Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
File: 1172536b-2edc-4ffb-9fca-b111f3d038a9.roa (raw, json)
Hash identifier: LKQzn8G6Ap1pwdJJnXeq7QuewrcOkC6xF6cU/oXOl8k=
Subject key identifier: 49:0B:2A:0E:2C:F2:65:C1:7B:9D:14:DE:9A:21:5D:3B:87:07:A8:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30D5E64AC94052455D39537FF5E14B478BE898C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
Signing time: Mon 01 Sep 2025 19:30:10 +0000
ROA not before: Mon 01 Sep 2025 19:30:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:d5:e6:4a:c9:40:52:45:5d:39:53:7f:f5:e1:4b:47:8b:e8:98:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:30:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=58f3661937683998bfa0a15b88e95f99e97c3f06ebfe29ceb5606245cf6acc2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:00:70:6d:8d:9b:c8:40:43:f9:b7:01:15:98:
63:39:0d:ce:43:b4:6e:7b:67:85:5f:37:2f:65:b8:
16:b5:ca:5e:af:ec:6b:a2:a6:0e:34:6a:d4:b4:24:
7a:75:d0:fc:39:5b:c8:79:9e:cc:b4:ff:61:2b:f6:
9c:31:53:48:f2:3c:c1:d0:c7:66:d3:d7:82:0c:0b:
5c:b8:32:32:69:3f:8c:99:b5:8d:1a:1e:33:ed:ec:
01:b5:00:cd:cf:fd:26:fb:52:12:9f:3e:13:c3:51:
d7:8c:46:1d:58:68:da:e8:1e:ba:55:2d:a9:05:ee:
50:62:05:ff:48:f9:09:e2:8f:a6:db:d7:ca:37:16:
32:6e:94:41:89:5f:43:13:51:69:7e:49:e6:53:d9:
44:2d:81:74:78:a9:21:42:f1:aa:50:9a:45:36:d0:
42:13:28:52:66:aa:4e:21:8d:b1:08:8a:66:f9:8b:
0e:7c:a6:14:97:72:0a:2e:6b:43:2f:ca:e7:9b:b7:
68:ae:8e:32:90:17:fd:9b:a6:ec:c5:e4:1f:06:94:
56:09:40:8c:72:f6:5e:81:e9:db:40:6f:df:db:6d:
dd:fe:ad:b2:07:64:eb:4a:a1:83:c4:0b:f9:7b:3e:
ea:89:a7:8f:96:b3:b0:f2:ac:21:bc:5d:5d:36:0b:
90:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0B:2A:0E:2C:F2:65:C1:7B:9D:14:DE:9A:21:5D:3B:87:07:A8:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1172536b-2edc-4ffb-9fca-b111f3d038a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.112.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:99:8c:25:e4:76:65:89:18:32:0b:0a:6f:bf:0e:d9:b6:cd:
04:d4:d5:42:45:c0:89:ba:11:9a:40:ac:d3:eb:9b:45:8d:d3:
92:42:37:6d:06:04:44:fc:4c:68:d8:df:06:f1:27:c0:17:27:
2e:3c:72:1a:2f:91:4e:f7:75:8d:87:88:9e:63:6c:98:34:0d:
80:f5:95:78:7a:6e:83:cb:00:9f:f8:20:55:06:3f:33:d7:5f:
92:9f:53:8a:ba:06:c9:c6:d9:70:1a:55:b7:6e:e9:4b:b9:c0:
91:7a:b9:8e:f2:bb:89:d7:e4:10:30:72:4b:9a:49:e4:64:fb:
77:62:7d:03:42:ae:26:c8:ef:e4:f7:ba:ac:82:cc:58:47:7d:
ef:37:aa:9a:37:8b:a8:07:a7:86:60:40:21:2c:65:36:85:29:
50:5a:ba:45:16:c7:40:83:72:a8:4a:6d:94:14:2a:a6:ab:2b:
62:18:cf:63:7c:e2:a0:af:c1:3a:22:2c:76:7b:d2:2d:4b:6e:
9d:4d:e8:56:08:f5:e4:e3:2a:51:8a:29:d2:f1:36:c8:c2:38:
8a:0b:5a:b5:02:ad:5c:a7:c4:d5:f2:89:17:81:84:ba:a1:1e:
a2:2f:26:e3:d5:4b:99:c6:c9:a5:40:cf:23:96:2c:9f:72:fd:
3f:6e:1a:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMNXmSslAUkVdOVN/9eFLR4vomMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTMwMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4ZjM2NjE5Mzc2ODM5OThiZmEwYTE1Yjg4ZTk1Zjk5ZTk3YzNmMDZlYmZl
MjljZWI1NjA2MjQ1Y2Y2YWNjMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOMAcG2Nm8hAQ/m3ARWYYzkNzkO0bntnhV83L2W4FrXKXq/sa6KmDjRq1LQk
enXQ/DlbyHmezLT/YSv2nDFTSPI8wdDHZtPXggwLXLgyMmk/jJm1jRoeM+3sAbUA
zc/9JvtSEp8+E8NR14xGHVho2ugeulUtqQXuUGIF/0j5CeKPptvXyjcWMm6UQYlf
QxNRaX5J5lPZRC2BdHipIULxqlCaRTbQQhMoUmaqTiGNsQiKZvmLDnymFJdyCi5r
Qy/K55u3aK6OMpAX/Zum7MXkHwaUVglAjHL2XoHp20Bv39tt3f6tsgdk60qhg8QL
+Xs+6omnj5azsPKsIbxdXTYLkK0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJCyoO
LPJlwXudFN6aIV07hweoWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3MjUzNmItMmVkYy00ZmZiLTlmY2EtYjExMWYzZDAzOGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgcDAN
BgkqhkiG9w0BAQsFAAOCAQEAP5mMJeR2ZYkYMgsKb78O2bbNBNTVQkXAiboRmkCs
0+ubRY3TkkI3bQYERPxMaNjfBvEnwBcnLjxyGi+RTvd1jYeInmNsmDQNgPWVeHpu
g8sAn/ggVQY/M9dfkp9TiroGycbZcBpVt27pS7nAkXq5jvK7idfkEDByS5pJ5GT7
d2J9A0KuJsjv5Pe6rILMWEd97zeqmjeLqAenhmBAISxlNoUpUFq6RRbHQINyqEpt
lBQqpqsrYhjPY3zioK/BOiIsdnvSLUtunU3oVgj15OMqUYop0vE2yMI4igtatQKt
XKfE1fKJF4GEuqEeoi8m49VLmcbJpUDPI5Ysn3L9P24atw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:18 2025 by rpki-client