Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
File: 01bbf67c-f7ae-457c-80b3-728a951b236a.roa (raw, json)
Hash identifier: VIwquafyNicvU1bgz7MoCp6jYfbKeb+32hMLJ+J90gg=
Subject key identifier: 77:29:60:CE:A3:8E:A7:29:01:07:93:40:E6:CD:F6:CC:38:22:9C:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D8844D35817DE724733F09AFBF5BEB91CFF9F19
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
Signing time: Tue 03 Jun 2025 16:30:56 +0000
ROA not before: Tue 03 Jun 2025 16:30:56 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:88:44:d3:58:17:de:72:47:33:f0:9a:fb:f5:be:b9:1c:ff:9f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:56 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=63f758bf1102b3666901f536f52114db7bf3acfb68863d38468c47b8ef39141e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bc:0a:8e:4d:e9:bd:20:24:f3:ae:f4:b0:40:
01:0d:87:dd:93:b7:d9:fd:47:af:87:e9:fb:bd:88:
00:e3:cb:31:a7:50:81:ee:91:f1:27:56:51:32:52:
1b:02:98:be:4d:e6:d1:1a:83:c5:0c:88:c7:57:11:
3d:b1:41:0b:af:6b:6b:be:f5:59:2d:1c:1f:08:23:
4f:fb:8d:9f:3f:d2:18:54:2d:62:48:45:dd:0b:e4:
e7:b7:91:71:94:20:24:70:f4:04:8a:07:ba:0f:d7:
a3:6a:d2:e7:82:39:bf:a9:87:d3:ff:70:21:3b:d2:
c2:69:3c:6c:20:44:74:b2:e9:15:ae:dd:c5:bc:f9:
e9:25:cc:c7:2f:7e:9d:ef:86:9d:48:25:e9:3d:66:
0f:03:53:b5:28:bb:23:bd:71:df:22:ff:31:6d:4a:
8a:27:70:66:f6:fc:17:9c:2d:da:1d:3d:35:7e:f8:
34:3c:a0:3e:74:14:c4:ce:8e:f8:93:10:6f:1e:0a:
ee:1b:a3:5d:47:48:c5:17:4a:1b:ef:62:22:17:3a:
a9:ea:03:a2:33:60:78:83:8e:c8:8b:96:8e:18:3a:
3d:d0:d9:4f:07:31:9b:13:b2:fb:67:a4:94:cf:a4:
42:49:3b:ce:63:aa:b8:9f:76:f2:94:7d:fb:86:be:
61:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:29:60:CE:A3:8E:A7:29:01:07:93:40:E6:CD:F6:CC:38:22:9C:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/18
Signature Algorithm: sha256WithRSAEncryption
12:42:a8:66:d1:cb:82:93:68:75:14:52:e5:9f:bc:30:20:e0:
66:bb:67:01:ca:17:df:df:b3:69:58:bd:c4:1e:20:0d:f3:c4:
85:97:75:65:4b:e9:c5:4b:b7:35:da:25:d6:99:c2:b3:81:8c:
d9:b9:b9:83:f8:ca:cc:42:cf:c9:0e:54:5c:19:8a:2d:a9:92:
52:a5:83:fc:5e:ea:48:66:2d:05:96:62:04:73:45:7d:f7:20:
54:19:b3:f3:9b:3d:6f:ed:7c:f5:c0:79:36:64:5a:e7:d3:09:
04:03:ec:7f:bc:30:52:6c:a4:bc:3a:9b:1d:99:2d:2a:cd:19:
d5:1c:37:bd:2b:96:96:e9:65:b3:f3:f2:40:d9:e3:6c:20:19:
01:94:05:13:28:da:a9:0f:48:c8:09:e1:37:78:82:95:e3:ba:
0a:f9:47:c4:21:8e:5d:7f:53:75:35:68:41:d6:7d:99:1a:75:
ed:f0:d2:13:32:fd:ce:8f:d3:e7:22:d0:63:96:4b:49:1f:6b:
a7:bf:e4:a0:53:a1:24:e0:e2:98:89:d4:d0:8a:24:d1:6b:da:
e3:e2:5b:f7:37:c2:49:75:41:a8:6a:cb:49:e8:1a:a4:ea:cd:
77:6d:c7:2c:95:78:2e:12:51:10:da:17:b1:31:84:74:8c:d1:
78:2b:ce:1f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPYhE01gX3nJHM/Ca+/W+uRz/nxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwNTZaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzZjc1OGJmMTEwMmIzNjY2OTAxZjUzNmY1MjExNGRiN2JmM2FjZmI2ODg2
M2QzODQ2OGM0N2I4ZWYzOTE0MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKu8Co5N6b0gJPOu9LBAAQ2H3ZO32f1Hr4fp+72IAOPLMadQge6R8SdWUTJS
GwKYvk3m0RqDxQyIx1cRPbFBC69ra771WS0cHwgjT/uNnz/SGFQtYkhF3Qvk57eR
cZQgJHD0BIoHug/Xo2rS54I5v6mH0/9wITvSwmk8bCBEdLLpFa7dxbz56SXMxy9+
ne+GnUgl6T1mDwNTtSi7I71x3yL/MW1KiidwZvb8F5wt2h09NX74NDygPnQUxM6O
+JMQbx4K7hujXUdIxRdKG+9iIhc6qeoDojNgeIOOyIuWjhg6PdDZTwcxmxOy+2ek
lM+kQkk7zmOquJ928pR9+4a+YfkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR3KWDO
o46nKQEHk0DmzfbMOCKcpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDFiYmY2N2MtZjdhZS00NTdjLTgwYjMtNzI4YTk1MWIyMzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAEkKoZtHLgpNodRRS5Z+8MCDgZrtnAcoX39+zaVi9
xB4gDfPEhZd1ZUvpxUu3Ndol1pnCs4GM2bm5g/jKzELPyQ5UXBmKLamSUqWD/F7q
SGYtBZZiBHNFffcgVBmz85s9b+189cB5NmRa59MJBAPsf7wwUmykvDqbHZktKs0Z
1Rw3vSuWlulls/PyQNnjbCAZAZQFEyjaqQ9IyAnhN3iCleO6CvlHxCGOXX9TdTVo
QdZ9mRp17fDSEzL9zo/T5yLQY5ZLSR9rp7/koFOhJODimInU0Iok0Wva4+Jb9zfC
SXVBqGrLSegapOrNd23HLJV4LhJRENoXsTGEdIzReCvOHw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:26 2025 by rpki-client