Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
File: a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa (raw, json)
Hash identifier: hxJNw432NYpdhUCTl0dI4KuPHHJ2MWLRpiBxO0AEYD8=
Subject key identifier: EA:0A:1F:56:C2:B6:03:27:F7:5A:5F:4B:3D:46:6A:7E:05:58:34:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57345D8F4884D24CE49762555C3BF8DD1F6FD232
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
Signing time: Fri 22 Aug 2025 15:00:28 +0000
ROA not before: Fri 22 Aug 2025 15:00:28 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:34:5d:8f:48:84:d2:4c:e4:97:62:55:5c:3b:f8:dd:1f:6f:d2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:28 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=479e651765a173915cc4ab74b900789df8e911e2181c99fd8c5362a8f0f38d27, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:73:68:31:d5:4a:21:7d:19:1d:b5:0e:f4:7e:
38:b3:94:90:86:10:23:7e:ee:f5:25:0f:9a:2f:d7:
73:09:84:18:6d:6e:39:35:03:55:a8:3d:07:c2:f2:
9e:89:ac:77:27:d6:c5:2d:ee:24:05:08:3d:fd:b4:
99:cd:7d:5f:d1:02:76:5d:85:e3:f2:e8:e7:0e:92:
ef:a7:97:48:64:83:de:9f:5b:e0:0a:1c:3e:08:95:
09:4f:04:d4:15:34:e2:aa:e2:7b:f1:31:ed:08:01:
96:3a:df:1c:89:f6:0b:10:54:03:43:9b:c8:18:08:
8f:ad:75:71:21:24:3d:0c:31:bd:ab:a6:5f:86:96:
11:c0:44:3c:7e:4d:cb:8b:be:b5:0b:3d:36:33:35:
e7:f4:9e:49:b7:01:61:f0:7e:23:a8:e0:c9:9f:02:
68:da:40:4d:c7:2f:51:61:22:62:bb:99:46:87:8c:
01:b4:92:45:1a:ff:e4:6f:de:24:60:f3:a7:66:b3:
8a:b1:cb:fe:d8:2f:83:99:19:65:eb:fa:ca:4d:95:
42:54:f9:99:74:1e:5c:f1:68:f4:4a:68:cc:8d:24:
78:e5:97:27:5a:44:7d:ed:3a:d5:c6:08:60:7c:54:
a6:44:17:ea:74:5f:80:24:16:cc:31:39:10:d3:71:
60:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:0A:1F:56:C2:B6:03:27:F7:5A:5F:4B:3D:46:6A:7E:05:58:34:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a260fe3c-a901-4f5a-b50a-79b9a1e1f8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:61:73:90:b0:e0:a7:9f:79:84:f3:8a:ac:33:64:20:ca:32:
b7:8d:16:53:21:7f:d1:4c:51:a6:9e:ae:3a:c6:29:7f:b0:8c:
df:40:84:49:f4:e3:fd:28:95:eb:9a:a2:1c:a6:d7:8a:09:f6:
b3:eb:f7:e3:35:96:57:79:2c:fd:02:89:83:64:77:ab:77:89:
38:0d:f0:95:5c:0a:1c:24:5b:1f:72:17:e4:27:40:76:18:0c:
5f:52:ba:c2:f2:f9:08:42:e9:c4:41:08:1d:fa:80:1f:34:be:
70:82:ae:4a:14:c2:4a:b8:e1:53:d7:e5:68:1f:23:bc:8d:03:
e2:90:20:56:cf:33:d5:ff:3a:fe:2e:22:7f:5c:fd:ca:45:7f:
47:b5:b0:24:f2:c0:92:ff:80:6e:d7:01:b4:91:1d:ab:3d:ec:
f2:6c:9f:b2:5f:02:ea:d4:ce:f8:39:e1:5b:29:a2:d7:e8:66:
19:34:7b:7d:0c:47:5f:7f:98:44:82:5a:7b:82:6d:de:79:84:
42:ed:16:46:30:29:68:89:e1:5a:5d:8e:99:52:57:04:c9:e7:
09:f1:5b:6c:c6:22:a9:5d:46:79:31:a5:52:41:4f:27:31:db:
7a:aa:31:95:91:0d:86:fe:7a:cf:18:dd:55:75:15:9f:5c:25:
eb:c6:49:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVzRdj0iE0kzkl2JVXDv43R9v0jIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMjhaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3OWU2NTE3NjVhMTczOTE1Y2M0YWI3NGI5MDA3ODlkZjhlOTExZTIxODFj
OTlmZDhjNTM2MmE4ZjBmMzhkMjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRzaDHVSiF9GR21DvR+OLOUkIYQI37u9SUPmi/XcwmEGG1uOTUDVag9B8Ly
nomsdyfWxS3uJAUIPf20mc19X9ECdl2F4/Lo5w6S76eXSGSD3p9b4AocPgiVCU8E
1BU04qrie/Ex7QgBljrfHIn2CxBUA0ObyBgIj611cSEkPQwxvaumX4aWEcBEPH5N
y4u+tQs9NjM15/SeSbcBYfB+I6jgyZ8CaNpATccvUWEiYruZRoeMAbSSRRr/5G/e
JGDzp2azirHL/tgvg5kZZev6yk2VQlT5mXQeXPFo9EpozI0keOWXJ1pEfe061cYI
YHxUpkQX6nRfgCQWzDE5ENNxYOMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTqCh9W
wrYDJ/daX0s9Rmp+BVg0cTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTI2MGZlM2MtYTkwMS00ZjVhLWI1MGEtNzliOWExZTFmOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAS2FzkLDgp595hPOKrDNkIMoyt40WUyF/0UxRpp6u
OsYpf7CM30CESfTj/SiV65qiHKbXign2s+v34zWWV3ks/QKJg2R3q3eJOA3wlVwK
HCRbH3IX5CdAdhgMX1K6wvL5CELpxEEIHfqAHzS+cIKuShTCSrjhU9flaB8jvI0D
4pAgVs8z1f86/i4if1z9ykV/R7WwJPLAkv+AbtcBtJEdqz3s8myfsl8C6tTO+Dnh
Wymi1+hmGTR7fQxHX3+YRIJae4Jt3nmEQu0WRjApaInhWl2OmVJXBMnnCfFbbMYi
qV1GeTGlUkFPJzHbeqoxlZENhv56zxjdVXUVn1wl68ZJag==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:37 2025 by rpki-client