Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json)
Hash identifier: wBpHBerEAA6kpookHnOCNXcaSgJPUqzrDuIO72CyhhM=
Subject key identifier: E4:58:DB:E2:2D:14:0E:1D:CE:EA:A5:3C:C0:62:42:3C:83:E9:FA:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72F125844FB4721B0EE368D6EC03847ACDDDA0AA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
Signing time: Tue 03 Jun 2025 16:31:06 +0000
ROA not before: Tue 03 Jun 2025 16:31:06 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f1:25:84:4f:b4:72:1b:0e:e3:68:d6:ec:03:84:7a:cd:dd:a0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:06 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=b0afdc7cba25cbd97abba604b0cbf770a160baf1edebf603725998c136409106, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:51:72:d1:71:45:ee:81:e3:b0:1f:e1:7b:4f:
ea:e1:85:fc:cf:c9:58:ce:29:82:1e:2e:c4:36:99:
8f:83:ce:9b:c6:b6:e4:d0:06:c8:15:fb:77:e3:70:
74:e4:1c:88:ce:94:83:ae:fc:27:71:14:97:d8:64:
c7:60:14:69:46:0d:08:dd:a5:f6:d8:83:d8:8b:b9:
53:be:b6:e9:ca:45:32:b5:7e:fc:5f:43:43:44:ab:
f5:33:9e:f6:10:7e:5e:00:7a:68:d4:d2:4a:ba:22:
a9:fd:43:3b:85:09:b7:4f:5d:d0:e6:27:ab:fd:bf:
0a:1a:9d:c7:47:4b:92:e2:6e:4a:9a:d4:6e:26:e5:
d0:3d:73:35:f2:1a:f7:09:70:7f:65:97:84:6d:5c:
24:56:9b:4a:88:28:7c:50:ce:84:44:a6:83:46:8c:
db:9c:2d:8d:cf:3b:2b:5c:24:7a:6d:8f:7b:cf:74:
9f:3f:0a:37:e8:9b:46:00:9b:af:4b:69:78:ea:ae:
09:d7:4f:87:84:af:ba:c6:11:7b:80:a1:47:7f:5a:
29:c7:60:74:fe:b0:b0:cd:69:4f:56:78:b6:91:23:
2e:e7:83:83:ac:c3:0f:48:60:ad:a3:d6:d4:08:c7:
b1:82:df:ea:cb:e3:78:d1:ce:84:23:98:e2:8a:ac:
3c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:58:DB:E2:2D:14:0E:1D:CE:EA:A5:3C:C0:62:42:3C:83:E9:FA:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.168.0/21
Signature Algorithm: sha256WithRSAEncryption
b9:6e:25:64:ae:5a:d0:8a:7e:cf:ae:b3:c4:96:fc:4f:1e:8a:
0b:b9:80:a2:cd:3f:51:63:0b:51:c9:d0:b3:8e:45:49:48:ed:
fd:ac:72:40:ed:21:d8:e1:6a:3b:4d:e1:5f:ab:c4:d8:98:75:
f1:0a:ad:7b:17:13:59:0a:99:a7:c4:ff:b4:21:3f:95:f2:7e:
8d:27:4d:ca:9b:71:26:34:c8:c8:a9:ac:b0:92:0a:78:cf:1f:
16:9c:c5:44:f8:82:f9:e3:66:e5:bc:0a:3f:9d:9e:86:08:52:
d6:3e:22:bc:a6:81:ef:16:d2:e0:da:5c:8a:d3:49:1c:f9:64:
b6:f9:9d:91:ff:49:5b:58:c6:3d:3e:bc:7a:99:0a:1a:f6:63:
b9:7c:b9:bb:22:c1:be:7e:df:1f:c2:01:7f:fe:e2:95:f3:87:
5b:95:4d:f3:23:78:a7:b6:06:84:b5:8d:f2:51:9d:2d:80:a2:
c6:f3:a1:84:76:61:c5:fa:26:74:4d:32:c2:d4:85:e7:1d:7d:
50:d8:15:03:38:96:32:38:9d:82:38:a0:31:72:e6:71:40:de:
36:e5:a4:7d:7c:8b:5f:9d:a4:a9:a7:14:f4:ac:ca:8a:f0:50:
b4:4e:ce:bc:c3:7b:01:75:90:a1:5d:92:80:4f:a9:71:e7:4a:
69:ac:7a:f1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcvElhE+0chsO42jW7AOEes3doKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMDZaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwYWZkYzdjYmEyNWNiZDk3YWJiYTYwNGIwY2JmNzcwYTE2MGJhZjFlZGVi
ZjYwMzcyNTk5OGMxMzY0MDkxMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIxRctFxRe6B47Af4XtP6uGF/M/JWM4pgh4uxDaZj4POm8a25NAGyBX7d+Nw
dOQciM6Ug678J3EUl9hkx2AUaUYNCN2l9tiD2Iu5U7626cpFMrV+/F9DQ0Sr9TOe
9hB+XgB6aNTSSroiqf1DO4UJt09d0OYnq/2/Chqdx0dLkuJuSprUbibl0D1zNfIa
9wlwf2WXhG1cJFabSogofFDOhESmg0aM25wtjc87K1wkem2Pe890nz8KN+ibRgCb
r0tpeOquCddPh4SvusYRe4ChR39aKcdgdP6wsM1pT1Z4tpEjLueDg6zDD0hgraPW
1AjHsYLf6svjeNHOhCOY4oqsPIsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTkWNvi
LRQOHc7qpTzAYkI8g+n6TDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN
BgkqhkiG9w0BAQsFAAOCAQEAuW4lZK5a0Ip+z66zxJb8Tx6KC7mAos0/UWMLUcnQ
s45FSUjt/axyQO0h2OFqO03hX6vE2Jh18QqtexcTWQqZp8T/tCE/lfJ+jSdNyptx
JjTIyKmssJIKeM8fFpzFRPiC+eNm5bwKP52ehghS1j4ivKaB7xbS4NpcitNJHPlk
tvmdkf9JW1jGPT68epkKGvZjuXy5uyLBvn7fH8IBf/7ilfOHW5VN8yN4p7YGhLWN
8lGdLYCixvOhhHZhxfomdE0ywtSF5x19UNgVAziWMjidgjigMXLmcUDeNuWkfXyL
X52kqacU9KzKivBQtE7OvMN7AXWQoV2SgE+pcedKaax68Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:12 2025 by rpki-client