Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: xrofgnHuQuzgOKXzHo2PAGMKJUh0ZvpCHNbr1/S5xJA=
Subject key identifier: 8E:C0:32:6D:3F:BF:FB:3D:D6:84:0E:FD:55:9D:CD:C2:F8:13:D2:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29BDC7E1C2486A08662318E2CFBB32E187C71236
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Tue 03 Jun 2025 16:30:18 +0000
ROA not before: Tue 03 Jun 2025 16:30:18 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:bd:c7:e1:c2:48:6a:08:66:23:18:e2:cf:bb:32:e1:87:c7:12:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:18 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=2c051c83c73f8a637be00afe8774eb600c58057b62369b4117001d0f1c8f48f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:e7:7d:9f:8b:25:50:ca:5f:bf:6c:ad:1e:
62:a1:cf:4c:89:0f:98:a0:35:db:ba:07:a8:3c:42:
c9:ae:87:25:6d:a0:0b:0b:d9:a3:89:e6:f4:df:c6:
26:84:b1:fe:53:3f:94:fe:90:45:6c:de:93:12:16:
d4:4e:28:2f:66:05:56:21:02:34:27:5f:a9:5a:fe:
1d:90:cb:4c:a5:92:55:24:56:1d:c5:7c:c2:4e:07:
c7:b1:88:87:54:29:c6:49:fd:b8:3f:6c:5a:ed:05:
e2:36:cb:03:f1:22:d2:a7:ce:37:c3:3b:ce:af:67:
95:8b:35:17:5b:61:a9:86:95:98:0f:4c:bb:b5:39:
56:ee:b5:0a:01:2b:b6:ee:75:55:e1:53:58:77:de:
47:08:e0:5e:e2:be:3e:c0:f7:13:19:6a:ca:65:58:
71:b2:dc:bc:a8:1e:47:36:d9:26:f1:69:8a:a8:ed:
76:1a:f8:25:08:99:0c:01:29:08:5e:f0:10:b9:cf:
cd:2f:2d:98:25:a4:f8:b2:27:b7:3a:f9:2b:6a:cb:
f9:3a:b9:a5:b1:98:fe:34:93:82:99:7e:ec:28:1e:
bc:1d:fc:f2:8b:9a:52:2f:0e:03:11:a4:9a:bf:5a:
29:60:ca:7a:0e:bd:51:52:16:a5:2c:69:69:dd:de:
d1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C0:32:6D:3F:BF:FB:3D:D6:84:0E:FD:55:9D:CD:C2:F8:13:D2:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:19:99:c3:1e:5d:c8:5f:9b:8e:9a:28:3f:96:e9:68:36:5b:
0b:29:43:37:43:fa:99:4e:a0:07:cc:f3:d1:a9:08:a5:7a:5e:
0f:61:a2:69:a9:ae:fb:15:53:78:2b:57:15:c8:e8:40:0d:ff:
bd:d6:c5:f1:15:c0:c5:75:77:38:13:b5:cb:1d:fe:b5:76:d2:
8d:51:ff:0f:b4:31:83:aa:87:cd:18:76:81:a9:30:07:06:42:
8f:ea:d9:96:4b:8f:92:d4:f5:a4:0c:e3:0d:10:1b:f6:43:99:
04:e2:98:b1:0e:ca:9a:00:dd:43:36:2e:55:1f:85:21:07:d4:
57:55:14:19:26:9c:bd:5b:6f:84:a2:b3:e6:48:55:b1:e8:71:
4e:b6:47:d8:f1:93:3f:2c:6c:2c:48:b9:a7:b1:9e:61:c0:47:
05:89:bd:c7:9c:18:83:3f:65:e4:10:a1:63:f6:87:fb:fd:e6:
41:44:b1:39:b8:f4:b2:78:8e:c1:77:74:f3:c7:b0:1c:7d:21:
c1:72:ef:e1:50:61:7c:5f:1a:7b:ba:cd:fc:3f:ab:2d:c2:19:
1d:dc:3b:bc:c7:88:8e:b7:5f:d9:d6:f2:88:68:a4:65:f7:a9:
64:6b:bb:19:46:e4:da:f9:7c:92:75:64:96:b2:2e:96:a2:74:
11:45:5f:07
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKb3H4cJIaghmIxjiz7sy4YfHEjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMThaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjMDUxYzgzYzczZjhhNjM3YmUwMGFmZTg3NzRlYjYwMGM1ODA1N2I2MjM2
OWI0MTE3MDAxZDBmMWM4ZjQ4ZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKL532fiyVQyl+/bK0eYqHPTIkPmKA127oHqDxCya6HJW2gCwvZo4nm9N/G
JoSx/lM/lP6QRWzekxIW1E4oL2YFViECNCdfqVr+HZDLTKWSVSRWHcV8wk4Hx7GI
h1Qpxkn9uD9sWu0F4jbLA/Ei0qfON8M7zq9nlYs1F1thqYaVmA9Mu7U5Vu61CgEr
tu51VeFTWHfeRwjgXuK+PsD3ExlqymVYcbLcvKgeRzbZJvFpiqjtdhr4JQiZDAEp
CF7wELnPzS8tmCWk+LIntzr5K2rL+Tq5pbGY/jSTgpl+7CgevB388ouaUi8OAxGk
mr9aKWDKeg69UVIWpSxpad3e0RsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSOwDJt
P7/7PdaEDv1Vnc3C+BPSHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEAmxmZwx5dyF+bjpooP5bpaDZbCylDN0P6mU6gB8zz
0akIpXpeD2Giaamu+xVTeCtXFcjoQA3/vdbF8RXAxXV3OBO1yx3+tXbSjVH/D7Qx
g6qHzRh2gakwBwZCj+rZlkuPktT1pAzjDRAb9kOZBOKYsQ7KmgDdQzYuVR+FIQfU
V1UUGSacvVtvhKKz5khVsehxTrZH2PGTPyxsLEi5p7GeYcBHBYm9x5wYgz9l5BCh
Y/aH+/3mQUSxObj0sniOwXd088ewHH0hwXLv4VBhfF8ae7rN/D+rLcIZHdw7vMeI
jrdf2dbyiGikZfepZGu7GUbk2vl8knVklrIulqJ0EUVfBw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:51 2025 by rpki-client