Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
File: 1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa (raw, json)
Hash identifier: Vy76KXcHdQsS4500gY12lyIY3gIodGQHZpGrD9GHeVM=
Subject key identifier: E9:83:A7:19:D4:0B:B2:CC:B1:FF:FF:CD:2F:87:AA:64:49:59:EF:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E66A140B9D8E5DF5720A53113735A39D351BD1E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
Signing time: Mon 28 Jul 2025 16:00:08 +0000
ROA not before: Mon 28 Jul 2025 16:00:08 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:66:a1:40:b9:d8:e5:df:57:20:a5:31:13:73:5a:39:d3:51:bd:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:00:08 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=366c51001d60d0d297ad41053a536c02b8ca441096f6ff55973f07f6b98ef705, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:51:04:af:af:38:81:bd:ad:9e:07:be:68:09:
1f:9d:5b:16:1f:45:96:30:8f:e3:9c:3f:06:a2:a2:
de:81:26:4c:53:77:97:12:20:8a:b2:dc:d5:8e:78:
4e:b3:5a:ac:7f:00:64:03:59:75:ba:38:36:d7:c4:
18:2e:66:cd:83:9b:e2:62:69:62:bc:03:d1:9d:ce:
75:2b:77:60:dd:68:b0:6a:bb:c3:78:2f:ce:dd:f0:
bd:58:9f:9b:ac:67:eb:84:25:7f:e0:c2:8a:73:7a:
aa:1f:f9:41:f8:a0:ba:e5:5b:3b:e6:4a:32:83:47:
33:60:18:15:0d:2e:c1:de:51:0a:a9:68:9c:d4:0e:
66:21:e5:a9:6f:be:78:9d:cd:3f:38:10:25:f1:43:
a4:60:f6:6a:e5:ca:ab:d7:67:6d:40:78:a8:01:c4:
58:96:f7:51:08:32:13:c7:e9:ee:10:c6:07:5e:a2:
25:de:e7:3c:ee:5b:6e:34:ad:ca:bd:22:e4:f8:af:
5c:8c:eb:c5:3c:ce:12:b5:e7:6a:7e:ec:ad:71:49:
fe:aa:74:20:b4:ca:82:0f:d3:7d:50:17:36:ea:c4:
47:34:af:09:02:ba:ec:9a:76:e1:92:9f:92:5b:39:
70:ae:22:89:20:e4:82:4e:db:cb:22:6c:27:ba:f8:
69:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:83:A7:19:D4:0B:B2:CC:B1:FF:FF:CD:2F:87:AA:64:49:59:EF:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8a7076-0c78-4aa6-9c1e-dfeb947189f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.124.0/23
Signature Algorithm: sha256WithRSAEncryption
45:54:21:14:1f:63:f7:8b:20:f6:ce:b0:b7:27:45:7e:6a:50:
a9:20:de:3f:b2:ef:ae:af:1b:6e:ec:05:19:30:cc:f2:6d:6d:
96:cb:09:f9:ae:d8:2d:25:85:7a:6d:a7:92:3d:59:7e:fb:c9:
d3:4f:66:05:36:ee:3e:9a:6d:83:f9:80:f5:35:43:ad:13:ab:
5f:60:46:e0:51:48:0a:d2:ce:21:49:d5:8d:57:f4:5f:3e:08:
51:0e:b1:6f:7a:ba:c2:16:aa:bc:29:88:b9:5c:8a:06:8e:e3:
c6:87:ad:c3:41:10:7f:00:88:ec:d6:c5:5d:10:22:9d:40:ef:
c5:34:c3:b9:6f:42:dc:df:0e:f1:37:20:fd:20:0b:b5:3e:49:
48:21:d1:35:a7:43:12:bb:cf:02:13:c3:05:6e:e1:a0:ee:20:
6e:ad:cc:2a:91:cd:b7:87:08:01:34:7b:4a:6b:0d:47:3e:66:
e3:c9:93:a9:4a:0f:7e:18:0d:cf:ca:b9:4f:9a:e6:6d:0c:cc:
19:f9:61:69:a2:e8:9d:73:01:c7:bc:fe:44:cb:2c:d0:a1:ea:
2d:15:33:34:e8:14:8a:89:a4:d4:de:da:5e:3d:03:47:17:bd:
1a:18:b4:1b:bd:cf:84:5a:3b:2e:38:d5:96:4e:cc:e7:ca:62:
52:23:01:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPmahQLnY5d9XIKUxE3NaOdNRvR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjAwMDhaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2NmM1MTAwMWQ2MGQwZDI5N2FkNDEwNTNhNTM2YzAyYjhjYTQ0MTA5NmY2
ZmY1NTk3M2YwN2Y2Yjk4ZWY3MDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBRBK+vOIG9rZ4HvmgJH51bFh9FljCP45w/BqKi3oEmTFN3lxIgirLc1Y54
TrNarH8AZANZdbo4NtfEGC5mzYOb4mJpYrwD0Z3OdSt3YN1osGq7w3gvzt3wvVif
m6xn64Qlf+DCinN6qh/5QfiguuVbO+ZKMoNHM2AYFQ0uwd5RCqlonNQOZiHlqW++
eJ3NPzgQJfFDpGD2auXKq9dnbUB4qAHEWJb3UQgyE8fp7hDGB16iJd7nPO5bbjSt
yr0i5PivXIzrxTzOErXnan7srXFJ/qp0ILTKgg/TfVAXNurERzSvCQK67Jp24ZKf
kls5cK4iiSDkgk7byyJsJ7r4aWkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTpg6cZ
1AuyzLH//80vh6pkSVnvjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4YTcwNzYtMGM3OC00YWE2LTljMWUtZGZlYjk0NzE4OWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbAgfDAN
BgkqhkiG9w0BAQsFAAOCAQEARVQhFB9j94sg9s6wtydFfmpQqSDeP7Lvrq8bbuwF
GTDM8m1tlssJ+a7YLSWFem2nkj1ZfvvJ009mBTbuPpptg/mA9TVDrROrX2BG4FFI
CtLOIUnVjVf0Xz4IUQ6xb3q6whaqvCmIuVyKBo7jxoetw0EQfwCI7NbFXRAinUDv
xTTDuW9C3N8O8Tcg/SALtT5JSCHRNadDErvPAhPDBW7hoO4gbq3MKpHNt4cIATR7
SmsNRz5m48mTqUoPfhgNz8q5T5rmbQzMGflhaaLonXMBx7z+RMss0KHqLRUzNOgU
iomk1N7aXj0DRxe9Ghi0G73PhFo7LjjVlk7M58piUiMBpg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:07 2025 by rpki-client