Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
File: ca3047ed-6074-479d-9d85-26334085e41c.roa (raw, json)
Hash identifier: GV7LT1Ka0X1xP9thzIwMt+c+Bl3FQ9yYhsUoYSNTGgs=
Subject key identifier: 4D:30:E9:8F:E5:B3:07:6C:B7:54:8A:23:05:FA:E9:47:94:66:55:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B390E94E1C53D61A2FBAA853A951A5B046D7952
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
Signing time: Mon 28 Jul 2025 16:10:37 +0000
ROA not before: Mon 28 Jul 2025 16:10:37 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:39:0e:94:e1:c5:3d:61:a2:fb:aa:85:3a:95:1a:5b:04:6d:79:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:37 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=2caf58222da89f3e0343133a8c18a4657f15e2be2a9c587bed95da7abbc4830f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:40:09:0f:e0:68:d2:ee:8f:c2:50:20:e9:6e:
e7:c5:92:80:54:23:03:0d:32:26:a9:c8:8c:11:1e:
8a:0a:8b:25:ce:aa:ad:d1:42:6b:01:cf:f5:dd:dd:
09:7e:d2:ed:87:3c:2e:13:e9:6e:c0:d7:c2:6f:61:
ad:dd:aa:30:ac:b1:01:63:1a:55:60:69:16:f6:e8:
ca:49:18:39:79:00:22:96:bc:80:16:72:8d:26:c3:
05:89:44:27:e7:f0:56:b5:5b:db:5b:89:0c:9d:74:
79:f0:13:07:56:f0:ce:bb:e7:5c:9d:a3:58:27:69:
67:30:1d:df:97:e0:5e:a5:bf:5b:c8:4f:a0:ee:61:
1e:e9:f2:24:a4:bb:8b:11:c8:d4:e5:f0:61:b0:95:
67:7a:70:aa:f5:96:0f:01:1e:bc:6c:5f:d9:42:79:
e7:0f:a5:1a:8c:3c:29:34:ce:70:b8:4a:52:8b:6b:
37:68:fb:f7:7d:4b:0d:3d:ac:83:2e:f0:51:15:5e:
12:c5:cc:ab:65:cb:20:af:52:4e:96:7d:f4:d8:94:
89:33:6c:27:18:70:ab:8b:96:fc:3d:ba:3b:41:e0:
7b:b7:6a:40:d0:f6:fa:36:76:61:f5:5b:f4:1e:ec:
f8:1a:da:07:a7:3e:9f:ba:09:b9:7d:29:ce:3b:d8:
5e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:30:E9:8F:E5:B3:07:6C:B7:54:8A:23:05:FA:E9:47:94:66:55:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3047ed-6074-479d-9d85-26334085e41c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5b:d2:4e:cb:3e:6e:6d:06:39:61:1b:fe:c9:4c:15:f3:3a:7f:
e3:4f:47:d4:7d:8c:87:11:c6:41:30:44:45:d1:e2:8f:d8:4f:
b3:e9:32:05:1c:24:9c:bc:83:fd:82:2a:74:f7:62:b3:13:80:
dc:55:44:64:29:3b:77:83:df:b0:f2:70:e8:e6:67:fd:3b:c4:
10:aa:b2:ca:a6:fb:e7:1e:8a:9c:55:b7:e3:8c:85:38:bd:02:
95:a9:62:65:07:20:c5:90:04:4b:db:62:04:6e:e0:6f:14:4f:
b5:e2:48:87:7f:68:ce:71:8a:e7:3e:1f:56:ec:25:18:06:2a:
83:1d:52:1a:69:ba:33:17:45:ae:a8:f5:5a:19:8f:26:35:c3:
46:fa:4f:d4:64:36:69:18:bf:ee:dc:e3:af:1d:03:0c:d8:7b:
ae:51:9a:f8:f0:5f:19:58:b8:64:af:52:e3:b1:82:c8:97:d2:
85:2c:21:2d:71:60:5d:00:c9:f5:b0:80:96:4c:74:8c:61:69:
db:d4:7a:4d:a9:67:14:6f:57:ab:a4:5d:70:74:39:dd:b8:58:
65:67:d5:8a:05:4e:c2:99:28:56:ab:05:f2:47:90:2a:db:d2:
72:8d:19:19:20:14:a2:b6:da:79:9b:b6:a5:aa:b8:f0:e6:ef:
b2:38:a4:5c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSzkOlOHFPWGi+6qFOpUaWwRteVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMzdaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjYWY1ODIyMmRhODlmM2UwMzQzMTMzYThjMThhNDY1N2YxNWUyYmUyYTlj
NTg3YmVkOTVkYTdhYmJjNDgzMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdACQ/gaNLuj8JQIOlu58WSgFQjAw0yJqnIjBEeigqLJc6qrdFCawHP9d3d
CX7S7Yc8LhPpbsDXwm9hrd2qMKyxAWMaVWBpFvboykkYOXkAIpa8gBZyjSbDBYlE
J+fwVrVb21uJDJ10efATB1bwzrvnXJ2jWCdpZzAd35fgXqW/W8hPoO5hHunyJKS7
ixHI1OXwYbCVZ3pwqvWWDwEevGxf2UJ55w+lGow8KTTOcLhKUotrN2j7931LDT2s
gy7wURVeEsXMq2XLIK9STpZ99NiUiTNsJxhwq4uW/D26O0Hge7dqQND2+jZ2YfVb
9B7s+BraB6c+n7oJuX0pzjvYXt8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRNMOmP
5bMHbLdUiiMF+ulHlGZVbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EzMDQ3ZWQtNjA3NC00NzlkLTlkODUtMjYzMzQwODVlNDFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBrAiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAW9JOyz5ubQY5YRv+yUwV8zp/409H1H2MhxHGQTBE
RdHij9hPs+kyBRwknLyD/YIqdPdisxOA3FVEZCk7d4PfsPJw6OZn/TvEEKqyyqb7
5x6KnFW344yFOL0ClaliZQcgxZAES9tiBG7gbxRPteJIh39oznGK5z4fVuwlGAYq
gx1SGmm6MxdFrqj1WhmPJjXDRvpP1GQ2aRi/7tzjrx0DDNh7rlGa+PBfGVi4ZK9S
47GCyJfShSwhLXFgXQDJ9bCAlkx0jGFp29R6TalnFG9Xq6RdcHQ53bhYZWfVigVO
wpkoVqsF8keQKtvSco0ZGSAUorbaeZu2paq48ObvsjikXA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:09 2025 by rpki-client