Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
File: 4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa (raw, json)
Hash identifier: CqJKAFuwqbvdEBn+hOupHer2KEsv/BSeMpO9K3e7eSU=
Subject key identifier: 89:EB:2E:8A:59:8B:12:65:14:90:AD:60:19:A0:32:62:05:77:B1:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D7B5E721F0E40B6ADA8A884C5E910BEAD8F9A0E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
Signing time: Tue 03 Jun 2025 16:30:53 +0000
ROA not before: Tue 03 Jun 2025 16:30:53 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:7b:5e:72:1f:0e:40:b6:ad:a8:a8:84:c5:e9:10:be:ad:8f:9a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:53 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=fe282e4ab635e909cbb7bcc57ad100b2103f5999892896a0dcfec26d95b9ef0b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5a:7a:8f:90:31:39:ad:8d:00:1b:6e:fe:e8:
cd:dd:99:37:4a:9b:24:03:c5:c1:4b:d9:88:cc:95:
32:e3:cd:b9:da:2c:d1:79:f8:76:f4:0c:9f:47:a4:
26:a5:18:a5:b1:f9:92:49:d0:d7:25:7d:09:39:85:
cf:f8:ea:ab:85:4b:f5:c7:a3:84:f6:54:b2:73:35:
41:6e:aa:97:85:b5:34:52:60:68:d5:85:1b:14:e5:
d0:dd:74:70:8b:45:36:0c:99:38:4f:68:e3:1a:b3:
e8:c8:2f:ec:08:fe:63:99:ea:21:d2:9f:22:8f:05:
4b:60:c3:b1:95:09:83:70:2c:d5:0e:c5:64:09:ba:
58:ed:56:b0:0f:e4:11:c9:94:02:99:c4:4f:d0:78:
85:cd:73:e8:e8:e3:a1:00:fa:9f:ab:64:24:46:ea:
79:c7:84:18:b2:a8:36:b9:2d:c3:b3:f0:6a:4b:98:
c4:30:e8:22:64:0d:95:56:ab:60:e8:58:a8:ff:37:
95:bf:01:c6:ea:6a:66:49:a9:a2:2f:f8:32:80:5c:
94:33:92:a0:8e:82:c4:50:30:01:70:04:97:e9:ce:
03:83:19:dd:a7:d9:c0:7d:14:af:bd:31:bc:f8:e7:
c7:24:f1:d8:f3:db:f7:a6:29:f9:87:32:16:e1:1c:
a8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:EB:2E:8A:59:8B:12:65:14:90:AD:60:19:A0:32:62:05:77:B1:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.240.0/20
Signature Algorithm: sha256WithRSAEncryption
42:64:df:9a:4f:1f:2c:b7:c5:2e:d1:57:59:b8:ea:38:2f:04:
69:e7:d4:20:19:c4:28:09:0b:cb:3a:c2:9a:56:fc:c4:e7:70:
3b:bd:56:d6:dc:39:28:58:f5:15:ed:4d:e3:54:8e:b2:9b:01:
92:d1:10:cb:a2:bc:b9:4e:e0:c8:63:18:a1:7c:3f:94:6a:70:
bc:40:55:b6:8b:25:13:1d:45:b3:d2:ea:2e:ab:7c:c6:f2:6f:
a0:f0:fc:82:a5:a6:37:30:fd:1f:54:2a:4d:91:4e:d2:57:57:
10:0f:30:71:f2:e4:68:7d:6f:a1:85:96:26:53:a5:3e:3b:06:
f6:4b:43:b3:7c:cb:f8:f0:ab:a9:2a:69:e6:fb:b0:f7:a6:2e:
c5:32:a2:c1:36:b5:1f:63:8b:34:bc:e4:2e:73:3b:3b:20:3e:
20:b7:0a:18:a4:c6:54:30:9e:6a:55:c1:f0:18:57:8d:aa:af:
2f:9d:43:4f:d6:c6:de:36:ba:43:c6:23:08:c3:95:b3:54:ff:
75:1b:53:30:b7:dd:26:6a:84:1e:97:66:a6:57:8f:99:b0:38:
55:01:e7:4a:43:55:34:fd:5b:48:6a:03:dc:c6:c8:9e:ce:e3:
3a:43:95:bb:53:7d:03:23:8d:5f:ed:81:4c:1a:70:de:4c:a2:
36:c5:ae:eb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDXtech8OQLatqKiExekQvq2Pmg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwNTNaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlMjgyZTRhYjYzNWU5MDljYmI3YmNjNTdhZDEwMGIyMTAzZjU5OTk4OTI4
OTZhMGRjZmVjMjZkOTViOWVmMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxaeo+QMTmtjQAbbv7ozd2ZN0qbJAPFwUvZiMyVMuPNudos0Xn4dvQMn0ek
JqUYpbH5kknQ1yV9CTmFz/jqq4VL9cejhPZUsnM1QW6ql4W1NFJgaNWFGxTl0N10
cItFNgyZOE9o4xqz6Mgv7Aj+Y5nqIdKfIo8FS2DDsZUJg3As1Q7FZAm6WO1WsA/k
EcmUApnET9B4hc1z6OjjoQD6n6tkJEbqeceEGLKoNrktw7PwakuYxDDoImQNlVar
YOhYqP83lb8BxupqZkmpoi/4MoBclDOSoI6CxFAwAXAEl+nOA4MZ3afZwH0Ur70x
vPjnxyTx2PPb96Yp+YcyFuEcqHkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSJ6y6K
WYsSZRSQrWAZoDJiBXexdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRkMzExNjMtMmFkNy00OWY1LWEyNGQtMmVhNDE3MGJiMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J8DAN
BgkqhkiG9w0BAQsFAAOCAQEAQmTfmk8fLLfFLtFXWbjqOC8EaefUIBnEKAkLyzrC
mlb8xOdwO71W1tw5KFj1Fe1N41SOspsBktEQy6K8uU7gyGMYoXw/lGpwvEBVtosl
Ex1Fs9LqLqt8xvJvoPD8gqWmNzD9H1QqTZFO0ldXEA8wcfLkaH1voYWWJlOlPjsG
9ktDs3zL+PCrqSpp5vuw96YuxTKiwTa1H2OLNLzkLnM7OyA+ILcKGKTGVDCealXB
8BhXjaqvL51DT9bG3ja6Q8YjCMOVs1T/dRtTMLfdJmqEHpdmplePmbA4VQHnSkNV
NP1bSGoD3MbIns7jOkOVu1N9AyONX+2BTBpw3kyiNsWu6w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:54 2025 by rpki-client