Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
File: db2d9177-e3d4-459e-980d-b68f027facc9.roa (raw, json)
Hash identifier: u4ZLFFNWw7zlZ9TbUCH1HRnKdmupPCDuCnT4+IIa9+U=
Subject key identifier: C4:89:4D:8C:A5:1C:4F:3B:6E:70:4D:3D:7D:0C:56:F6:A5:F2:AA:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45B277989E1D96A35C76E99FA5858B1DC31E37CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
Signing time: Mon 16 Jun 2025 19:30:08 +0000
ROA not before: Mon 16 Jun 2025 19:30:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 176.32.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:b2:77:98:9e:1d:96:a3:5c:76:e9:9f:a5:85:8b:1d:c3:1e:37:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 16 19:30:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a56da9cce2bcdb0063f2bec75e6bb2b6fc6439842d01a215ad2d901e82d4e53c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ad:ed:43:29:fa:b0:6c:eb:9f:2f:08:4f:86:
9e:e4:9d:07:11:59:99:09:b8:ea:6e:a1:1f:9d:5d:
71:51:85:57:a6:3f:e2:a0:df:0c:96:f1:25:82:bc:
a5:e7:82:f3:d1:8d:f6:58:5b:84:be:1d:39:97:be:
b4:4d:63:dc:ad:52:a6:b1:b9:02:64:26:e9:01:c9:
7f:f5:bc:8b:fa:5d:c6:c6:65:18:3f:f5:13:27:75:
47:28:40:80:ed:46:e3:7b:14:03:1b:17:1d:6e:f3:
6f:b3:5f:8b:0f:ce:79:32:12:e8:cd:21:8a:d5:02:
19:df:7d:06:3b:6f:71:28:ce:5b:14:cd:e5:e2:46:
a7:2f:a0:51:cc:ba:98:5d:27:f7:41:89:e5:ca:8d:
b3:fc:9c:95:92:87:ca:a2:ec:1c:fb:c7:e4:1b:51:
5b:d2:b3:38:5b:aa:da:41:59:25:49:8e:a1:ed:39:
f4:26:94:6a:0c:b8:46:31:c5:e7:e8:81:07:e8:95:
c2:0e:49:51:17:88:ee:0d:fd:3f:d7:91:19:0e:0d:
6d:0f:fd:1c:3e:1e:84:95:78:0f:63:a7:6b:4a:51:
2f:78:af:ca:1e:67:70:bb:74:11:8f:73:33:03:1d:
aa:ff:05:d1:3f:49:06:78:d3:1c:c6:95:e4:74:a7:
34:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:89:4D:8C:A5:1C:4F:3B:6E:70:4D:3D:7D:0C:56:F6:A5:F2:AA:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/db2d9177-e3d4-459e-980d-b68f027facc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.96.0/21
Signature Algorithm: sha256WithRSAEncryption
49:2f:d8:5b:69:5e:62:17:f0:1d:25:3f:0e:70:cf:54:23:a5:
21:eb:25:2d:05:80:78:72:12:4f:ad:b0:c3:31:43:2d:a9:da:
44:9e:cb:e4:06:bf:d5:56:40:52:ff:bd:4f:2e:88:b4:e0:83:
3f:a5:7f:27:78:d6:6e:e0:04:55:23:f5:a4:5c:48:aa:5e:20:
79:ba:7b:8c:ba:3a:3b:85:86:d5:dd:cf:78:52:de:29:f7:64:
a1:55:ae:cd:f4:68:33:d0:02:ce:99:b7:44:69:00:ce:01:7e:
0a:a4:c6:95:c8:98:e6:cd:e7:11:df:d8:85:4f:01:e9:47:8e:
51:a1:71:4b:c5:66:c2:15:bf:41:fe:c8:98:38:61:e5:8c:1a:
91:af:8e:45:a2:ea:6c:e3:a1:53:4d:ac:e7:03:8b:fb:25:9a:
64:6f:22:ba:12:64:55:8f:4b:48:c4:08:97:6a:b8:d8:6a:a3:
dc:fd:16:bc:03:59:80:52:5c:83:5f:90:6d:90:df:4d:80:5b:
93:ba:4d:dc:f9:84:4f:2c:2e:a0:2a:a0:ba:c4:d3:cd:29:74:
84:9f:e9:19:b4:24:87:0b:55:1b:13:0e:44:b1:b4:a5:0b:48:
e7:e0:34:44:ef:e1:61:08:12:05:b6:37:d8:c2:ee:43:52:f6:
23:e9:02:b8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURbJ3mJ4dlqNcdumfpYWLHcMeN8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTYxOTMwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1NmRhOWNjZTJiY2RiMDA2M2YyYmVjNzVlNmJiMmI2ZmM2NDM5ODQyZDAx
YTIxNWFkMmQ5MDFlODJkNGU1M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALut7UMp+rBs658vCE+GnuSdBxFZmQm46m6hH51dcVGFV6Y/4qDfDJbxJYK8
peeC89GN9lhbhL4dOZe+tE1j3K1SprG5AmQm6QHJf/W8i/pdxsZlGD/1Eyd1RyhA
gO1G43sUAxsXHW7zb7Nfiw/OeTIS6M0hitUCGd99BjtvcSjOWxTN5eJGpy+gUcy6
mF0n90GJ5cqNs/yclZKHyqLsHPvH5BtRW9KzOFuq2kFZJUmOoe059CaUagy4RjHF
5+iBB+iVwg5JUReI7g39P9eRGQ4NbQ/9HD4ehJV4D2Ona0pRL3ivyh5ncLt0EY9z
MwMdqv8F0T9JBnjTHMaV5HSnNO0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTEiU2M
pRxPO25wTT19DFb2pfKqXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGIyZDkxNzctZTNkNC00NTllLTk4MGQtYjY4ZjAyN2ZhY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgYDAN
BgkqhkiG9w0BAQsFAAOCAQEASS/YW2leYhfwHSU/DnDPVCOlIeslLQWAeHIST62w
wzFDLanaRJ7L5Aa/1VZAUv+9Ty6ItOCDP6V/J3jWbuAEVSP1pFxIql4gebp7jLo6
O4WG1d3PeFLeKfdkoVWuzfRoM9ACzpm3RGkAzgF+CqTGlciY5s3nEd/YhU8B6UeO
UaFxS8VmwhW/Qf7ImDhh5Ywaka+ORaLqbOOhU02s5wOL+yWaZG8iuhJkVY9LSMQI
l2q42Gqj3P0WvANZgFJcg1+QbZDfTYBbk7pN3PmETywuoCqgusTTzSl0hJ/pGbQk
hwtVGxMORLG0pQtI5+A0RO/hYQgSBbY32MLuQ1L2I+kCuA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:52:10 2025 by rpki-client