Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
File: cdc11efb-9ca2-4459-b55a-43b03e67b183.roa (raw, json)
Hash identifier: UwHvmpnZ37weZO7F4/0NHDRSv8y4Bb84n7z9pA91iEM=
Subject key identifier: 06:64:3B:FE:D4:89:39:C0:1A:32:2F:EF:98:BD:16:4F:93:FB:C1:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AD7E387BBED997BDCA1A69E8B08568FDA25E6E5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
Signing time: Fri 22 Aug 2025 15:00:09 +0000
ROA not before: Fri 22 Aug 2025 15:00:09 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d7:e3:87:bb:ed:99:7b:dc:a1:a6:9e:8b:08:56:8f:da:25:e6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:09 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=33a423907bd0fd239998884ad559f2e5cd2f3f7cc41ebb2991dc4ba66cf937f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:d6:6d:2d:0c:59:40:ac:34:36:65:91:94:
97:2e:08:66:99:73:5a:fb:65:a9:10:ba:aa:31:bb:
6b:1e:37:ec:88:5f:72:69:f5:ad:9e:1a:48:80:6c:
1f:05:e1:22:ac:3c:49:6a:e0:c5:ef:4a:c5:85:12:
ad:0e:f8:dd:24:15:e7:bb:44:b6:3c:2f:6e:40:d8:
b5:d4:e9:93:a6:14:01:c0:6a:ef:28:61:ce:31:4e:
27:0e:eb:61:8d:d5:97:1a:cf:e9:44:7e:41:67:66:
f5:b7:39:43:4a:d2:c8:1d:b6:cb:6e:85:d7:1c:ce:
5f:d3:bd:f0:50:07:33:f3:fd:67:f8:ad:b1:7c:7a:
54:10:6a:cb:f8:cd:56:1b:7f:69:11:0b:7f:dc:0e:
3b:c5:72:20:4f:e8:80:25:6a:74:3f:b6:10:54:29:
12:ce:a0:24:7d:61:24:89:66:a9:f2:29:5d:9e:c4:
92:3f:06:a0:73:27:9d:c9:ee:e0:15:65:4b:a6:be:
23:20:d2:16:4b:50:4d:5d:a7:a7:58:dd:bf:95:d8:
72:13:47:35:54:76:bd:df:63:49:63:1f:ca:4b:f2:
6b:37:a8:d2:2d:bb:2e:2e:4a:58:1f:9f:7b:5e:cd:
f9:57:b3:64:53:58:e2:99:60:b1:b3:df:68:f5:18:
ca:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:64:3B:FE:D4:89:39:C0:1A:32:2F:EF:98:BD:16:4F:93:FB:C1:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cdc11efb-9ca2-4459-b55a-43b03e67b183.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/18
Signature Algorithm: sha256WithRSAEncryption
65:a7:1c:02:b9:ff:51:b4:e1:b6:91:81:9d:ff:09:69:48:20:
5d:0b:6d:53:68:72:f7:1d:81:3e:45:0f:20:10:1c:68:77:53:
db:46:13:de:95:18:b3:5b:cb:98:ec:0d:14:1a:3c:c7:10:23:
dc:ec:25:e4:24:8b:6e:7f:ca:0e:0d:f3:98:02:bd:be:91:ae:
40:53:04:8a:8c:fd:a0:bf:32:20:96:9a:ad:49:f3:ed:f4:0c:
53:bd:a0:0d:43:e8:ed:74:8a:cd:e9:a8:59:17:3b:f0:61:8b:
16:4f:68:c2:b6:be:53:7f:de:0b:93:2c:1b:9e:e8:a0:10:19:
10:6e:34:3a:51:3c:94:8e:09:63:0d:0b:91:2b:f0:1e:5a:af:
34:9f:ff:f1:09:05:2e:08:27:2f:c9:ca:c6:28:b9:59:b0:e2:
1f:67:ba:d6:dc:8d:e1:60:49:df:22:9f:b4:6e:75:74:53:5e:
18:f8:d4:65:ad:16:5d:47:78:ec:14:d8:3b:4d:c4:09:86:0a:
29:37:c1:3e:50:12:53:93:b2:78:2b:25:99:43:39:fa:15:ab:
67:57:c5:7b:b2:14:ab:a9:0a:1c:08:9c:f4:9c:c2:7d:60:30:
cd:14:75:e5:2d:05:68:b5:41:ae:d3:e4:da:d3:4a:2f:7b:4f:
ba:f6:a5:33
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUatfjh7vtmXvcoaaeiwhWj9ol5uUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMDlaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzYTQyMzkwN2JkMGZkMjM5OTk4ODg0YWQ1NTlmMmU1Y2QyZjNmN2NjNDFl
YmIyOTkxZGM0YmE2NmNmOTM3ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDc1m0tDFlArDQ2ZZGUly4IZplzWvtlqRC6qjG7ax437Ihfcmn1rZ4aSIBs
HwXhIqw8SWrgxe9KxYUSrQ743SQV57tEtjwvbkDYtdTpk6YUAcBq7yhhzjFOJw7r
YY3VlxrP6UR+QWdm9bc5Q0rSyB22y26F1xzOX9O98FAHM/P9Z/itsXx6VBBqy/jN
Vht/aRELf9wOO8VyIE/ogCVqdD+2EFQpEs6gJH1hJIlmqfIpXZ7Ekj8GoHMnncnu
4BVlS6a+IyDSFktQTV2np1jdv5XYchNHNVR2vd9jSWMfykvyazeo0i27Li5KWB+f
e17N+VezZFNY4plgsbPfaPUYyukCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQGZDv+
1Ik5wBoyL++YvRZPk/vBuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RjMTFlZmItOWNhMi00NDU5LWI1NWEtNDNiMDNlNjdiMTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZaccArn/UbThtpGBnf8JaUggXQttU2hy9x2BPkUP
IBAcaHdT20YT3pUYs1vLmOwNFBo8xxAj3Owl5CSLbn/KDg3zmAK9vpGuQFMEioz9
oL8yIJaarUnz7fQMU72gDUPo7XSKzemoWRc78GGLFk9owra+U3/eC5MsG57ooBAZ
EG40OlE8lI4JYw0LkSvwHlqvNJ//8QkFLggnL8nKxii5WbDiH2e61tyN4WBJ3yKf
tG51dFNeGPjUZa0WXUd47BTYO03ECYYKKTfBPlASU5OyeCslmUM5+hWrZ1fFe7IU
q6kKHAic9JzCfWAwzRR15S0FaLVBrtPk2tNKL3tPuvalMw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:26 2025 by rpki-client