Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
File: 46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa (raw, json)
Hash identifier: ukSG8yJm0AIQNktRD9O0lRj/93xngTxd+hfz5ekWSTg=
Subject key identifier: 8C:8E:3E:E2:DB:FD:F1:51:FF:5C:44:F2:77:FE:4D:E2:7C:E2:C9:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29E53D121125DEBF95BC9F775C587DABEC10A9DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
Signing time: Tue 03 Jun 2025 16:30:55 +0000
ROA not before: Tue 03 Jun 2025 16:30:55 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:e5:3d:12:11:25:de:bf:95:bc:9f:77:5c:58:7d:ab:ec:10:a9:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:55 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=8239108e31cb7b95588124393abad707006ae1559e517ab5a260963b0b4d6d8e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5d:85:cb:01:a0:6f:84:7e:7e:54:02:2d:f1:
b5:04:c7:7f:f2:3f:74:92:88:20:4a:80:71:bf:7d:
0e:07:80:5f:c5:91:b3:04:38:95:4b:4a:7b:03:e5:
57:e9:2e:c0:49:4e:d4:c4:ff:b4:d3:93:c4:73:d9:
0f:63:3e:e3:83:f9:28:5b:e0:8f:48:66:b0:ca:44:
39:b5:07:da:3d:52:b4:87:de:11:09:9b:1a:d0:11:
2f:63:e0:ec:81:a1:bf:b5:bf:f8:a2:fd:27:dd:de:
36:82:70:dd:41:fa:4b:c4:64:b1:96:5f:37:75:6b:
c7:aa:3e:10:24:6b:d8:1e:7a:6f:bb:87:3d:51:de:
db:85:fa:6c:90:84:8a:88:a8:93:41:bf:49:d3:28:
77:08:cf:d0:28:12:96:f9:66:74:7f:61:66:db:11:
29:2b:9d:c4:26:89:c7:8c:89:5d:a6:97:96:d4:f2:
ae:dc:d3:44:9e:f6:c1:60:8f:97:64:e4:3d:72:73:
a4:ef:84:d2:5a:a6:c4:40:2b:3c:10:80:dd:4f:b7:
f3:57:ad:86:d2:64:56:a3:29:a0:97:ab:c4:73:24:
87:78:65:82:ce:8c:b6:95:58:40:ad:ec:07:11:25:
0c:96:98:8d:a4:e5:ed:5b:16:5f:cd:39:8a:9f:b1:
c7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8E:3E:E2:DB:FD:F1:51:FF:5C:44:F2:77:FE:4D:E2:7C:E2:C9:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:1e:94:80:3b:61:8d:a3:7f:d5:5c:ab:4f:c4:7e:8a:9f:96:
79:11:1c:36:fc:df:c2:8d:22:ea:5c:04:7e:11:f4:79:5c:55:
76:3c:4a:55:74:4f:49:8d:e3:ff:de:20:7e:6d:eb:46:06:3e:
97:77:23:1f:ff:c1:3b:fd:01:9a:ee:0c:5b:de:7f:66:0a:7c:
3f:06:af:81:5c:cc:4f:4e:8b:5b:32:64:b0:5d:57:98:c8:ce:
e9:f4:9b:f4:b9:e0:67:eb:b3:a3:b1:9b:8e:10:00:d4:10:71:
94:d0:2e:e7:70:8d:91:e2:ae:4d:71:96:c4:ab:f3:a3:a5:44:
0a:b5:8b:9f:db:0a:a8:77:64:77:7b:79:54:8e:c0:3b:a1:d2:
7f:51:9f:c4:6c:b5:ee:02:48:41:ca:33:59:8c:a7:33:64:00:
8d:4b:a6:cb:77:be:43:c8:93:d5:9f:1c:77:03:c1:f0:65:5d:
78:08:20:bd:c1:a4:f9:51:0b:eb:62:68:93:1f:d4:f9:2c:33:
3c:93:28:f5:d0:84:78:ef:f0:b9:39:bb:a9:50:ce:9e:77:aa:
b0:d7:7a:a2:c1:32:51:a1:44:21:d3:5e:cc:1d:d5:29:7b:ec:
98:9f:40:f4:c4:cc:21:2e:f3:55:ae:ef:e7:68:f6:18:15:44:
2c:37:2e:d4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKeU9EhEl3r+VvJ93XFh9q+wQqdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwNTVaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMzkxMDhlMzFjYjdiOTU1ODgxMjQzOTNhYmFkNzA3MDA2YWUxNTU5ZTUx
N2FiNWEyNjA5NjNiMGI0ZDZkOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFdhcsBoG+Efn5UAi3xtQTHf/I/dJKIIEqAcb99DgeAX8WRswQ4lUtKewPl
V+kuwElO1MT/tNOTxHPZD2M+44P5KFvgj0hmsMpEObUH2j1StIfeEQmbGtARL2Pg
7IGhv7W/+KL9J93eNoJw3UH6S8RksZZfN3Vrx6o+ECRr2B56b7uHPVHe24X6bJCE
ioiok0G/SdModwjP0CgSlvlmdH9hZtsRKSudxCaJx4yJXaaXltTyrtzTRJ72wWCP
l2TkPXJzpO+E0lqmxEArPBCA3U+381ethtJkVqMpoJerxHMkh3hlgs6MtpVYQK3s
BxElDJaYjaTl7VsWX805ip+xx3MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSMjj7i
2/3xUf9cRPJ3/k3ifOLJjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDZhMjFmZjgtNGRlYS00ZGE0LWEyNzYtNmI0MjRkNGUzYmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEALh6UgDthjaN/1VyrT8R+ip+WeREcNvzfwo0i6lwE
fhH0eVxVdjxKVXRPSY3j/94gfm3rRgY+l3cjH//BO/0Bmu4MW95/Zgp8PwavgVzM
T06LWzJksF1XmMjO6fSb9LngZ+uzo7GbjhAA1BBxlNAu53CNkeKuTXGWxKvzo6VE
CrWLn9sKqHdkd3t5VI7AO6HSf1GfxGy17gJIQcozWYynM2QAjUumy3e+Q8iT1Z8c
dwPB8GVdeAggvcGk+VEL62Jokx/U+SwzPJMo9dCEeO/wuTm7qVDOnneqsNd6osEy
UaFEIdNezB3VKXvsmJ9A9MTMIS7zVa7v52j2GBVELDcu1A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:57 2025 by rpki-client