Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
File: 07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa (raw, json)
Hash identifier: oTT6YDmUnvWsboLHkFF3+vQcGaopQfB4hEA9wRPSQ10=
Subject key identifier: C7:FC:14:7E:39:93:25:2A:C2:0F:58:72:7D:8D:FD:90:28:ED:21:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E205B228C4239D7E6E2876C30EA524119E05D91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
Signing time: Tue 03 Jun 2025 16:30:55 +0000
ROA not before: Tue 03 Jun 2025 16:30:55 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:20:5b:22:8c:42:39:d7:e6:e2:87:6c:30:ea:52:41:19:e0:5d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:55 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=1a3ce43b137240e813d9bd36941f5fcfade9d1c7e33820823368edc0329c508f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ef:07:48:71:25:9d:2e:b9:cd:34:7d:a1:69:
9c:31:79:4b:a7:53:10:37:5f:01:38:0f:48:0c:af:
db:76:60:79:23:b9:f6:5e:6b:1c:8e:48:94:34:3d:
c6:ee:36:59:16:3b:8a:e9:c0:6a:9d:cd:e7:7c:c2:
f5:93:61:5b:d4:bb:82:74:85:d0:3b:4f:6c:9e:60:
cb:61:08:49:23:31:35:79:fa:aa:cc:09:ee:db:8f:
15:77:12:bf:37:1d:cc:73:8b:1e:10:18:a8:d0:15:
cd:d6:79:d5:c3:fe:46:6a:24:b4:74:02:a9:e5:d2:
cf:1c:27:81:ad:5a:bc:6a:76:d5:cb:ec:20:df:3f:
9a:4c:59:11:bb:51:52:b9:fc:9a:53:b9:8b:1b:02:
3c:66:d6:82:9c:9b:da:da:73:ba:8b:54:59:26:d0:
5a:ee:b5:37:a8:45:be:0c:0e:13:e2:8e:c7:39:b3:
0c:69:59:2f:69:5f:bd:69:2c:0a:4b:ab:b6:e6:04:
e0:84:59:38:7a:33:4e:e5:95:ef:c1:f5:b9:51:f6:
df:49:dd:14:22:69:cb:7f:43:db:65:42:4b:9f:05:
b4:8a:43:68:50:91:3a:0b:e2:1b:4f:a8:07:f3:45:
33:c8:a8:60:85:06:74:35:19:f3:b7:20:69:7b:43:
98:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FC:14:7E:39:93:25:2A:C2:0F:58:72:7D:8D:FD:90:28:ED:21:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:92:d6:16:75:d4:54:dc:0f:d5:4a:4a:c4:97:a4:3d:30:08:
45:65:f0:b1:72:1b:27:89:4f:f2:74:2b:48:9e:74:63:61:91:
3b:6c:0d:e3:c0:70:d9:64:8b:15:f3:09:58:bd:9a:40:1a:1a:
19:5b:1b:0a:70:28:4b:03:ce:33:82:3e:56:c7:58:45:2d:4b:
63:25:59:0b:27:9c:fd:23:aa:1c:dc:a1:d6:4e:77:35:a9:37:
cb:1c:33:a0:fa:28:dd:6c:f4:f8:72:d7:c9:07:99:86:46:8d:
c3:fb:49:0c:a5:94:a0:51:34:42:74:04:ef:69:ee:1a:2c:28:
1b:74:fe:cd:2a:b1:1d:5a:dc:35:cb:53:2e:53:c4:4b:8e:3c:
cf:e2:36:7f:5c:b4:5d:9c:52:88:cf:54:05:bc:bf:83:45:f0:
d3:f1:51:4e:c3:64:27:9d:08:f4:ed:f0:b4:a0:8b:c0:f8:73:
3c:75:b5:16:50:e3:1e:3d:d4:7f:36:3f:8d:7a:17:58:6d:9a:
81:ad:9d:24:c3:93:7e:ed:ac:ea:55:27:1e:40:fd:81:5e:02:
4a:7a:28:a4:ac:5a:27:40:c7:2f:72:5a:b4:29:72:5b:1d:7b:
a4:69:3a:fc:7b:fa:c8:f8:2f:4b:06:2d:b6:b4:84:01:09:13:
26:0d:d0:0c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfiBbIoxCOdfm4odsMOpSQRngXZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwNTVaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhM2NlNDNiMTM3MjQwZTgxM2Q5YmQzNjk0MWY1ZmNmYWRlOWQxYzdlMzM4
MjA4MjMzNjhlZGMwMzI5YzUwOGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjvB0hxJZ0uuc00faFpnDF5S6dTEDdfATgPSAyv23ZgeSO59l5rHI5IlDQ9
xu42WRY7iunAap3N53zC9ZNhW9S7gnSF0DtPbJ5gy2EISSMxNXn6qswJ7tuPFXcS
vzcdzHOLHhAYqNAVzdZ51cP+RmoktHQCqeXSzxwnga1avGp21cvsIN8/mkxZEbtR
Urn8mlO5ixsCPGbWgpyb2tpzuotUWSbQWu61N6hFvgwOE+KOxzmzDGlZL2lfvWks
CkurtuYE4IRZOHozTuWV78H1uVH230ndFCJpy39D22VCS58FtIpDaFCROgviG0+o
B/NFM8ioYIUGdDUZ87cgaXtDmFECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTH/BR+
OZMlKsIPWHJ9jf2QKO0hsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDcxNDRmMzgtZWQ0Ni00MGJjLWEzZWQtMzA3ODVjMGNjM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JsDAN
BgkqhkiG9w0BAQsFAAOCAQEAPZLWFnXUVNwP1UpKxJekPTAIRWXwsXIbJ4lP8nQr
SJ50Y2GRO2wN48Bw2WSLFfMJWL2aQBoaGVsbCnAoSwPOM4I+VsdYRS1LYyVZCyec
/SOqHNyh1k53Nak3yxwzoPoo3Wz0+HLXyQeZhkaNw/tJDKWUoFE0QnQE72nuGiwo
G3T+zSqxHVrcNctTLlPES448z+I2f1y0XZxSiM9UBby/g0Xw0/FRTsNkJ50I9O3w
tKCLwPhzPHW1FlDjHj3UfzY/jXoXWG2aga2dJMOTfu2s6lUnHkD9gV4CSnoopKxa
J0DHL3JatClyWx17pGk6/Hv6yPgvSwYttrSEAQkTJg3QDA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:28 2025 by rpki-client