Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
File: 27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa (raw, json)
Hash identifier: ycIJijTKQ7Di1jHKyjmZIki66KkJFoK6LJUbcz/PYqE=
Subject key identifier: 41:09:8D:E9:81:2C:F9:43:C3:F0:B5:0C:38:AB:0A:38:5B:68:1A:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FAD84EEA4E8EC90AB7E390FFEA42003F98F2ADB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
Signing time: Tue 03 Jun 2025 16:31:09 +0000
ROA not before: Tue 03 Jun 2025 16:31:09 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:ad:84:ee:a4:e8:ec:90:ab:7e:39:0f:fe:a4:20:03:f9:8f:2a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:09 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=7a26e3ff7bda8f31f23aa6efea143ee8f16c8af5355e95394b8da11654f312df, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e3:af:fc:af:28:01:1b:59:4d:4f:02:87:ad:
7e:f7:59:b1:cb:85:9b:7c:7e:d9:7e:6d:5c:4a:30:
72:37:38:24:ec:52:c0:d7:d1:11:c3:34:46:29:74:
f1:08:91:77:aa:14:7d:15:21:4a:45:cb:34:a4:31:
a8:9d:2a:1f:fc:19:c0:fa:39:89:c6:0d:7b:12:82:
82:52:1e:81:93:7a:25:bb:fa:87:08:27:e7:f0:9a:
e5:ae:f7:b3:88:8a:90:c6:6b:5e:06:40:01:d4:a2:
4b:e0:2a:c4:90:8a:81:f4:28:cc:f5:90:24:4c:6c:
71:29:24:8d:e9:95:12:ce:99:33:7d:57:ee:1a:99:
6b:5a:76:73:a1:7e:40:bf:ae:32:57:79:0e:80:03:
18:fa:59:51:a6:64:5e:06:e4:ff:72:ec:75:9c:63:
39:94:de:3f:d7:0b:79:a1:09:01:7c:9b:7c:a8:5c:
c7:bf:dd:07:02:c6:48:26:ac:1d:97:93:97:70:59:
93:62:38:b3:95:0b:be:28:19:14:4c:6d:fe:ee:3a:
e3:b3:6b:9e:11:34:9f:f3:a7:f5:70:94:70:6d:dd:
f9:33:3b:fa:9f:22:3f:f0:b8:ca:2a:bc:b7:a6:5d:
46:46:23:f6:cd:18:fc:1a:07:0d:a5:f4:12:6a:b6:
3c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:09:8D:E9:81:2C:F9:43:C3:F0:B5:0C:38:AB:0A:38:5B:68:1A:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.176.0/20
Signature Algorithm: sha256WithRSAEncryption
14:7b:cc:6c:70:74:3e:f8:1b:00:a8:5d:17:4c:53:ed:84:04:
2b:22:38:99:1a:0a:fa:bb:5f:77:56:ff:52:e1:be:9d:f8:7b:
b4:9c:d7:68:45:24:a8:3e:04:ca:1e:24:6f:0b:95:2e:f5:cf:
5b:ec:24:f3:f4:45:13:73:4f:c5:2a:45:db:4e:de:65:e1:ee:
b9:94:f4:f6:cd:93:40:fc:13:38:05:61:f1:85:c2:fe:82:e5:
b2:8b:22:1a:9f:36:99:a4:0f:28:65:33:38:6a:84:8f:ea:1f:
16:14:3e:66:a5:3b:55:ee:9a:db:a1:88:42:cc:a4:cf:54:34:
d7:9d:ee:9b:7c:5b:e5:de:7a:93:41:7b:d6:85:df:7b:8e:67:
8a:05:26:9d:69:5b:7a:66:0b:68:d0:2d:6d:c3:2f:b3:8e:52:
e3:4d:33:fd:72:46:96:d6:12:8b:93:a7:ff:de:7b:f4:66:80:
97:53:69:f6:6c:51:a1:e6:36:14:90:26:d9:b0:e0:91:33:a4:
9a:70:f8:0b:6a:f5:80:0c:b9:36:e7:46:fe:f6:26:45:e3:d7:
0f:91:92:61:2f:7f:11:f4:a3:ff:0d:8b:75:54:35:df:71:d7:
2a:9d:79:b9:a4:00:a8:d2:27:78:a7:4c:5a:1c:ab:1a:1a:2c:
03:9b:84:b0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUT62E7qTo7JCrfjkP/qQgA/mPKtswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMDlaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMjZlM2ZmN2JkYThmMzFmMjNhYTZlZmVhMTQzZWU4ZjE2YzhhZjUzNTVl
OTUzOTRiOGRhMTE2NTRmMzEyZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/jr/yvKAEbWU1PAoetfvdZscuFm3x+2X5tXEowcjc4JOxSwNfREcM0Ril0
8QiRd6oUfRUhSkXLNKQxqJ0qH/wZwPo5icYNexKCglIegZN6Jbv6hwgn5/Ca5a73
s4iKkMZrXgZAAdSiS+AqxJCKgfQozPWQJExscSkkjemVEs6ZM31X7hqZa1p2c6F+
QL+uMld5DoADGPpZUaZkXgbk/3LsdZxjOZTeP9cLeaEJAXybfKhcx7/dBwLGSCas
HZeTl3BZk2I4s5ULvigZFExt/u4647NrnhE0n/On9XCUcG3d+TM7+p8iP/C4yiq8
t6ZdRkYj9s0Y/BoHDaX0Emq2POMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRBCY3p
gSz5Q8PwtQw4qwo4W2gaHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjdkMjc0MzItYjU0Mi00YWFkLWIzYTQtZGFmMmEwYTliYjVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zsDAN
BgkqhkiG9w0BAQsFAAOCAQEAFHvMbHB0PvgbAKhdF0xT7YQEKyI4mRoK+rtfd1b/
UuG+nfh7tJzXaEUkqD4Eyh4kbwuVLvXPW+wk8/RFE3NPxSpF207eZeHuuZT09s2T
QPwTOAVh8YXC/oLlsosiGp82maQPKGUzOGqEj+ofFhQ+ZqU7Ve6a26GIQsykz1Q0
153um3xb5d56k0F71oXfe45nigUmnWlbemYLaNAtbcMvs45S400z/XJGltYSi5On
/9579GaAl1Np9mxRoeY2FJAm2bDgkTOkmnD4C2r1gAy5NudG/vYmRePXD5GSYS9/
EfSj/w2LdVQ133HXKp15uaQAqNIneKdMWhyrGhosA5uEsA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:52 2025 by rpki-client