Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: +Vxwl549JcDW6sUKzW4G5h/2RfzsGA3N5YNzVeXv6zc=
Subject key identifier: 5C:2A:8F:EB:C3:81:56:8E:F2:CA:99:1B:18:6D:10:8B:B5:E2:DE:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B35BB9F3D3903F8BBEF8369BD1E52DCF614CEE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Tue 05 Aug 2025 18:40:08 +0000
ROA not before: Tue 05 Aug 2025 18:40:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:35:bb:9f:3d:39:03:f8:bb:ef:83:69:bd:1e:52:dc:f6:14:ce:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=522e0f5d34ae217c501c4fb110050b2ddbd1cbaac2e8e3d87923675a4dc00121, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:96:e6:ba:e4:40:ef:e0:db:6e:19:7f:dd:36:
20:b8:56:b3:42:40:6b:85:a2:ab:60:25:2b:64:0e:
80:38:5f:6a:b7:27:54:62:77:ea:4c:cc:0f:ae:4f:
24:e2:03:e9:8e:c4:f1:24:e4:5e:bb:d9:93:30:b6:
80:00:1e:67:b6:7e:f8:18:6c:72:0b:18:7f:90:40:
e0:02:27:67:be:99:79:d2:85:ca:8e:b9:d0:cc:7c:
59:b3:ab:2e:93:b6:a0:af:cd:34:1f:88:e5:37:5e:
9e:3f:8e:15:13:04:95:70:a2:65:a4:02:ee:a9:89:
44:9a:2f:80:25:9c:ec:07:f1:09:19:33:89:a1:12:
3e:e4:0e:f7:69:30:14:2c:0d:3e:4d:6a:5c:78:5e:
50:8e:e7:e9:7b:66:8d:e7:9f:e3:6c:3d:6b:7c:06:
08:62:8c:e3:04:6f:aa:59:ea:82:57:c8:bb:32:51:
5e:9b:21:23:03:4c:95:bf:39:ff:a5:5c:77:4c:71:
d7:b0:a4:46:45:9f:9f:d7:94:ef:53:18:4b:eb:9c:
5b:f9:ff:70:83:7a:95:23:ca:cc:a8:9a:8f:b0:7e:
14:8d:a8:e5:c4:74:32:dd:20:ae:9b:6b:6b:26:01:
93:ed:a7:60:71:2f:f5:f1:ee:b5:67:09:49:17:e7:
55:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2A:8F:EB:C3:81:56:8E:F2:CA:99:1B:18:6D:10:8B:B5:E2:DE:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:b0:bc:37:cc:05:be:a8:c5:8a:ee:aa:19:7e:47:9b:82:48:
09:dd:c2:76:1b:c2:47:72:38:8e:db:d1:c0:8c:2b:e0:16:09:
68:0f:30:08:17:4e:68:49:fc:98:c8:ff:dc:07:bc:ef:cd:ff:
f6:06:70:04:5f:47:7b:fa:8e:81:84:4e:e6:f0:c0:41:a8:df:
7e:10:16:88:75:dd:11:8c:37:06:0c:8f:48:33:a3:8a:8f:0c:
45:7f:19:15:ec:55:31:2b:8f:3d:13:02:02:1f:ea:54:3d:d8:
d5:ee:15:f9:b6:4e:71:a2:f7:99:55:ef:cf:20:a1:30:7c:ba:
f6:02:56:b4:58:c4:3d:23:ab:6e:6c:75:12:19:d5:5b:3a:e2:
d3:e0:61:6d:ff:9b:a6:4a:62:a7:c2:7f:02:3f:fb:1a:80:fa:
64:56:2e:4a:1b:a6:2b:1f:d9:e6:4a:bf:7c:22:71:2d:b2:8c:
25:aa:48:1a:49:ef:2e:70:6b:98:94:aa:33:1b:64:53:5c:0c:
f4:5e:c8:87:89:dd:f5:7a:5d:25:74:95:25:48:9f:32:51:d4:
4d:46:66:c5:3e:90:54:4b:40:3d:39:d5:98:73:dd:12:a6:37:
fd:d1:53:34:7f:c3:53:75:aa:76:88:d1:11:c9:43:4a:b7:3b:
21:cf:a5:b4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWzW7nz05A/i774NpvR5S3PYUzuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyMmUwZjVkMzRhZTIxN2M1MDFjNGZiMTEwMDUwYjJkZGJkMWNiYWFjMmU4
ZTNkODc5MjM2NzVhNGRjMDAxMjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaW5rrkQO/g224Zf902ILhWs0JAa4Wiq2AlK2QOgDhfarcnVGJ36kzMD65P
JOID6Y7E8STkXrvZkzC2gAAeZ7Z++BhscgsYf5BA4AInZ76ZedKFyo650Mx8WbOr
LpO2oK/NNB+I5Tdenj+OFRMElXCiZaQC7qmJRJovgCWc7AfxCRkziaESPuQO92kw
FCwNPk1qXHheUI7n6Xtmjeef42w9a3wGCGKM4wRvqlnqglfIuzJRXpshIwNMlb85
/6Vcd0xx17CkRkWfn9eU71MYS+ucW/n/cIN6lSPKzKiaj7B+FI2o5cR0Mt0grptr
ayYBk+2nYHEv9fHutWcJSRfnVZkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRcKo/r
w4FWjvLKmRsYbRCLteLe+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAX7C8N8wFvqjFiu6qGX5Hm4JICd3CdhvCR3I4jtvR
wIwr4BYJaA8wCBdOaEn8mMj/3Ae8783/9gZwBF9He/qOgYRO5vDAQajffhAWiHXd
EYw3BgyPSDOjio8MRX8ZFexVMSuPPRMCAh/qVD3Y1e4V+bZOcaL3mVXvzyChMHy6
9gJWtFjEPSOrbmx1EhnVWzri0+Bhbf+bpkpip8J/Aj/7GoD6ZFYuShumKx/Z5kq/
fCJxLbKMJapIGknvLnBrmJSqMxtkU1wM9F7Ih4nd9XpdJXSVJUifMlHUTUZmxT6Q
VEtAPTnVmHPdEqY3/dFTNH/DU3WqdojREclDSrc7Ic+ltA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:06 2025 by rpki-client