Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
File: 11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa (raw, json)
Hash identifier: JPohgaWYxCz4JoOrggBS+acBzr68nrLd7maptttc4bw=
Subject key identifier: 4A:56:5E:C2:14:15:67:B8:54:2F:F2:A8:53:44:80:E4:02:B7:4C:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5779FDD4ED11FE7A605C25836D6E729B1B01672C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
Signing time: Tue 03 Jun 2025 16:30:25 +0000
ROA not before: Tue 03 Jun 2025 16:30:25 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.64.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:79:fd:d4:ed:11:fe:7a:60:5c:25:83:6d:6e:72:9b:1b:01:67:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:25 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=9fef9eb241e7a8c3e5ef9630f4cc5dd1fcdda484aa229338241a113fb9a43a79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9e:ac:57:f5:f6:6a:9f:14:4c:41:9f:17:21:
29:fa:f9:0e:c1:55:87:d5:7e:2b:45:0e:f1:db:02:
3b:91:5c:1f:31:69:2a:1e:a4:48:15:66:e3:e6:fb:
a9:b0:e7:08:b7:a4:28:6e:63:ef:46:6a:13:c8:2e:
7c:fe:e6:f7:3d:cf:d9:32:25:1c:c7:b7:e4:a9:77:
56:2b:10:f3:44:6e:90:9d:97:85:25:c6:fb:62:b1:
8e:65:4e:8c:67:72:f0:a4:70:cf:bf:ca:9c:bd:73:
44:dd:2e:5d:08:2d:94:cb:86:c7:ea:b7:ed:0a:53:
30:85:fb:97:ee:ec:d9:74:08:0f:f2:5f:53:ea:e7:
4c:ae:0b:dd:86:49:82:8b:e9:9b:37:a7:a7:c7:91:
43:67:e1:7c:83:2d:29:43:42:81:45:c9:87:a9:01:
d7:dd:7a:56:83:ef:54:42:69:d0:10:38:4a:50:f2:
32:99:05:29:bd:3e:d4:99:79:14:94:4a:ca:4e:6c:
d7:5f:3b:77:f3:8b:2f:1f:71:78:0c:43:b3:0c:2e:
ca:57:39:67:1e:d7:99:14:05:12:bb:6e:92:79:a1:
04:db:3e:cf:fc:a0:85:1e:74:71:9b:71:4e:52:f2:
3b:de:f2:40:1f:2e:6a:a3:66:20:c4:da:b6:0b:e8:
6f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:56:5E:C2:14:15:67:B8:54:2F:F2:A8:53:44:80:E4:02:B7:4C:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c924e5-b5a4-4e39-bd9b-3aa04634212a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.64.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:63:66:9d:7f:4d:85:08:d5:7f:86:cf:74:cf:cb:d2:bb:e2:
2a:6a:29:be:a5:bb:4a:31:21:80:fe:a5:16:ae:5a:0f:fa:b2:
6f:ed:7c:b0:77:39:49:94:bc:49:07:5b:6d:f1:7d:22:06:ad:
4c:67:f8:cb:f9:4e:50:a4:a5:0a:fc:2b:0d:fd:b3:f6:40:ed:
f8:99:92:40:82:53:bf:25:3a:64:27:fc:08:79:86:62:97:bd:
75:1c:22:4d:82:3d:76:30:fa:f2:22:a5:20:72:9d:69:b5:5d:
2f:38:80:93:85:14:c3:7d:10:f8:34:fd:32:3d:a3:a1:ad:52:
04:cc:07:c5:2a:38:48:49:8e:ce:ec:90:aa:5d:b2:8b:67:eb:
f3:d9:ef:cc:3b:4f:53:19:32:3f:92:3c:04:86:a1:0d:a1:4d:
95:c8:ef:86:7b:81:4a:d6:04:e7:1b:b1:78:c4:7f:90:77:9c:
41:a2:bd:ab:16:32:ae:e2:01:49:6c:c2:2f:77:f7:7c:23:37:
d5:47:a6:8f:80:ba:be:54:a8:7d:4a:59:18:b0:7d:6d:e4:27:
4a:5e:28:d5:31:81:bd:f2:bb:24:05:2f:85:36:9d:46:35:c7:
b5:07:d6:2f:54:b6:8e:4f:07:ca:f3:11:1b:c5:82:db:14:aa:
d6:72:f1:36
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUV3n91O0R/npgXCWDbW5ymxsBZywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMjVaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZWY5ZWIyNDFlN2E4YzNlNWVmOTYzMGY0Y2M1ZGQxZmNkZGE0ODRhYTIy
OTMzODI0MWExMTNmYjlhNDNhNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSerFf19mqfFExBnxchKfr5DsFVh9V+K0UO8dsCO5FcHzFpKh6kSBVm4+b7
qbDnCLekKG5j70ZqE8gufP7m9z3P2TIlHMe35Kl3VisQ80RukJ2XhSXG+2KxjmVO
jGdy8KRwz7/KnL1zRN0uXQgtlMuGx+q37QpTMIX7l+7s2XQID/JfU+rnTK4L3YZJ
govpmzenp8eRQ2fhfIMtKUNCgUXJh6kB1916VoPvVEJp0BA4SlDyMpkFKb0+1Jl5
FJRKyk5s1187d/OLLx9xeAxDswwuylc5Zx7XmRQFErtuknmhBNs+z/yghR50cZtx
TlLyO97yQB8uaqNmIMTatgvob/sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKVl7C
FBVnuFQv8qhTRIDkArdM/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFjOTI0ZTUtYjVhNC00ZTM5LWJkOWItM2FhMDQ2MzQyMTJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JQDAN
BgkqhkiG9w0BAQsFAAOCAQEAo2NmnX9NhQjVf4bPdM/L0rviKmopvqW7SjEhgP6l
Fq5aD/qyb+18sHc5SZS8SQdbbfF9IgatTGf4y/lOUKSlCvwrDf2z9kDt+JmSQIJT
vyU6ZCf8CHmGYpe9dRwiTYI9djD68iKlIHKdabVdLziAk4UUw30Q+DT9Mj2joa1S
BMwHxSo4SEmOzuyQql2yi2fr89nvzDtPUxkyP5I8BIahDaFNlcjvhnuBStYE5xux
eMR/kHecQaK9qxYyruIBSWzCL3f3fCM31Uemj4C6vlSofUpZGLB9beQnSl4o1TGB
vfK7JAUvhTadRjXHtQfWL1S2jk8HyvMRG8WC2xSq1nLxNg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client