Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
File: 53380a08-b071-4729-9c41-f9a83d36f4c0.roa (raw, json)
Hash identifier: HZgX06lkp5o3vLX7U7ApPwidPk/3mOiVY2+NV8TmTho=
Subject key identifier: 39:B0:99:F7:3F:3D:44:35:93:2A:D0:E6:B7:4D:69:A2:90:40:A0:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B0F7EAD165538A27EAC23C8882290AF12949F6E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
Signing time: Fri 22 Aug 2025 15:00:10 +0000
ROA not before: Fri 22 Aug 2025 15:00:10 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:0f:7e:ad:16:55:38:a2:7e:ac:23:c8:88:22:90:af:12:94:9f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:10 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=cda7ac662f985a19b1cf1173f065f69aba1862770d753fc354e72c2d0c934e66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:48:bd:fd:d8:27:21:f2:18:79:a4:6c:2a:13:
3a:ad:69:34:ee:d5:40:9e:0a:d2:e9:da:47:13:58:
29:96:d1:ed:93:27:1d:bf:2d:0e:45:be:92:b8:b6:
ee:71:ce:a0:58:7a:b9:26:87:46:95:ee:24:e3:d7:
df:ac:78:ab:a9:49:e2:2d:40:a1:ef:b6:99:ad:ea:
e4:0c:5c:40:96:c1:0f:29:a1:9c:cf:26:b6:81:ec:
b9:d1:16:7c:9b:bf:78:50:20:a2:b7:c2:71:86:19:
80:80:f6:8d:5e:8b:8d:cb:d4:f7:36:81:e7:68:4a:
f6:6b:eb:d0:82:cd:2d:a6:b6:47:42:7c:c7:45:93:
e2:4a:c5:28:56:13:58:d8:ef:9a:fa:45:12:6f:e0:
df:ae:a6:6d:24:ac:53:c7:d2:69:f5:d0:c7:7a:f7:
9b:21:d0:ab:d3:70:00:c7:62:15:56:8b:11:3f:1b:
a3:a3:99:3c:e0:f3:ed:88:18:ac:fd:cd:a8:f1:ba:
a0:08:fa:9f:42:a0:89:0b:0f:be:31:33:70:0a:34:
e7:0c:d2:3f:cd:b9:e0:81:83:ae:2e:67:6a:06:c9:
9f:ff:a5:58:1f:64:ed:8a:6e:6c:72:23:79:17:c8:
4a:17:94:d5:b5:4c:8a:a3:05:dd:61:30:e4:b4:f6:
7f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B0:99:F7:3F:3D:44:35:93:2A:D0:E6:B7:4D:69:A2:90:40:A0:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.80.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:36:6c:e8:19:24:90:af:42:af:6a:33:d5:b9:02:bb:92:18:
91:3f:49:68:dc:51:4d:5f:ef:51:81:d7:5d:c8:c4:ac:6b:cb:
89:d7:e8:64:22:2f:0a:b1:e4:00:4d:1d:02:0e:3d:07:35:66:
80:d2:55:81:9f:6a:51:0b:69:f6:4e:f7:f9:41:35:17:13:6a:
28:46:c7:22:4d:c8:2f:b5:4b:4d:fc:46:ef:ee:61:b3:96:11:
57:80:76:76:3c:c8:3f:92:64:d4:cf:de:76:37:ed:09:76:37:
ba:f3:86:c0:89:37:42:9e:72:22:c3:d2:8b:da:52:32:a6:e5:
01:92:73:e4:70:1d:6d:7f:fa:3d:c9:0b:7c:c6:b1:49:c8:5b:
f7:55:d3:88:4a:0d:2e:5e:29:9c:88:23:05:8e:6d:f1:c4:84:
a2:e8:05:57:f1:fd:c4:3f:f9:92:a8:35:2e:c3:eb:66:78:e4:
4e:a9:d9:cd:df:46:b4:a5:1c:3f:cd:df:0b:ca:45:30:cd:02:
52:6e:57:2b:58:ae:cc:89:0b:19:a3:30:cf:57:b6:7f:ea:3b:
d1:34:70:9b:31:61:5a:a0:2e:1a:4c:9e:6e:6a:ff:28:0f:6f:
ff:f6:33:bf:48:d1:ed:91:d7:b6:35:fe:5f:1b:4f:e2:6d:40:
13:9b:de:ee
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSw9+rRZVOKJ+rCPIiCKQrxKUn24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMTBaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkYTdhYzY2MmY5ODVhMTliMWNmMTE3M2YwNjVmNjlhYmExODYyNzcwZDc1
M2ZjMzU0ZTcyYzJkMGM5MzRlNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNIvf3YJyHyGHmkbCoTOq1pNO7VQJ4K0unaRxNYKZbR7ZMnHb8tDkW+kri2
7nHOoFh6uSaHRpXuJOPX36x4q6lJ4i1Aoe+2ma3q5AxcQJbBDymhnM8mtoHsudEW
fJu/eFAgorfCcYYZgID2jV6LjcvU9zaB52hK9mvr0ILNLaa2R0J8x0WT4krFKFYT
WNjvmvpFEm/g366mbSSsU8fSafXQx3r3myHQq9NwAMdiFVaLET8bo6OZPODz7YgY
rP3NqPG6oAj6n0KgiQsPvjEzcAo05wzSP8254IGDri5nagbJn/+lWB9k7YpubHIj
eRfISheU1bVMiqMF3WEw5LT2f5sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ5sJn3
Pz1ENZMq0Oa3TWmikECglTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzODBhMDgtYjA3MS00NzI5LTljNDEtZjlhODNkMzZmNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgUDAN
BgkqhkiG9w0BAQsFAAOCAQEAHzZs6BkkkK9Cr2oz1bkCu5IYkT9JaNxRTV/vUYHX
XcjErGvLidfoZCIvCrHkAE0dAg49BzVmgNJVgZ9qUQtp9k73+UE1FxNqKEbHIk3I
L7VLTfxG7+5hs5YRV4B2djzIP5Jk1M/edjftCXY3uvOGwIk3Qp5yIsPSi9pSMqbl
AZJz5HAdbX/6PckLfMaxSchb91XTiEoNLl4pnIgjBY5t8cSEougFV/H9xD/5kqg1
LsPrZnjkTqnZzd9GtKUcP83fC8pFMM0CUm5XK1iuzIkLGaMwz1e2f+o70TRwmzFh
WqAuGkyebmr/KA9v//Yzv0jR7ZHXtjX+XxtP4m1AE5ve7g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:12 2025 by rpki-client