Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
File: 842bd74b-e507-47ea-bb4e-32057136b2bd.roa (raw, json)
Hash identifier: XaADkAg5t8knSD4GdV0BbIQ6fRbu80Y/BdqKWrimjls=
Subject key identifier: B2:CB:01:5D:49:84:7F:41:A5:39:B9:55:CE:46:0A:3B:70:0F:C7:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 231416AAD534729CA8EF63EFFF27D73026C85857
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
Signing time: Fri 25 Jul 2025 17:00:25 +0000
ROA not before: Fri 25 Jul 2025 17:00:25 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:14:16:aa:d5:34:72:9c:a8:ef:63:ef:ff:27:d7:30:26:c8:58:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:25 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=120b32b90e17450f0c76e6f81cfde812bcd5d8780c810862e74a863e53de47b4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:42:19:01:79:42:cb:b4:a4:0b:48:9d:18:de:
ab:52:53:e3:09:ff:62:b3:5a:64:52:44:a3:b3:71:
db:fb:f7:c7:df:59:58:3f:81:b6:62:c3:d3:ec:ec:
ac:40:65:09:f5:25:ec:35:fa:20:ea:03:19:0b:61:
27:87:6d:71:28:33:d0:5b:25:5e:ac:c3:da:36:ed:
4b:83:b6:f9:1d:49:52:cd:f0:86:7c:cc:01:fa:ca:
63:5e:e1:ec:bd:d3:bd:17:80:1b:72:da:5f:97:09:
68:c4:52:d8:b2:f5:d0:e3:00:fe:70:32:e2:86:91:
81:dd:bd:1f:af:ac:ee:47:79:e9:94:d8:7a:f0:6a:
23:92:69:3a:f4:ee:13:ce:9e:3c:8e:a4:5e:30:2f:
c6:53:80:77:9d:01:00:8f:6e:ea:c2:95:f7:19:2e:
cc:9d:1d:50:bb:07:d6:ff:47:08:f4:0b:f3:cd:f2:
72:e0:d1:19:4e:bb:4f:18:9c:94:42:67:87:3f:b5:
24:66:2f:ac:bd:3c:b6:ad:e9:4d:d0:fa:88:35:24:
fd:8f:0d:72:26:a0:58:2c:96:f1:34:96:4a:00:39:
74:d1:5f:90:d4:fd:6b:21:cf:9e:d3:e4:13:b2:60:
0a:21:eb:31:c3:93:79:a8:ac:97:26:d6:45:85:f2:
1c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CB:01:5D:49:84:7F:41:A5:39:B9:55:CE:46:0A:3B:70:0F:C7:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/18
Signature Algorithm: sha256WithRSAEncryption
61:ba:29:7e:11:3d:cc:d0:08:9b:9c:d8:f4:29:50:81:c5:7e:
16:44:f6:9a:45:88:97:ea:e9:5a:24:06:72:36:f7:a1:e0:55:
2b:44:b4:5c:b2:37:7d:51:be:d6:ef:58:30:15:c0:69:b0:78:
f1:dd:aa:9c:7a:e9:79:c0:03:4f:5e:66:8e:d1:57:30:74:e3:
bf:50:f3:d1:12:fa:71:f3:de:34:e4:ef:4a:e5:95:5c:0d:de:
dc:7f:c7:58:1b:57:6d:3a:4c:16:b8:13:49:2c:ab:55:43:ba:
b4:90:94:41:ea:3a:8e:bf:f4:25:7a:e3:2e:29:3b:7b:0f:d8:
93:65:7a:60:d3:03:9b:8a:7e:bd:61:cd:49:b1:65:d6:ae:ea:
37:f3:3b:aa:e8:b1:f2:cf:77:f4:a5:0c:27:d1:8b:55:77:9d:
87:bd:67:ce:4c:cf:ee:10:2e:7f:4c:94:25:c8:c7:b8:9b:d0:
9f:20:90:8a:c0:9d:ca:7c:d0:e0:4d:1a:f1:27:9f:3d:77:e8:
63:ab:21:c2:96:df:4c:c9:e1:88:e4:94:0d:b7:42:51:6a:35:
1d:06:a8:a6:b8:ba:1e:ec:cd:3a:7f:49:ee:15:77:6b:28:48:
84:0b:af:3a:0b:ec:a6:d0:24:4e:bf:58:e4:6a:a4:d2:7b:e6:
a4:13:6e:75
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIxQWqtU0cpyo72Pv/yfXMCbIWFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMjVaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyMGIzMmI5MGUxNzQ1MGYwYzc2ZTZmODFjZmRlODEyYmNkNWQ4NzgwYzgx
MDg2MmU3NGE4NjNlNTNkZTQ3YjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpCGQF5Qsu0pAtInRjeq1JT4wn/YrNaZFJEo7Nx2/v3x99ZWD+BtmLD0+zs
rEBlCfUl7DX6IOoDGQthJ4dtcSgz0FslXqzD2jbtS4O2+R1JUs3whnzMAfrKY17h
7L3TvReAG3LaX5cJaMRS2LL10OMA/nAy4oaRgd29H6+s7kd56ZTYevBqI5JpOvTu
E86ePI6kXjAvxlOAd50BAI9u6sKV9xkuzJ0dULsH1v9HCPQL883ycuDRGU67Txic
lEJnhz+1JGYvrL08tq3pTdD6iDUk/Y8NciagWCyW8TSWSgA5dNFfkNT9ayHPntPk
E7JgCiHrMcOTeaislybWRYXyHA8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSyywFd
SYR/QaU5uVXORgo7cA/HxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQyYmQ3NGItZTUwNy00N2VhLWJiNGUtMzIwNTcxMzZiMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAYbopfhE9zNAIm5zY9ClQgcV+FkT2mkWIl+rpWiQG
cjb3oeBVK0S0XLI3fVG+1u9YMBXAabB48d2qnHrpecADT15mjtFXMHTjv1Dz0RL6
cfPeNOTvSuWVXA3e3H/HWBtXbTpMFrgTSSyrVUO6tJCUQeo6jr/0JXrjLik7ew/Y
k2V6YNMDm4p+vWHNSbFl1q7qN/M7quix8s939KUMJ9GLVXedh71nzkzP7hAuf0yU
JcjHuJvQnyCQisCdynzQ4E0a8SefPXfoY6shwpbfTMnhiOSUDbdCUWo1HQaopri6
HuzNOn9J7hV3ayhIhAuvOgvsptAkTr9Y5Gqk0nvmpBNudQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:27 2025 by rpki-client