Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: hxCqC5VXQkwhAc7QHsGpVQXBRQhFZT+kanIBQ7Bvfr0=
Subject key identifier: A6:08:22:9D:B2:B7:B9:C0:2E:1D:11:B1:EE:9F:50:F5:27:0D:3C:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06A8BA3937354E401B6C00AE54FA9751DAC2F9D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Tue 03 Jun 2025 16:31:01 +0000
ROA not before: Tue 03 Jun 2025 16:31:01 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:a8:ba:39:37:35:4e:40:1b:6c:00:ae:54:fa:97:51:da:c2:f9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:01 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=15ccbe110dc30320af618ef3d43f73b50be430ae280831af8141da92074396b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:93:d4:88:1f:2a:4f:31:23:05:65:a6:ef:7f:
58:cb:17:a9:78:87:4f:87:3d:ed:8f:35:10:10:0f:
58:33:6c:7b:28:c7:14:1c:e5:bc:45:9e:22:21:28:
b2:eb:5f:f6:96:89:d3:ef:38:20:c4:1c:88:0c:36:
d6:30:b0:59:3e:5a:f0:c5:e5:77:0c:3e:78:81:ae:
02:a6:20:d2:7b:1a:e0:02:7e:7b:59:fd:d5:33:f7:
0d:65:8c:f4:d0:ae:76:0a:ee:27:59:85:0c:e3:d8:
6d:fb:4f:9a:00:9f:cd:5f:df:79:65:64:9d:4c:c0:
d3:f2:c6:e4:f4:ab:bd:d3:5f:cb:e1:89:f3:8b:2c:
37:89:e0:b3:65:0e:73:cb:d7:f2:8c:86:48:1a:2e:
8a:4e:7b:ed:d8:69:d9:3d:20:d0:32:9f:98:7f:f9:
6b:1e:2c:78:35:f4:b3:03:c1:e0:ed:94:1b:81:58:
95:a2:07:c6:e6:4f:ac:70:9f:e6:09:fe:2a:ae:56:
98:f8:79:d9:e9:93:ba:9f:f3:28:00:2e:73:cb:c9:
c8:7b:dd:58:77:34:23:61:c8:c2:b5:ad:d9:f4:c3:
77:dd:bd:cd:ed:77:cc:0e:88:a4:03:9b:f6:5e:2a:
4f:77:95:f7:f9:93:fe:ea:c3:46:f5:9e:6c:d8:2e:
92:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:08:22:9D:B2:B7:B9:C0:2E:1D:11:B1:EE:9F:50:F5:27:0D:3C:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
a7:4d:6a:6c:d2:fa:a2:68:ac:14:34:1a:6c:7f:34:71:d5:12:
15:8a:89:ef:ad:6b:e5:54:fc:0f:0f:de:62:98:04:02:28:7b:
07:84:14:f5:59:5f:70:6f:69:47:e2:25:1e:de:b8:ee:77:c8:
11:7a:c3:fd:ee:44:ca:8b:de:da:72:6e:4d:a1:91:89:fa:80:
be:37:d9:6b:24:73:e6:38:7f:c2:fd:30:db:77:9a:db:a6:38:
d2:62:95:2d:41:3c:42:f1:c5:61:7e:31:25:9c:b8:cb:e3:f1:
58:63:3c:3d:1a:10:3c:fa:82:7e:dc:11:ee:9b:df:32:59:b1:
fd:5c:ee:75:81:88:06:f2:ce:fd:5a:2a:86:21:69:0c:ca:93:
0d:59:ce:d4:a9:99:54:75:91:b2:25:86:da:9d:03:9f:00:c0:
07:8a:ff:44:0e:fa:2c:d6:b8:34:a1:67:ee:9a:6f:e4:f7:d4:
65:cd:18:47:0c:4d:56:5f:6e:02:a1:9b:5b:f8:ce:6a:9c:db:
36:53:1b:3a:89:ce:ba:9f:b1:af:2e:de:83:4a:13:e5:f7:be:
16:8b:09:db:d1:5a:79:55:c9:ff:5b:64:ef:ff:d1:5c:5e:86:
c7:df:dd:89:c0:ab:3b:51:6a:1f:94:dc:01:74:e7:41:0a:9f:
93:59:67:1f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBqi6OTc1TkAbbACuVPqXUdrC+dgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMDFaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1Y2NiZTExMGRjMzAzMjBhZjYxOGVmM2Q0M2Y3M2I1MGJlNDMwYWUyODA4
MzFhZjgxNDFkYTkyMDc0Mzk2YjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJCT1IgfKk8xIwVlpu9/WMsXqXiHT4c97Y81EBAPWDNseyjHFBzlvEWeIiEo
sutf9paJ0+84IMQciAw21jCwWT5a8MXldww+eIGuAqYg0nsa4AJ+e1n91TP3DWWM
9NCudgruJ1mFDOPYbftPmgCfzV/feWVknUzA0/LG5PSrvdNfy+GJ84ssN4ngs2UO
c8vX8oyGSBouik577dhp2T0g0DKfmH/5ax4seDX0swPB4O2UG4FYlaIHxuZPrHCf
5gn+Kq5WmPh52emTup/zKAAuc8vJyHvdWHc0I2HIwrWt2fTDd929ze13zA6IpAOb
9l4qT3eV9/mT/urDRvWebNgukkMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSmCCKd
sre5wC4dEbHun1D1Jw088jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAp01qbNL6omisFDQabH80cdUSFYqJ761r5VT8Dw/e
YpgEAih7B4QU9VlfcG9pR+IlHt647nfIEXrD/e5Eyove2nJuTaGRifqAvjfZayRz
5jh/wv0w23ea26Y40mKVLUE8QvHFYX4xJZy4y+PxWGM8PRoQPPqCftwR7pvfMlmx
/VzudYGIBvLO/VoqhiFpDMqTDVnO1KmZVHWRsiWG2p0DnwDAB4r/RA76LNa4NKFn
7ppv5PfUZc0YRwxNVl9uAqGbW/jOapzbNlMbOonOup+xry7eg0oT5fe+FosJ29Fa
eVXJ/1tk7//RXF6Gx9/dicCrO1FqH5TcAXTnQQqfk1lnHw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:28 2025 by rpki-client