Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
File: b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa (raw, json)
Hash identifier: PO3VMjv9yLa5zSK3bj0Og0Fu/rsq2x9wHBJJ7Al4J8M=
Subject key identifier: 4B:D2:6C:29:7E:EA:17:8B:17:68:B9:7C:FE:58:80:35:22:6E:54:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5000A88EBF957A0C1E5F7C2AA17B1D6A3899AEC8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
Signing time: Fri 22 Aug 2025 15:00:12 +0000
ROA not before: Fri 22 Aug 2025 15:00:12 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:00:a8:8e:bf:95:7a:0c:1e:5f:7c:2a:a1:7b:1d:6a:38:99:ae:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:12 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=fa39a2976499077fde38b413234a1d87f5c3043d7658dd8622c12d44d7e8adfb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d7:39:cd:ec:e6:f6:b4:b6:e9:6e:27:7a:af:
38:86:eb:5f:ea:84:a4:e6:64:b5:69:85:34:a7:42:
65:3f:e1:cb:a3:42:02:b7:5a:b7:4b:71:1b:0c:fb:
a4:b9:6a:04:25:dd:f1:12:44:95:e1:0e:ec:e7:56:
21:c3:95:fe:10:34:c7:01:d2:ac:5a:c9:c6:08:0a:
ba:53:6d:82:98:01:4b:55:32:eb:1f:40:6e:47:e2:
b0:27:a3:0d:d9:b8:7a:b2:c8:ed:53:13:ca:91:6f:
28:7d:6d:5f:7f:c8:98:7c:f4:25:37:b2:d5:ad:12:
82:87:f4:27:9b:7d:bb:ec:e5:a3:be:e0:28:0f:1e:
dd:c9:2d:dd:07:e6:20:06:17:07:1e:b9:46:9f:00:
cd:d5:b4:a5:0c:29:0f:1c:f0:d2:e2:9e:98:75:1a:
73:f8:5c:58:c5:2a:b4:b0:45:12:af:1e:68:4f:60:
fe:69:24:a1:d8:21:64:b4:c2:c1:36:3c:81:08:2c:
e1:e9:83:ac:63:23:9c:8d:78:12:a4:ca:9d:91:24:
13:a0:48:75:e2:32:e0:ff:b7:ea:87:60:fb:c9:30:
c0:7e:f5:d9:9f:c0:05:f3:5d:0b:74:39:b0:a5:41:
0f:29:bb:f1:da:6f:7e:15:80:9e:af:06:d0:01:c3:
89:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D2:6C:29:7E:EA:17:8B:17:68:B9:7C:FE:58:80:35:22:6E:54:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9ff392e-09c0-4b7c-bdd5-5fb1316e398e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
13:d9:e6:76:28:c9:fc:25:2d:2a:3b:2e:b0:4b:1a:99:c0:5d:
79:8d:85:0c:39:50:af:b8:5f:08:29:aa:fa:ba:7a:7e:6c:ca:
15:ca:d9:22:16:6b:a1:52:d7:a0:a4:f1:0c:be:1f:77:9d:29:
68:c2:e9:ea:5e:c7:a5:a1:52:0c:70:e0:33:94:38:49:07:d7:
ac:65:b1:1a:6b:f6:25:fc:50:2d:92:de:75:7e:f5:4e:39:af:
36:c7:fd:2a:e3:24:94:95:74:e3:10:bb:24:d7:28:e1:d5:0e:
69:6f:48:38:af:e2:d4:bd:d6:36:77:b0:fa:6d:88:06:e7:61:
b2:8b:b3:ab:fc:c1:38:38:02:46:38:fa:3f:79:6d:9d:c7:ea:
c8:be:0f:f3:b5:e3:c8:55:3d:0b:98:26:d2:6d:4d:a1:64:b2:
8a:ac:81:53:72:39:da:9c:9e:1c:e0:c4:44:a0:02:54:b2:42:
08:a3:33:01:1d:f9:d9:a0:89:8d:d5:4e:75:83:d5:2c:ae:8d:
74:07:99:74:e5:31:96:7e:85:60:60:8c:7d:bc:3b:13:7f:2a:
40:55:2c:57:31:da:43:06:28:86:3f:3c:25:42:dc:d6:41:4b:
a6:b3:86:33:ba:80:95:17:5a:ae:ed:4a:21:4b:f8:fc:08:27:
a3:dd:8f:67
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUACojr+VegweX3wqoXsdajiZrsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMTJaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhMzlhMjk3NjQ5OTA3N2ZkZTM4YjQxMzIzNGExZDg3ZjVjMzA0M2Q3NjU4
ZGQ4NjIyYzEyZDQ0ZDdlOGFkZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjXOc3s5va0tuluJ3qvOIbrX+qEpOZktWmFNKdCZT/hy6NCArdat0txGwz7
pLlqBCXd8RJEleEO7OdWIcOV/hA0xwHSrFrJxggKulNtgpgBS1Uy6x9AbkfisCej
Ddm4erLI7VMTypFvKH1tX3/ImHz0JTey1a0Sgof0J5t9u+zlo77gKA8e3ckt3Qfm
IAYXBx65Rp8AzdW0pQwpDxzw0uKemHUac/hcWMUqtLBFEq8eaE9g/mkkodghZLTC
wTY8gQgs4emDrGMjnI14EqTKnZEkE6BIdeIy4P+36odg+8kwwH712Z/ABfNdC3Q5
sKVBDym78dpvfhWAnq8G0AHDiTECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRL0mwp
fuoXixdouXz+WIA1Im5UnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmZjM5MmUtMDljMC00YjdjLWJkZDUtNWZiMTMxNmUzOThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAE9nmdijJ/CUtKjsusEsamcBdeY2FDDlQr7hfCCmq
+rp6fmzKFcrZIhZroVLXoKTxDL4fd50paMLp6l7HpaFSDHDgM5Q4SQfXrGWxGmv2
JfxQLZLedX71TjmvNsf9KuMklJV04xC7JNco4dUOaW9IOK/i1L3WNnew+m2IBudh
souzq/zBODgCRjj6P3ltncfqyL4P87XjyFU9C5gm0m1NoWSyiqyBU3I52pyeHODE
RKACVLJCCKMzAR352aCJjdVOdYPVLK6NdAeZdOUxln6FYGCMfbw7E38qQFUsVzHa
QwYohj88JULc1kFLprOGM7qAlRdaru1KIUv4/Agno92PZw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:54 2025 by rpki-client