Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
File: 4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa (raw, json)
Hash identifier: wRiiIEINcGAPe5TTNnbBxv+x6ZDlNHw4UwzQuqN/i4c=
Subject key identifier: A8:A2:6C:1C:9B:85:84:FC:40:E4:D9:CB:9E:BB:25:A5:ED:9C:55:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5842A591FE1B62E6FB9C699D6494BB5E6275A360
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
Signing time: Tue 03 Jun 2025 16:31:22 +0000
ROA not before: Tue 03 Jun 2025 16:31:22 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:42:a5:91:fe:1b:62:e6:fb:9c:69:9d:64:94:bb:5e:62:75:a3:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:22 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=8ff8b5a3f67022168a7767fb655ca784bfa6b1548530390d46f63b2b3889705e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6d:5c:5d:40:13:e9:32:1f:25:b3:e7:79:23:
ab:9e:3f:31:4f:4a:6d:79:9e:3d:79:9a:21:47:0b:
95:e8:62:72:34:13:71:06:65:11:43:6b:2c:f7:cf:
ea:8b:84:64:e0:03:39:17:cb:16:f4:3b:54:f2:a4:
9e:32:25:39:41:58:02:36:75:57:c9:53:ad:77:e4:
32:e8:99:0e:10:3d:40:98:6d:c1:15:51:1f:1b:3f:
d9:c3:06:07:b3:37:fd:9e:55:69:96:f1:46:71:2e:
ab:cd:03:80:ba:e1:38:b6:17:eb:44:4e:86:08:aa:
38:3f:4d:5e:d2:e5:02:39:75:09:9a:54:eb:35:9f:
c8:d7:14:73:e7:cb:94:d6:b9:8a:8e:af:89:f5:1a:
98:01:4d:ec:05:22:8b:2a:a2:2d:a9:7e:6a:a5:f5:
e4:b7:8c:b7:d9:c5:11:38:11:56:0e:2b:b5:c7:4b:
50:af:0e:7a:99:05:ff:b0:e6:69:2c:46:d7:f4:9b:
66:f0:3b:ff:e1:28:ba:a0:e2:b5:67:a9:a2:34:9e:
45:4b:60:2c:80:3f:4a:e8:26:14:7c:dd:2b:54:55:
bf:b9:1f:f5:dc:66:db:f5:6d:7b:45:fb:fe:4f:df:
c6:6d:17:ee:5a:0c:11:9e:f0:2a:35:c5:68:72:a7:
32:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A2:6C:1C:9B:85:84:FC:40:E4:D9:CB:9E:BB:25:A5:ED:9C:55:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4956e507-63b7-4d7d-ac19-6e5c5d1dddd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.224.0/19
Signature Algorithm: sha256WithRSAEncryption
bf:09:c1:2c:92:4d:64:ad:09:24:67:d5:ba:53:f8:b9:1c:58:
8e:d3:0c:a2:34:da:0c:2d:8c:b4:45:9f:c5:16:00:f4:6e:fd:
79:13:5e:0a:d9:ad:d0:44:3a:51:99:89:32:c4:d7:7f:e0:b8:
e4:46:63:a7:48:3d:d4:69:15:89:10:41:c6:a0:d2:6c:ec:2f:
e8:9e:d5:d9:3c:12:db:90:37:f0:75:68:c3:d2:3d:6b:b4:91:
9b:88:0f:8f:46:34:f5:e4:84:0b:aa:0b:ed:9d:39:60:53:10:
03:41:cd:8b:fe:ae:22:7e:73:34:a0:81:d5:56:f0:9b:74:2d:
2c:84:e0:4d:6c:3c:e5:d6:3b:c4:c1:7b:5f:01:f9:8a:4d:cb:
d4:2e:89:f2:f3:1f:08:a4:04:82:5f:50:4b:0f:5f:44:3d:48:
04:0f:d4:d5:7a:f1:db:58:cb:e7:e1:3c:e2:f8:11:b3:12:7c:
d3:b2:4d:13:aa:a5:72:34:6d:a3:eb:3d:40:a4:30:a8:0a:d0:
2c:7f:20:4b:90:7c:70:a5:4f:03:83:3c:e8:e8:b5:6b:0f:01:
4d:92:4e:80:10:45:ee:91:64:84:00:58:7e:cc:00:02:17:09:
3a:4d:c8:96:dd:3a:86:49:f6:d9:2e:76:68:8e:a5:34:19:37:
9f:0e:62:8b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWEKlkf4bYub7nGmdZJS7XmJ1o2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMjJaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmZjhiNWEzZjY3MDIyMTY4YTc3NjdmYjY1NWNhNzg0YmZhNmIxNTQ4NTMw
MzkwZDQ2ZjYzYjJiMzg4OTcwNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIttXF1AE+kyHyWz53kjq54/MU9KbXmePXmaIUcLlehicjQTcQZlEUNrLPfP
6ouEZOADORfLFvQ7VPKknjIlOUFYAjZ1V8lTrXfkMuiZDhA9QJhtwRVRHxs/2cMG
B7M3/Z5VaZbxRnEuq80DgLrhOLYX60ROhgiqOD9NXtLlAjl1CZpU6zWfyNcUc+fL
lNa5io6vifUamAFN7AUiiyqiLal+aqX15LeMt9nFETgRVg4rtcdLUK8OepkF/7Dm
aSxG1/SbZvA7/+EouqDitWepojSeRUtgLIA/SugmFHzdK1RVv7kf9dxm2/Vte0X7
/k/fxm0X7loMEZ7wKjXFaHKnMhMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSoomwc
m4WE/EDk2cueuyWl7ZxV6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk1NmU1MDctNjNiNy00ZDdkLWFjMTktNmU1YzVkMWRkZGQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS4z4DAN
BgkqhkiG9w0BAQsFAAOCAQEAvwnBLJJNZK0JJGfVulP4uRxYjtMMojTaDC2MtEWf
xRYA9G79eRNeCtmt0EQ6UZmJMsTXf+C45EZjp0g91GkViRBBxqDSbOwv6J7V2TwS
25A38HVow9I9a7SRm4gPj0Y09eSEC6oL7Z05YFMQA0HNi/6uIn5zNKCB1Vbwm3Qt
LITgTWw85dY7xMF7XwH5ik3L1C6J8vMfCKQEgl9QSw9fRD1IBA/U1Xrx21jL5+E8
4vgRsxJ807JNE6qlcjRto+s9QKQwqArQLH8gS5B8cKVPA4M86Oi1aw8BTZJOgBBF
7pFkhABYfswAAhcJOk3Ilt06hkn22S52aI6lNBk3nw5iiw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:34 2025 by rpki-client