Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
File: b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa (raw, json)
Hash identifier: 3QMiyr+rNuV9eIv5jlj6A4AjdYGXFEHn8Ef8+NrDAGE=
Subject key identifier: 36:F7:31:A8:A6:1F:56:D7:85:45:DA:A2:44:F5:D5:AD:FC:6C:5A:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AA6FD9E1790FA85EC94E801C7FA5474E8FF8318
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
Signing time: Fri 22 Aug 2025 15:00:18 +0000
ROA not before: Fri 22 Aug 2025 15:00:18 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:a6:fd:9e:17:90:fa:85:ec:94:e8:01:c7:fa:54:74:e8:ff:83:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:00:18 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=75d3f128f055f7745a9dbb883c5827d1aabe900a3b685a088c44e7e6feb64cc4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:d5:a8:82:55:98:60:03:3f:58:91:90:a7:
88:f0:39:34:be:42:a4:77:cd:08:7d:ef:b8:dd:59:
17:39:c9:90:9c:3c:29:26:87:1b:f9:7f:7f:44:17:
b4:cc:3f:b7:83:60:03:b1:67:ed:f4:95:9d:de:ae:
5c:62:d5:29:74:2a:0a:2a:25:f3:3f:46:8c:be:e2:
e7:6e:a7:39:3b:f4:c2:4a:87:c3:95:be:89:f7:6f:
61:86:1d:81:9d:7a:12:4c:ed:15:52:4b:73:a8:ab:
d8:25:a7:94:9e:02:dd:83:17:53:5c:d4:17:d1:a5:
43:fa:e5:e1:01:be:0f:86:0f:91:42:8a:66:4b:d5:
b8:62:3f:d2:10:ed:46:48:a5:ec:9c:5f:b8:b4:07:
40:c9:b4:6b:7b:36:38:28:27:f5:71:06:c8:28:5b:
16:da:74:16:fe:5a:24:bf:2b:06:b8:c0:77:0e:89:
6d:2c:05:57:51:d6:12:09:d5:74:05:e7:b2:cc:f2:
32:f2:3d:1f:28:66:74:08:69:79:58:4d:73:f8:43:
08:ee:99:d4:d6:4f:03:a7:d2:6b:76:49:9f:2f:52:
26:c7:74:c1:6e:91:e7:01:a2:a9:cb:19:ad:70:05:
3f:95:db:41:91:df:6b:b6:93:7c:8e:0d:c1:2c:ba:
91:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F7:31:A8:A6:1F:56:D7:85:45:DA:A2:44:F5:D5:AD:FC:6C:5A:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8d55e9d-2730-4ec2-91d5-af98a5a51340.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.44.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:71:87:11:70:eb:13:f4:63:27:72:7e:4c:20:5d:9f:75:06:
90:59:ba:75:e8:44:e3:4e:08:ea:60:ee:59:ff:d8:25:a8:ad:
bf:99:90:3d:e8:91:7e:7d:03:5f:1e:2a:52:3e:c0:33:22:19:
39:5d:71:b2:2a:e6:55:e9:16:b0:9b:91:9e:3f:45:e1:37:4a:
88:59:7f:2b:1c:37:b2:e9:a6:f8:d0:e9:e8:9f:be:70:7f:81:
09:29:31:06:bf:d0:28:e5:06:fe:f4:8e:ca:c3:db:49:c2:b0:
19:06:15:88:71:4e:ec:16:19:d5:8c:85:c9:06:61:96:b7:ac:
00:a1:99:0d:dc:c1:9f:6e:f7:a6:6c:06:36:ea:38:8f:c0:fc:
e2:d2:9c:4a:5f:04:6f:fb:14:98:fd:bb:f0:17:6c:57:3b:3c:
52:00:d9:4f:c5:b4:f9:24:8b:fc:ed:79:13:dc:15:e7:b6:9b:
f2:90:cb:52:a4:9b:71:75:49:2d:c1:cd:89:a6:ee:cd:23:f8:
9d:89:17:60:f4:e0:80:2c:16:c4:6c:c8:55:8a:3a:dc:30:ce:
67:1b:46:7f:94:18:bb:ce:f7:99:de:77:eb:9c:21:63:27:23:
eb:8c:d1:85:70:d4:f9:2c:b0:c3:ae:22:99:be:06:2b:75:a9:
63:e6:04:35
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaqb9nheQ+oXslOgBx/pUdOj/gxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTAwMThaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1ZDNmMTI4ZjA1NWY3NzQ1YTlkYmI4ODNjNTgyN2QxYWFiZTkwMGEzYjY4
NWEwODhjNDRlN2U2ZmViNjRjYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrp1aiCVZhgAz9YkZCniPA5NL5CpHfNCH3vuN1ZFznJkJw8KSaHG/l/f0QX
tMw/t4NgA7Fn7fSVnd6uXGLVKXQqCiol8z9GjL7i526nOTv0wkqHw5W+ifdvYYYd
gZ16EkztFVJLc6ir2CWnlJ4C3YMXU1zUF9GlQ/rl4QG+D4YPkUKKZkvVuGI/0hDt
Rkil7JxfuLQHQMm0a3s2OCgn9XEGyChbFtp0Fv5aJL8rBrjAdw6JbSwFV1HWEgnV
dAXnsszyMvI9HyhmdAhpeVhNc/hDCO6Z1NZPA6fSa3ZJny9SJsd0wW6R5wGiqcsZ
rXAFP5XbQZHfa7aTfI4NwSy6kU8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ29zGo
ph9W14VF2qJE9dWt/GxaeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhkNTVlOWQtMjczMC00ZWMyLTkxZDUtYWY5OGE1YTUxMzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAiLDAN
BgkqhkiG9w0BAQsFAAOCAQEAenGHEXDrE/RjJ3J+TCBdn3UGkFm6dehE404I6mDu
Wf/YJaitv5mQPeiRfn0DXx4qUj7AMyIZOV1xsirmVekWsJuRnj9F4TdKiFl/Kxw3
summ+NDp6J++cH+BCSkxBr/QKOUG/vSOysPbScKwGQYViHFO7BYZ1YyFyQZhlres
AKGZDdzBn273pmwGNuo4j8D84tKcSl8Eb/sUmP278BdsVzs8UgDZT8W0+SSL/O15
E9wV57ab8pDLUqSbcXVJLcHNiabuzSP4nYkXYPTggCwWxGzIVYo63DDOZxtGf5QY
u873md5365whYycj64zRhXDU+Syww64imb4GK3WpY+YENQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:08 2025 by rpki-client