Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
File: 53380a08-b071-4729-9c41-f9a83d36f4c0.roa (raw, json)
Hash identifier: /1A+5N1nJTsxrmTj6vavSdlFvJlMhDtabwp0mndeDBI=
Subject key identifier: BA:07:19:87:A6:58:D7:A0:4E:93:FC:92:F5:D9:29:33:93:C0:0A:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07876E33FDE65F92166BA8843E60287AA4B081D7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
Signing time: Tue 01 Jul 2025 15:00:08 +0000
ROA not before: Tue 01 Jul 2025 15:00:08 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:87:6e:33:fd:e6:5f:92:16:6b:a8:84:3e:60:28:7a:a4:b0:81:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:00:08 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=3c77b43c7e79c8d4e4b7f54d17c9ec9d48db190f1f7aab785872b592f6144686, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:71:e7:6b:73:a0:52:eb:56:8b:1d:a1:f6:8f:
10:50:3d:94:7d:54:3f:81:10:ed:7e:77:58:ce:bc:
ab:27:2d:fc:8e:97:16:25:f8:83:33:34:22:e6:cc:
c2:01:4a:66:b3:31:0f:da:f4:c1:f3:d6:a2:5f:5b:
22:aa:e5:ee:0b:05:7e:0e:cd:65:fc:87:63:e1:4b:
4b:09:72:ab:db:25:30:43:d7:2e:0d:4a:32:78:df:
a0:4e:5b:c2:87:12:5f:7d:5a:25:01:18:18:4d:f8:
74:fc:8b:bf:d0:93:f3:ba:02:3b:80:48:ee:25:32:
97:c9:d3:b5:05:a9:c2:91:7b:70:b4:68:88:ed:89:
12:29:1b:59:26:55:d1:bf:f5:f9:5e:a4:38:1c:55:
7a:7e:52:40:5d:15:c6:a1:53:c9:2c:d2:a2:79:1d:
0d:9e:45:fa:40:80:f9:58:0e:cb:1f:0b:a3:6f:08:
f2:28:d6:64:da:a7:c1:3c:6f:eb:7c:61:f1:31:77:
d5:c2:eb:db:16:6c:88:ff:cc:24:84:cd:26:ec:35:
b9:43:f6:33:9c:0f:05:d9:f5:68:0c:ba:25:65:0a:
93:2b:b9:a0:01:6c:4e:05:df:da:55:47:ad:33:41:
df:92:41:fe:7c:31:ae:2b:ee:8a:a4:4b:08:54:de:
f2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:07:19:87:A6:58:D7:A0:4E:93:FC:92:F5:D9:29:33:93:C0:0A:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/53380a08-b071-4729-9c41-f9a83d36f4c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.80.0/22
Signature Algorithm: sha256WithRSAEncryption
20:d2:15:21:3d:f9:f9:1a:d9:c3:ab:28:e6:d2:5c:c6:a4:ba:
d6:16:4f:ce:51:00:ee:e7:42:8f:a8:a8:fe:52:cf:c1:35:9d:
7a:c5:29:5e:6c:ba:c5:42:2e:e4:7d:ed:37:50:bc:d8:b3:0d:
12:27:54:9b:4e:a5:8e:30:7d:a2:37:e1:53:9f:9b:c9:68:eb:
39:f0:40:07:3b:39:8a:1b:b5:70:88:a4:af:a4:11:b1:96:c9:
33:7a:27:71:6d:f7:87:0f:e9:c1:32:f0:bb:cf:c6:fc:3f:fc:
10:49:3d:f4:61:a9:7d:94:fd:da:6a:de:f0:4d:33:de:e8:16:
3b:08:20:6a:38:e0:57:ae:2b:c0:87:3c:d2:78:44:11:78:55:
3b:a9:4b:ce:ea:5f:4e:af:91:6f:73:b5:c7:e9:99:58:f6:eb:
74:96:cd:ef:3a:a1:92:93:c3:98:23:c6:c6:d3:4c:2d:dd:46:
32:f9:4c:46:cb:03:64:94:ea:1c:bf:18:81:54:05:52:fa:01:
fd:67:b1:37:f1:3b:8b:da:93:2c:fc:f9:30:82:ee:29:8e:61:
67:e6:3b:11:f6:48:c4:97:18:66:fb:09:d5:3c:45:01:4c:1c:
c6:eb:3d:be:ee:4d:9f:3e:f2:df:4e:4a:4a:f4:55:bc:64:26:
dc:57:ba:ee
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUB4duM/3mX5IWa6iEPmAoeqSwgdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTAwMDhaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjNzdiNDNjN2U3OWM4ZDRlNGI3ZjU0ZDE3YzllYzlkNDhkYjE5MGYxZjdh
YWI3ODU4NzJiNTkyZjYxNDQ2ODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtx52tzoFLrVosdofaPEFA9lH1UP4EQ7X53WM68qyct/I6XFiX4gzM0IubM
wgFKZrMxD9r0wfPWol9bIqrl7gsFfg7NZfyHY+FLSwlyq9slMEPXLg1KMnjfoE5b
wocSX31aJQEYGE34dPyLv9CT87oCO4BI7iUyl8nTtQWpwpF7cLRoiO2JEikbWSZV
0b/1+V6kOBxVen5SQF0VxqFTySzSonkdDZ5F+kCA+VgOyx8Lo28I8ijWZNqnwTxv
63xh8TF31cLr2xZsiP/MJITNJuw1uUP2M5wPBdn1aAy6JWUKkyu5oAFsTgXf2lVH
rTNB35JB/nwxrivuiqRLCFTe8osCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS6BxmH
pljXoE6T/JL12Skzk8AKAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzODBhMDgtYjA3MS00NzI5LTljNDEtZjlhODNkMzZmNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArAgUDAN
BgkqhkiG9w0BAQsFAAOCAQEAINIVIT35+RrZw6so5tJcxqS61hZPzlEA7udCj6io
/lLPwTWdesUpXmy6xUIu5H3tN1C82LMNEidUm06ljjB9ojfhU5+byWjrOfBABzs5
ihu1cIikr6QRsZbJM3oncW33hw/pwTLwu8/G/D/8EEk99GGpfZT92mre8E0z3ugW
OwggajjgV64rwIc80nhEEXhVO6lLzupfTq+Rb3O1x+mZWPbrdJbN7zqhkpPDmCPG
xtNMLd1GMvlMRssDZJTqHL8YgVQFUvoB/WexN/E7i9qTLPz5MILuKY5hZ+Y7EfZI
xJcYZvsJ1TxFAUwcxus9vu5Nnz7y305KSvRVvGQm3Fe67g==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:44:46 2025 by rpki-client