Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
File: 40318891-5508-4eb6-bace-e245fbeb145a.roa (raw, json)
Hash identifier: 5AxiDleyuSyU1Sp/M9sCVjmN6VQiNCp9NYeA4j2chj0=
Subject key identifier: 00:C5:9D:B3:4C:A9:CE:64:5D:F8:65:64:F8:1E:B6:55:69:EF:CC:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 09A59B16A1820B319B60913E3F5A42217015BE6E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
Signing time: Mon 13 Oct 2025 17:55:31 +0000
ROA not before: Mon 13 Oct 2025 17:55:31 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:a5:9b:16:a1:82:0b:31:9b:60:91:3e:3f:5a:42:21:70:15:be:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:55:31 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=b1ffcb20c2c154d7492de7596bdf34a74c43cc3ddc604baea45cd004cc98ce09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:dc:10:33:af:06:1b:3c:10:1f:32:af:21:d5:
80:af:69:a0:45:6b:e2:10:0d:a7:4f:9d:53:9a:3d:
8b:5c:a1:f4:ed:4c:6e:bc:36:d7:e4:10:27:4d:15:
19:99:31:b2:d5:53:79:be:5e:93:da:49:1f:73:16:
85:86:80:c2:d9:e7:ce:e7:63:ed:4c:82:90:42:e3:
cf:54:45:9b:d8:e1:db:12:49:0c:d0:d3:ce:b3:97:
59:c7:39:7b:a5:7d:07:be:3d:85:ed:b2:8c:72:ae:
1f:77:a4:86:77:f5:c2:97:5f:2a:32:17:40:65:33:
23:84:93:02:94:0f:43:34:92:5a:d8:d1:12:c4:16:
9b:bc:e1:14:f8:42:eb:a4:21:a5:cb:63:28:ba:fe:
43:72:f1:fb:03:0a:8b:d5:4b:ff:13:96:1f:b4:bc:
3e:d2:65:a6:59:15:5d:40:6a:47:d7:4b:82:d3:10:
95:d4:c3:8c:1d:da:90:dc:83:19:71:f8:81:cf:92:
dd:0f:94:65:e3:5c:eb:d1:69:b4:75:e2:5a:c3:dd:
bc:81:e6:65:5e:3e:fb:70:fe:a4:9c:5d:dd:43:67:
59:03:73:0a:7c:2e:73:2f:20:31:c0:8a:a4:bd:8b:
f5:cf:67:2a:31:41:78:d3:b1:2c:1d:ca:e8:52:53:
da:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C5:9D:B3:4C:A9:CE:64:5D:F8:65:64:F8:1E:B6:55:69:EF:CC:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/40318891-5508-4eb6-bace-e245fbeb145a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.160.0/19
Signature Algorithm: sha256WithRSAEncryption
89:54:d3:e4:46:da:81:d2:61:f1:55:89:d1:21:92:1c:63:fe:
ec:14:e7:1a:49:a3:d3:91:47:10:d6:61:c2:b2:95:21:23:fe:
51:d3:75:2f:f2:96:71:da:86:c1:21:6a:55:6b:8e:6b:63:b4:
f0:4d:a5:a2:04:83:1e:db:69:f4:dd:ec:fb:ee:39:0b:ed:77:
28:62:82:d1:2f:2a:33:db:16:7b:61:99:0d:25:d7:79:c8:df:
8d:63:d1:15:0e:7c:3e:c0:7b:e5:6f:2a:75:9b:2e:df:63:bb:
be:77:30:fe:96:f1:3a:84:5b:3e:b1:a2:f4:38:71:92:e6:cb:
59:46:83:fb:b0:d2:72:e5:25:4a:ba:16:0b:3f:f9:94:c4:0e:
c5:d7:af:c7:fe:95:0f:eb:5d:42:86:69:7e:75:08:5f:76:4b:
99:4f:61:92:4f:b1:41:f5:a0:64:6a:2d:69:80:03:ac:b2:26:
8b:dd:bd:7d:f0:da:6a:a4:85:4d:c2:09:52:0c:4c:83:a3:33:
68:2b:ce:b5:c7:c7:14:75:a5:38:b0:10:52:a0:2b:cf:5f:e3:
08:ce:12:1d:ce:03:7a:11:ff:d2:a9:c3:ec:3c:87:67:1f:87:
a4:15:33:05:d9:59:5b:ae:6c:13:17:8b:19:f3:0f:db:80:2d:
39:61:e3:a2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCaWbFqGCCzGbYJE+P1pCIXAVvm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU1MzFaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxZmZjYjIwYzJjMTU0ZDc0OTJkZTc1OTZiZGYzNGE3NGM0M2NjM2RkYzYw
NGJhZWE0NWNkMDA0Y2M5OGNlMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfcEDOvBhs8EB8yryHVgK9poEVr4hANp0+dU5o9i1yh9O1Mbrw21+QQJ00V
GZkxstVTeb5ek9pJH3MWhYaAwtnnzudj7UyCkELjz1RFm9jh2xJJDNDTzrOXWcc5
e6V9B749he2yjHKuH3ekhnf1wpdfKjIXQGUzI4STApQPQzSSWtjREsQWm7zhFPhC
66QhpctjKLr+Q3Lx+wMKi9VL/xOWH7S8PtJlplkVXUBqR9dLgtMQldTDjB3akNyD
GXH4gc+S3Q+UZeNc69FptHXiWsPdvIHmZV4++3D+pJxd3UNnWQNzCnwucy8gMcCK
pL2L9c9nKjFBeNOxLB3K6FJT2i8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQAxZ2z
TKnOZF34ZWT4HrZVae/MJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDAzMTg4OTEtNTUwOC00ZWI2LWJhY2UtZTI0NWZiZWIxNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAioDAN
BgkqhkiG9w0BAQsFAAOCAQEAiVTT5EbagdJh8VWJ0SGSHGP+7BTnGkmj05FHENZh
wrKVISP+UdN1L/KWcdqGwSFqVWuOa2O08E2logSDHttp9N3s++45C+13KGKC0S8q
M9sWe2GZDSXXecjfjWPRFQ58PsB75W8qdZsu32O7vncw/pbxOoRbPrGi9DhxkubL
WUaD+7DScuUlSroWCz/5lMQOxdevx/6VD+tdQoZpfnUIX3ZLmU9hkk+xQfWgZGot
aYADrLImi929ffDaaqSFTcIJUgxMg6MzaCvOtcfHFHWlOLAQUqArz1/jCM4SHc4D
ehH/0qnD7DyHZx+HpBUzBdlZW65sExeLGfMP24AtOWHjog==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:11 2025 by rpki-client