2eH4uj
50MVTH7k8lWndxsjXXw9uIWAgAkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS3WU1i
FHSimyMluay/2fXUZ5jWlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjI5MjhiOTUtMmYzMC00YjM5LWJiNzktZjcwYjQzYTQ2Mjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgVDAN
BgkqhkiG9w0BAQsFAAOCAQEAIkfA161E4TdO6f0B7VuyhSUaCwqnJkW6H9BxFsUr
ib1alRzroTKq4mb8kiCBzHxiu+8zsnOsDRJ1cwoj9c4Kl60UY/brnISldw09HRM6
JMUoZJX21KXfp7tA+QElZCYjCKxfmJZIxRw7FEEiF9F3rCGlxBjoTOalcOJxgdlA
BaAbwubdsQQ2yZR/Bv5M7oqW8fYdnbRKK1AJ14s3wCdmhnBvN52omksbqElgL9eI
YQbSvC9Z0rRzC7HaXGFuz3//VwV2tFQ66pQ6OZ6jj+ySm9NEx8KvJrM/yklhZZ5y
e5zgWweRowBHPMvX7zk1LLafz7iViPL0mINYT3PUrc4ZoA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:42 2025 by rpki-client