Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
File: 279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa (raw, json)
Hash identifier: NGn6R8axkxxX8b1pWRtsKOzgkhiiJJdLkqekNXQ8jiU=
Subject key identifier: 7C:6F:31:2D:E3:73:81:0F:33:29:5D:20:F9:B4:37:A1:F2:3C:14:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AA9798B143513974F6410B462EB37CA09F50BDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
Signing time: Tue 03 Jun 2025 16:30:19 +0000
ROA not before: Tue 03 Jun 2025 16:30:19 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:a9:79:8b:14:35:13:97:4f:64:10:b4:62:eb:37:ca:09:f5:0b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:19 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=3df1b27a514c0a6519dccb82f2e6a4498faee85623877853f0e5a43d0ee3c5fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:86:53:95:78:a4:1e:2d:f8:ce:fc:b1:44:f3:
17:2c:43:c8:80:cd:d5:01:ab:88:71:15:f9:3c:b6:
05:d6:0b:60:20:07:52:04:c9:63:4a:62:26:27:59:
c8:b2:f6:ed:44:28:a8:3d:97:75:ee:11:7f:e6:a1:
46:26:42:2e:31:ec:19:cb:b6:6d:cf:81:c3:35:0d:
91:90:24:36:0a:ae:23:0e:9f:20:d6:b3:72:e5:fa:
d8:ad:5c:3d:10:50:f8:e5:0c:05:9d:68:ba:04:6c:
22:a1:21:39:2d:12:9f:60:cc:f2:39:aa:77:5c:7c:
95:d5:8c:e2:a5:4b:6d:50:12:0e:69:1b:1f:8f:b7:
e3:71:25:7a:e8:8d:df:90:64:67:3a:0a:63:d3:2b:
30:02:2b:2b:6b:6d:70:66:41:39:d1:45:1b:44:b7:
df:b7:14:e1:bb:46:2d:b8:12:12:18:68:91:8d:6e:
3d:52:82:9c:35:f6:ac:03:56:da:2a:a4:ec:5c:50:
bb:9b:42:ef:9f:74:19:a2:24:7a:25:67:44:85:e3:
81:1e:2d:1f:8b:22:9d:aa:94:d6:d5:db:50:1b:c5:
0f:66:89:14:f0:f4:ff:26:8a:7b:b4:88:99:fe:7e:
8f:d1:09:7a:ce:b3:70:bd:69:0a:61:01:d0:f7:17:
38:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:6F:31:2D:E3:73:81:0F:33:29:5D:20:F9:B4:37:A1:F2:3C:14:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.144.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:4a:e1:ee:c7:e0:0e:40:22:6a:8c:c4:dd:49:88:de:e2:fc:
ac:d7:d6:3c:e4:60:ce:1e:c5:34:26:a7:83:81:02:20:cd:b1:
d5:de:eb:8d:ae:dd:44:82:c3:b3:dc:c4:05:f3:f0:a2:94:5d:
a7:c4:4a:cf:23:d1:17:7b:6b:de:3e:8f:49:58:28:96:3c:8e:
31:5e:b9:cc:20:52:78:c9:df:84:1a:71:4d:62:f1:9e:e2:4e:
c7:e6:02:6d:f6:d6:2a:f0:77:55:aa:e7:b0:1e:73:5a:f1:97:
97:dc:bf:7f:6a:50:b9:f7:33:78:ff:8d:e5:16:b2:72:44:2f:
02:4b:2e:59:f9:86:b0:8e:ac:af:64:ba:c3:e4:9e:d4:74:2d:
d1:a6:fc:9c:82:11:fe:40:7f:1d:e9:9e:63:50:4e:09:96:9b:
f9:ff:47:2a:2e:00:ba:c3:63:86:02:97:1a:65:5c:7c:e6:1e:
3a:77:54:7c:3e:09:98:71:54:f4:4d:8c:35:09:15:cc:94:a4:
6c:1a:b0:7d:4d:fb:b6:32:89:3a:97:e9:b6:4c:66:10:e2:e9:
d8:e7:cc:77:3a:25:5e:16:8a:bd:36:64:02:8a:fb:62:da:dd:
68:c3:f9:3a:16:66:10:38:9f:77:c6:a3:22:31:38:14:b1:06:
8c:09:4b:0f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGql5ixQ1E5dPZBC0Yus3ygn1C94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMTlaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkZjFiMjdhNTE0YzBhNjUxOWRjY2I4MmYyZTZhNDQ5OGZhZWU4NTYyMzg3
Nzg1M2YwZTVhNDNkMGVlM2M1ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIqGU5V4pB4t+M78sUTzFyxDyIDN1QGriHEV+Ty2BdYLYCAHUgTJY0piJidZ
yLL27UQoqD2Xde4Rf+ahRiZCLjHsGcu2bc+BwzUNkZAkNgquIw6fINazcuX62K1c
PRBQ+OUMBZ1ougRsIqEhOS0Sn2DM8jmqd1x8ldWM4qVLbVASDmkbH4+343EleuiN
35BkZzoKY9MrMAIrK2ttcGZBOdFFG0S337cU4btGLbgSEhhokY1uPVKCnDX2rANW
2iqk7FxQu5tC7590GaIkeiVnRIXjgR4tH4sinaqU1tXbUBvFD2aJFPD0/yaKe7SI
mf5+j9EJes6zcL1pCmEB0PcXOEECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR8bzEt
43OBDzMpXSD5tDeh8jwU1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc5ZGE5ZDYtMTBjMi00ZmQ1LTlkNzUtMGE5NjNjMjljOGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JkDAN
BgkqhkiG9w0BAQsFAAOCAQEAtErh7sfgDkAiaozE3UmI3uL8rNfWPORgzh7FNCan
g4ECIM2x1d7rja7dRILDs9zEBfPwopRdp8RKzyPRF3tr3j6PSVgoljyOMV65zCBS
eMnfhBpxTWLxnuJOx+YCbfbWKvB3VarnsB5zWvGXl9y/f2pQufczeP+N5RayckQv
AksuWfmGsI6sr2S6w+Se1HQt0ab8nIIR/kB/HemeY1BOCZab+f9HKi4AusNjhgKX
GmVcfOYeOndUfD4JmHFU9E2MNQkVzJSkbBqwfU37tjKJOpfptkxmEOLp2OfMdzol
XhaKvTZkAor7YtrdaMP5OhZmEDifd8ajIjE4FLEGjAlLDw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:51 2025 by rpki-client