Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
File: 2c6881bd-10fc-4994-83fe-43244d2b078a.roa (raw, json)
Hash identifier: rYMkSn6/mfdoNaMd9E6l0SWF1X1qfnd6FuLHpw730sQ=
Subject key identifier: 49:E9:62:F4:A9:17:77:09:A6:24:F8:B8:B4:D1:1F:8D:24:02:DF:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C676B80E5221045C39278FC90FAD4FA8CAFC798
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
Signing time: Tue 03 Jun 2025 16:30:58 +0000
ROA not before: Tue 03 Jun 2025 16:30:58 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.80.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:67:6b:80:e5:22:10:45:c3:92:78:fc:90:fa:d4:fa:8c:af:c7:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:58 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=5064b2eae2e0054639d34bcb26f79eda052f15ba011d991b5ef468c10c6d9b3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4c:54:22:15:10:2e:5e:63:d6:94:7a:57:8a:
b8:25:7b:2b:4a:63:e1:ea:0d:31:73:37:66:c7:cf:
4b:97:f4:82:7c:d3:49:66:cf:97:08:d1:fc:8f:ca:
4c:ef:26:c7:62:e0:97:41:5c:ce:7f:85:61:e6:43:
5a:81:4e:dd:1e:ce:93:33:16:2f:d9:20:dd:c7:db:
fd:43:5f:a0:20:3a:e7:7f:e4:fc:3e:3e:f6:54:57:
a7:d3:66:64:77:5d:bc:9d:09:95:0c:14:1d:5b:1b:
c1:e5:4f:75:46:3f:47:4d:64:4b:26:69:a3:e0:2a:
fd:30:eb:13:81:99:a1:27:72:8e:4b:b2:77:e8:79:
5d:76:3f:42:ae:c2:95:ee:da:bd:65:dc:44:55:62:
0b:52:a6:30:e8:37:8e:4f:b0:74:4f:bd:91:d1:fd:
c1:22:d6:71:ee:a7:fd:3e:e3:53:b4:f9:67:98:06:
5d:46:f6:0f:cb:e5:31:05:3a:0e:8f:bb:77:e7:c7:
ad:4d:81:94:82:a7:3d:1e:1b:7e:41:c8:69:4b:b2:
1b:52:ea:dd:2a:e7:06:bc:b8:34:68:68:72:41:10:
61:0d:7b:d4:13:6e:84:d2:cc:ae:89:00:34:37:dd:
cd:cd:68:e7:c3:23:5b:3f:b0:dc:f5:59:41:ab:ff:
2b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E9:62:F4:A9:17:77:09:A6:24:F8:B8:B4:D1:1F:8D:24:02:DF:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.80.0/20
Signature Algorithm: sha256WithRSAEncryption
34:59:d7:65:a3:6d:f4:3e:ee:94:fa:79:48:4a:2d:a6:ca:84:
2d:c0:92:04:5f:31:10:30:0f:ac:d9:f3:2d:78:63:da:77:2d:
08:19:9c:26:c9:4d:96:bf:66:c5:20:39:55:18:f4:8f:6f:2f:
05:46:0e:18:36:4c:00:f2:ce:6c:dc:c9:d4:2a:a9:39:38:75:
36:ab:15:bf:63:71:4a:ba:52:b0:79:77:e9:ec:e8:a4:fc:6c:
5d:fe:9b:c0:c0:c6:60:6d:38:ae:d1:7c:d8:87:4a:2a:33:68:
c9:0b:6a:86:15:d3:87:4e:ee:8e:f6:90:1d:8d:72:cb:79:90:
c1:83:d5:bf:74:65:fe:77:41:72:00:ef:70:0b:bc:f4:e6:cf:
75:12:08:6d:6b:9f:c5:33:3c:8f:97:b5:e0:72:48:63:98:4a:
2b:0b:a3:ef:f6:65:46:ae:84:04:8e:b3:82:ce:e9:89:a9:4d:
05:3a:62:0d:ef:11:47:44:39:c5:c1:26:2f:ca:83:ac:4c:91:
4e:80:28:01:ef:09:c1:3d:12:05:7d:a3:a2:ae:a9:aa:e0:17:
7f:71:62:94:d0:1b:02:9f:d8:e4:6c:25:59:a2:99:47:9d:5c:
f8:83:e4:41:92:00:23:f7:66:e1:6b:fa:46:fb:33:bb:31:93:
de:18:8a:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHGdrgOUiEEXDknj8kPrU+oyvx5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwNThaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNjRiMmVhZTJlMDA1NDYzOWQzNGJjYjI2Zjc5ZWRhMDUyZjE1YmEwMTFk
OTkxYjVlZjQ2OGMxMGM2ZDliM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlMVCIVEC5eY9aUeleKuCV7K0pj4eoNMXM3ZsfPS5f0gnzTSWbPlwjR/I/K
TO8mx2Lgl0Fczn+FYeZDWoFO3R7OkzMWL9kg3cfb/UNfoCA653/k/D4+9lRXp9Nm
ZHddvJ0JlQwUHVsbweVPdUY/R01kSyZpo+Aq/TDrE4GZoSdyjkuyd+h5XXY/Qq7C
le7avWXcRFViC1KmMOg3jk+wdE+9kdH9wSLWce6n/T7jU7T5Z5gGXUb2D8vlMQU6
Do+7d+fHrU2BlIKnPR4bfkHIaUuyG1Lq3SrnBry4NGhockEQYQ171BNuhNLMrokA
NDfdzc1o58MjWz+w3PVZQav/KyMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJ6WL0
qRd3CaYk+Li00R+NJALftjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM2ODgxYmQtMTBmYy00OTk0LTgzZmUtNDMyNDRkMmIwNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JUDAN
BgkqhkiG9w0BAQsFAAOCAQEANFnXZaNt9D7ulPp5SEotpsqELcCSBF8xEDAPrNnz
LXhj2nctCBmcJslNlr9mxSA5VRj0j28vBUYOGDZMAPLObNzJ1CqpOTh1NqsVv2Nx
SrpSsHl36ezopPxsXf6bwMDGYG04rtF82IdKKjNoyQtqhhXTh07ujvaQHY1yy3mQ
wYPVv3Rl/ndBcgDvcAu89ObPdRIIbWufxTM8j5e14HJIY5hKKwuj7/ZlRq6EBI6z
gs7pialNBTpiDe8RR0Q5xcEmL8qDrEyRToAoAe8JwT0SBX2joq6pquAXf3FilNAb
Ap/Y5GwlWaKZR51c+IPkQZIAI/dm4Wv6RvszuzGT3hiKaw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:12 2025 by rpki-client