Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
File: 2780ebe2-8258-4510-a848-89116418e1c7.roa (raw, json)
Hash identifier: OLTXqgnIpqaRbKBTv0xp2CC7ff7gPJ9HRCWC6jrzn2Q=
Subject key identifier: 5A:25:27:16:B3:BA:03:5F:D4:41:4C:CD:8D:50:29:97:D2:BB:0F:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D46C353C3FCF12A79C84BD259891D4DB768FF76
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
Signing time: Mon 13 Oct 2025 17:55:35 +0000
ROA not before: Mon 13 Oct 2025 17:55:35 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:46:c3:53:c3:fc:f1:2a:79:c8:4b:d2:59:89:1d:4d:b7:68:ff:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:35 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=6294c25a8b7e03828f085dde9fed679e65d18652b29c86baeceba4ae54ff9ae7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1d:34:a2:18:f5:82:d6:df:90:0f:45:aa:a7:
a7:28:11:86:6c:f4:20:92:02:51:9e:9a:ee:28:b9:
02:12:d6:bd:94:4b:d4:e0:48:85:a8:f2:ac:19:bf:
5a:4e:cf:bf:0d:8b:e9:2a:76:10:ee:14:dd:25:97:
f4:1c:f8:02:79:fe:d4:db:bc:4b:5d:61:54:20:54:
fc:3c:1a:53:3c:a2:5a:8d:da:60:4a:22:b2:65:9f:
cb:29:08:ad:1c:e7:dc:60:8e:d9:d6:6d:b1:9c:9b:
cf:bb:25:3d:39:3a:f4:8d:f8:08:e0:7b:fd:f9:ab:
a7:3b:8a:ca:5d:9b:98:fd:d8:a6:f5:95:68:d6:fd:
85:e5:7d:33:8e:f0:04:59:62:d0:90:0e:34:9d:61:
d2:4b:70:9a:70:75:11:6a:5e:c2:e8:7b:8c:81:a5:
c8:75:f2:c4:92:d0:86:ce:1b:98:71:03:40:65:e1:
e5:5e:91:08:4e:98:b9:65:2b:8b:57:3e:5e:80:9d:
64:51:0d:db:7e:8d:26:0c:cc:ea:3f:d6:0c:3e:14:
3c:43:cd:ee:07:97:fa:f3:da:13:e2:5e:3d:ae:67:
c2:34:d7:b9:9a:8f:35:07:9a:2c:b3:f4:56:86:c3:
99:19:e2:eb:2e:67:cb:0d:05:e1:16:0d:0e:49:c3:
02:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:25:27:16:B3:BA:03:5F:D4:41:4C:CD:8D:50:29:97:D2:BB:0F:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2780ebe2-8258-4510-a848-89116418e1c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/19
Signature Algorithm: sha256WithRSAEncryption
ac:f7:75:cf:4a:66:96:dd:21:b9:4a:95:11:80:e7:cd:f0:2c:
54:2f:14:05:0b:94:41:49:8a:41:37:02:a4:7f:fa:90:31:17:
44:8d:43:f0:72:30:2b:79:78:57:69:ae:8b:fe:7c:1e:67:4c:
d6:df:85:b6:16:3a:3f:9e:b9:2f:7e:53:95:2d:b4:0b:0f:5a:
2c:d2:95:90:f5:c6:ca:29:fe:ad:b5:41:c8:db:91:c7:a4:2d:
5a:64:d8:0b:d0:89:69:8a:61:4b:2f:46:f3:40:80:58:34:5b:
92:3d:bb:51:78:dc:a4:f2:79:2f:3b:90:b3:02:db:cf:c7:23:
8e:c8:09:20:94:53:94:ad:c7:77:82:58:27:05:b3:aa:c6:53:
97:53:35:bf:9a:65:f9:77:30:ab:13:84:12:fb:b0:09:52:10:
61:64:22:54:95:47:46:cf:99:96:d6:fc:2f:73:bc:5b:12:ad:
77:24:d2:df:93:77:e5:2c:a9:f5:30:39:ec:dc:e8:9d:f9:4c:
7f:41:50:e7:94:c1:b8:fb:6b:33:76:4f:fb:37:ef:db:88:a7:
2d:39:d6:b7:b8:cd:b6:af:4a:04:88:06:30:ab:1e:6c:27:4e:
12:3f:5a:8f:53:dd:a3:ff:ba:a4:cb:c0:75:25:66:74:d9:9e:
55:03:57:9c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbUbDU8P88Sp5yEvSWYkdTbdo/3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1MzVaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyOTRjMjVhOGI3ZTAzODI4ZjA4NWRkZTlmZWQ2NzllNjVkMTg2NTJiMjlj
ODZiYWVjZWJhNGFlNTRmZjlhZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcdNKIY9YLW35APRaqnpygRhmz0IJICUZ6a7ii5AhLWvZRL1OBIhajyrBm/
Wk7Pvw2L6Sp2EO4U3SWX9Bz4Ann+1Nu8S11hVCBU/DwaUzyiWo3aYEoismWfyykI
rRzn3GCO2dZtsZybz7slPTk69I34COB7/fmrpzuKyl2bmP3YpvWVaNb9heV9M47w
BFli0JAONJ1h0ktwmnB1EWpewuh7jIGlyHXyxJLQhs4bmHEDQGXh5V6RCE6YuWUr
i1c+XoCdZFEN236NJgzM6j/WDD4UPEPN7geX+vPaE+JePa5nwjTXuZqPNQeaLLP0
VobDmRni6y5nyw0F4RYNDknDAm0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRaJScW
s7oDX9RBTM2NUCmX0rsP/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4MGViZTItODI1OC00NTEwLWE4NDgtODkxMTY0MThlMWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEArPd1z0pmlt0huUqVEYDnzfAsVC8UBQuUQUmKQTcC
pH/6kDEXRI1D8HIwK3l4V2mui/58HmdM1t+FthY6P565L35TlS20Cw9aLNKVkPXG
yin+rbVByNuRx6QtWmTYC9CJaYphSy9G80CAWDRbkj27UXjcpPJ5LzuQswLbz8cj
jsgJIJRTlK3Hd4JYJwWzqsZTl1M1v5pl+XcwqxOEEvuwCVIQYWQiVJVHRs+Zltb8
L3O8WxKtdyTS35N35Syp9TA57NzonflMf0FQ55TBuPtrM3ZP+zfv24inLTnWt7jN
tq9KBIgGMKsebCdOEj9aj1Pdo/+6pMvAdSVmdNmeVQNXnA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:06 2025 by rpki-client