Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
File: 6e1e6e69-6595-40ff-9430-d53f22670630.roa (raw, json)
Hash identifier: p3jmj0dNlVXLoPLN80CuvMM+z8iqeuq4z8b96MxtY1Y=
Subject key identifier: C0:7F:F8:91:41:DB:19:A6:38:78:75:B3:38:12:BF:43:99:25:56:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58046703861BC4A44A3E25242568A632498FE6A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
Signing time: Tue 03 Jun 2025 16:30:21 +0000
ROA not before: Tue 03 Jun 2025 16:30:21 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:04:67:03:86:1b:c4:a4:4a:3e:25:24:25:68:a6:32:49:8f:e6:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:21 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=70a69743b01884586131f2d37270a5c650e1641fe1d53a49df29f806f39c2710, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:72:86:e7:45:a9:c0:70:87:a3:4b:e5:08:cb:
3d:29:c4:ba:be:2c:9b:82:0c:00:14:8f:e8:42:af:
c0:d8:85:97:8a:21:37:d9:fb:04:1a:e2:42:8f:36:
a0:b0:b8:ff:cf:c4:2b:87:16:0e:80:bf:89:09:b8:
d0:e0:9f:de:29:af:b9:cf:8b:a1:38:d0:a9:4f:73:
14:b2:51:8e:65:db:3b:f8:78:41:9a:7a:3d:19:2b:
51:22:fa:65:29:20:94:6e:06:3e:1e:af:2c:aa:a4:
59:f1:db:a4:64:9f:ba:a7:41:af:92:2b:61:71:7a:
20:8d:95:55:73:8e:11:a6:28:c8:5a:50:6f:85:00:
cf:84:7a:ff:08:9a:bf:a3:10:bf:67:94:2f:a1:6e:
2c:f2:b8:65:f1:a0:6f:95:53:53:40:2c:15:3c:54:
21:9b:0d:fa:1b:00:d8:2e:0c:38:23:3e:c5:17:ff:
d6:78:80:c6:0b:c6:34:40:0d:5c:26:bb:ed:30:e3:
38:73:f9:bd:b2:a2:3b:cd:13:a5:ec:21:e7:37:31:
90:19:ee:17:da:72:f5:c4:42:80:62:3d:95:88:7b:
d9:34:ab:7d:b6:74:b4:e8:c0:29:da:85:ec:55:0a:
b5:04:f0:c4:22:db:58:a9:2b:ad:f9:0b:1f:46:25:
53:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7F:F8:91:41:DB:19:A6:38:78:75:B3:38:12:BF:43:99:25:56:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.72.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:80:1d:ce:0b:ef:7f:27:1e:e3:79:90:42:4f:ba:48:90:a3:
7a:02:15:68:ee:76:4a:20:6b:2f:68:32:04:78:56:27:68:c9:
11:76:8a:07:c9:90:93:4a:9f:d6:a9:41:e8:38:d7:c7:9b:c6:
41:d7:08:0b:af:51:59:fe:07:40:38:ee:b3:60:41:ca:2b:94:
dc:04:29:bf:3e:06:a3:ef:05:e4:20:c2:a0:27:00:c7:61:8b:
ae:b4:8b:0d:7f:56:8b:ff:41:72:90:ac:6c:78:bb:00:56:a4:
a6:ec:76:03:9a:0a:60:d6:0f:8b:81:7e:dd:7e:95:f6:00:9e:
13:5b:87:52:f3:cb:cf:b3:5d:92:2d:93:62:b7:ff:ba:86:f3:
76:02:57:85:7c:ff:77:3e:7f:29:56:78:02:96:b1:37:4b:2b:
59:de:69:72:7c:05:3d:ce:9f:06:1f:0b:a7:8b:73:d7:ff:f7:
93:91:da:27:c2:d1:2e:ae:f7:ac:d3:a1:66:cf:fd:40:36:ed:
6c:be:83:30:d8:ae:89:c1:5f:8b:52:67:d6:8a:d7:64:60:83:
76:d8:c4:40:f7:75:66:66:ae:d6:6f:d2:26:75:ff:09:65:a4:
ca:53:84:fc:99:6a:6a:54:91:ee:48:f9:c0:1a:0b:96:df:79:
b3:66:91:36
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWARnA4YbxKRKPiUkJWimMkmP5qcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMjFaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwYTY5NzQzYjAxODg0NTg2MTMxZjJkMzcyNzBhNWM2NTBlMTY0MWZlMWQ1
M2E0OWRmMjlmODA2ZjM5YzI3MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtyhudFqcBwh6NL5QjLPSnEur4sm4IMABSP6EKvwNiFl4ohN9n7BBriQo82
oLC4/8/EK4cWDoC/iQm40OCf3imvuc+LoTjQqU9zFLJRjmXbO/h4QZp6PRkrUSL6
ZSkglG4GPh6vLKqkWfHbpGSfuqdBr5IrYXF6II2VVXOOEaYoyFpQb4UAz4R6/wia
v6MQv2eUL6FuLPK4ZfGgb5VTU0AsFTxUIZsN+hsA2C4MOCM+xRf/1niAxgvGNEAN
XCa77TDjOHP5vbKiO80Tpewh5zcxkBnuF9py9cRCgGI9lYh72TSrfbZ0tOjAKdqF
7FUKtQTwxCLbWKkrrfkLH0YlU1UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTAf/iR
QdsZpjh4dbM4Er9DmSVWpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxZTZlNjktNjU5NS00MGZmLTk0MzAtZDUzZjIyNjcwNjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JSDAN
BgkqhkiG9w0BAQsFAAOCAQEAqoAdzgvvfyce43mQQk+6SJCjegIVaO52SiBrL2gy
BHhWJ2jJEXaKB8mQk0qf1qlB6DjXx5vGQdcIC69RWf4HQDjus2BByiuU3AQpvz4G
o+8F5CDCoCcAx2GLrrSLDX9Wi/9BcpCsbHi7AFakpux2A5oKYNYPi4F+3X6V9gCe
E1uHUvPLz7Ndki2TYrf/uobzdgJXhXz/dz5/KVZ4ApaxN0srWd5pcnwFPc6fBh8L
p4tz1//3k5HaJ8LRLq73rNOhZs/9QDbtbL6DMNiuicFfi1Jn1orXZGCDdtjEQPd1
Zmau1m/SJnX/CWWkylOE/JlqalSR7kj5wBoLlt95s2aRNg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:24 2025 by rpki-client