Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
File: 8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa (raw, json)
Hash identifier: SThSiOHATBWDwcmu9cc/+t+Vuvmq3DLDTMHO6SSPQW8=
Subject key identifier: C1:EA:D7:06:AB:7A:DA:47:12:A1:4C:6B:3B:CA:D7:C1:A1:7B:E8:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66FD66746D2CF836A0B33A033124116C70F8952A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
Signing time: Mon 13 Oct 2025 17:56:15 +0000
ROA not before: Mon 13 Oct 2025 17:56:15 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:fd:66:74:6d:2c:f8:36:a0:b3:3a:03:31:24:11:6c:70:f8:95:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 13 17:56:15 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=6254193edc3b53eb6d4efcc819078b1f862e1ecb3480dfa55204401444de9f42, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:00:b2:ad:03:47:4d:61:6d:15:6f:b9:82:2e:
66:64:f2:1e:d1:c2:3a:b6:b5:74:fc:52:44:39:60:
9b:2e:63:4d:dd:7b:7b:5f:1d:82:ee:66:fd:a0:15:
58:7d:60:46:e5:bf:af:de:f2:f4:3b:9b:7c:da:f1:
c4:36:cd:10:28:24:ff:d1:68:11:9e:e7:fd:ea:e3:
41:db:0e:04:3f:67:72:76:73:a0:04:f9:cd:b2:a0:
a4:f9:26:ab:9e:d1:f9:3c:b0:19:55:60:5d:d8:b4:
da:a6:38:08:fa:ba:17:29:f2:c1:0d:67:7d:bd:5e:
b1:45:ed:fd:63:27:8b:b2:58:65:42:25:15:0a:d5:
18:9b:f1:6e:a7:a5:93:e2:99:63:e9:3d:f7:a5:76:
37:da:a3:ad:33:da:39:d2:27:b3:62:71:92:88:f0:
75:f4:d1:8a:d5:3a:c7:e8:2a:ec:42:ea:ba:ce:a9:
f9:9c:5a:8a:8f:4d:07:62:70:d9:2a:13:9e:36:93:
ad:f8:cc:87:60:9e:7e:96:fb:46:78:12:27:83:d0:
51:5e:ed:47:06:33:55:ce:25:49:31:7c:ec:51:51:
db:aa:fd:1d:3e:d5:56:b1:e2:f4:46:5b:ae:29:56:
67:d8:0c:03:5a:e4:da:d8:08:b2:0d:4e:e4:67:f8:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:EA:D7:06:AB:7A:DA:47:12:A1:4C:6B:3B:CA:D7:C1:A1:7B:E8:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ee6a43b-b4e4-489a-9cd2-21a72f1cf6f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.128.0/19
Signature Algorithm: sha256WithRSAEncryption
53:08:95:5b:ec:2c:74:7d:49:95:58:f3:c4:75:7f:04:4d:44:
17:21:3e:9e:71:8d:8d:72:f4:98:29:2c:9f:e7:20:c2:0e:db:
15:95:cb:8d:94:58:e1:27:19:4d:fa:76:11:b5:11:c4:da:0c:
8a:5a:1c:a2:35:d7:2d:75:c4:1e:c7:0c:02:91:8e:5e:cb:4e:
d2:60:a2:72:03:c3:5b:7e:82:cf:dc:5a:65:87:02:74:5f:59:
5f:31:09:14:6a:5c:89:4c:82:c6:f1:3b:76:76:b7:d4:f0:8f:
c8:86:f7:60:64:f9:e5:db:d3:05:cb:d2:06:be:8c:c0:e6:3b:
eb:cc:68:e3:37:cf:72:c4:b6:be:41:6c:40:74:98:19:c6:2c:
e8:d1:03:5e:b2:82:2c:89:9d:d2:a4:5b:34:ce:2c:60:27:f8:
6a:e4:20:dc:fc:2f:02:05:ff:74:78:37:fc:7f:78:c5:5a:80:
21:d5:a9:87:df:9b:40:1a:51:5b:34:54:8f:1c:90:f5:cc:ba:
68:3e:6a:81:c4:1a:0b:54:6b:f5:86:50:1f:3b:14:94:a4:72:
2a:fa:45:c2:e2:87:9b:77:d2:24:cc:14:02:be:c6:82:d2:4d:
06:22:a6:4d:9a:16:a3:03:e5:70:63:7a:41:39:83:b1:4f:76:
7d:77:9e:2e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZv1mdG0s+DagszoDMSQRbHD4lSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTMxNzU2MTVaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyNTQxOTNlZGMzYjUzZWI2ZDRlZmNjODE5MDc4YjFmODYyZTFlY2IzNDgw
ZGZhNTUyMDQ0MDE0NDRkZTlmNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgAsq0DR01hbRVvuYIuZmTyHtHCOra1dPxSRDlgmy5jTd17e18dgu5m/aAV
WH1gRuW/r97y9DubfNrxxDbNECgk/9FoEZ7n/erjQdsOBD9ncnZzoAT5zbKgpPkm
q57R+TywGVVgXdi02qY4CPq6FynywQ1nfb1esUXt/WMni7JYZUIlFQrVGJvxbqel
k+KZY+k996V2N9qjrTPaOdIns2JxkojwdfTRitU6x+gq7ELqus6p+Zxaio9NB2Jw
2SoTnjaTrfjMh2Cefpb7RngSJ4PQUV7tRwYzVc4lSTF87FFR26r9HT7VVrHi9EZb
rilWZ9gMA1rk2tgIsg1O5Gf4FEsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTB6tcG
q3raRxKhTGs7ytfBoXvoAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVlNmE0M2ItYjRlNC00ODlhLTljZDItMjFhNzJmMWNmNmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAigDAN
BgkqhkiG9w0BAQsFAAOCAQEAUwiVW+wsdH1JlVjzxHV/BE1EFyE+nnGNjXL0mCks
n+cgwg7bFZXLjZRY4ScZTfp2EbURxNoMilocojXXLXXEHscMApGOXstO0mCicgPD
W36Cz9xaZYcCdF9ZXzEJFGpciUyCxvE7dna31PCPyIb3YGT55dvTBcvSBr6MwOY7
68xo4zfPcsS2vkFsQHSYGcYs6NEDXrKCLImd0qRbNM4sYCf4auQg3PwvAgX/dHg3
/H94xVqAIdWph9+bQBpRWzRUjxyQ9cy6aD5qgcQaC1Rr9YZQHzsUlKRyKvpFwuKH
m3fSJMwUAr7GgtJNBiKmTZoWowPlcGN6QTmDsU92fXeeLg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:19:06 2025 by rpki-client