Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
File: 842bd74b-e507-47ea-bb4e-32057136b2bd.roa (raw, json)
Hash identifier: 0Bp/y7avizC1FPsL75vUj5a0JT0TdVV1bBWStsiRMUI=
Subject key identifier: 92:F3:09:9E:00:D8:20:D2:1A:09:6E:E4:6F:B7:C5:1D:4A:45:B8:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E8CC9012EEC91A5A606A6360181F85618E6557C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
Signing time: Tue 03 Jun 2025 16:31:02 +0000
ROA not before: Tue 03 Jun 2025 16:31:02 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:8c:c9:01:2e:ec:91:a5:a6:06:a6:36:01:81:f8:56:18:e6:55:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:02 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=a54875864b99ce52ce20d1197b2334cce26b31a65c86082cd15b7fd4d57ca3af, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:66:54:1c:2e:ef:91:d7:be:68:4a:38:07:cd:
16:ea:2b:6f:cc:25:d3:e6:90:87:bb:cd:5a:12:f9:
21:e9:66:45:56:ca:b0:71:54:cb:b1:c7:2d:5d:fe:
b8:15:ff:24:51:9e:21:10:04:6d:7b:f2:a7:b7:d9:
f6:9b:e9:0e:8e:9d:01:9a:cc:d4:a5:c9:b6:82:60:
5b:57:00:b6:e3:a4:6b:f7:5f:2f:73:0a:0f:89:58:
8e:b1:ff:af:79:46:71:1e:2c:a0:b2:96:4f:37:d7:
3b:5e:74:8a:c9:27:ac:96:83:82:ef:c4:bc:6c:9d:
df:3b:b2:76:0f:e4:68:53:69:76:8b:1b:e1:10:35:
19:05:a0:b2:58:c3:ac:fb:5e:ab:bb:9f:c3:a6:ca:
88:99:29:e2:28:54:ec:7f:f5:b9:90:5b:14:8f:38:
a1:86:19:17:12:e1:e9:a2:68:4a:cd:1d:fc:7e:2c:
4d:8a:41:61:61:49:f1:fe:04:e9:27:3b:6d:be:c8:
83:6c:a6:5a:9e:ef:fe:43:94:72:ef:bb:f7:89:19:
8c:5a:fa:27:66:e3:14:aa:06:1b:4f:61:95:09:ed:
f6:c5:cf:78:0d:d3:1d:ee:d5:71:c4:a1:18:80:71:
c1:39:8d:7f:83:2d:5e:8c:9a:1f:fb:f7:36:36:c2:
b0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F3:09:9E:00:D8:20:D2:1A:09:6E:E4:6F:B7:C5:1D:4A:45:B8:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/18
Signature Algorithm: sha256WithRSAEncryption
c4:9c:1c:6f:9f:8e:93:0d:a9:a0:56:e2:90:07:c8:85:31:da:
bd:3a:8e:e4:1f:71:e3:24:e9:ee:19:0d:eb:84:d4:b2:56:04:
bb:77:66:71:b5:ab:20:06:a8:4c:cd:75:f7:51:fc:65:d0:b8:
69:a1:ec:4f:0c:5c:c8:29:37:f9:e4:b6:49:41:63:8d:b2:bb:
c9:2f:fd:1f:be:2d:6f:38:b4:d9:fb:77:b1:56:6e:fd:69:3e:
04:ba:ba:61:74:7a:9e:7c:17:3c:55:f1:3b:97:83:3f:87:f0:
da:b8:16:e4:da:3e:0c:c0:0f:c5:cb:70:30:df:9e:e3:73:61:
5f:78:18:ae:ef:c8:d1:86:3d:1b:c9:76:e7:70:85:99:8a:12:
54:d4:98:4f:09:04:04:ff:99:56:15:c0:98:aa:54:01:02:c2:
b7:24:3f:a7:3f:bf:31:30:cb:a0:a3:29:f5:b4:3f:d9:e7:aa:
ea:e7:8c:28:03:64:48:e0:a4:c8:b4:0c:64:76:09:51:80:ed:
e7:2f:75:8c:45:59:b0:13:11:27:40:31:fc:62:71:7e:74:d4:
5c:2e:7c:7b:a9:32:5f:50:45:06:62:89:93:3c:d2:bc:87:2d:
5d:cf:2f:f8:fa:87:8c:d6:9c:70:10:00:a6:8a:4e:27:3f:ae:
f4:2d:8e:5f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfozJAS7skaWmBqY2AYH4VhjmVXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMDJaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1NDg3NTg2NGI5OWNlNTJjZTIwZDExOTdiMjMzNGNjZTI2YjMxYTY1Yzg2
MDgyY2QxNWI3ZmQ0ZDU3Y2EzYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtmVBwu75HXvmhKOAfNFuorb8wl0+aQh7vNWhL5IelmRVbKsHFUy7HHLV3+
uBX/JFGeIRAEbXvyp7fZ9pvpDo6dAZrM1KXJtoJgW1cAtuOka/dfL3MKD4lYjrH/
r3lGcR4soLKWTzfXO150isknrJaDgu/EvGyd3zuydg/kaFNpdosb4RA1GQWgsljD
rPteq7ufw6bKiJkp4ihU7H/1uZBbFI84oYYZFxLh6aJoSs0d/H4sTYpBYWFJ8f4E
6Sc7bb7Ig2ymWp7v/kOUcu+794kZjFr6J2bjFKoGG09hlQnt9sXPeA3THe7VccSh
GIBxwTmNf4MtXoyaH/v3NjbCsJECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSS8wme
ANgg0hoJbuRvt8UdSkW4FjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQyYmQ3NGItZTUwNy00N2VhLWJiNGUtMzIwNTcxMzZiMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAxJwcb5+Okw2poFbikAfIhTHavTqO5B9x4yTp7hkN
64TUslYEu3dmcbWrIAaoTM1191H8ZdC4aaHsTwxcyCk3+eS2SUFjjbK7yS/9H74t
bzi02ft3sVZu/Wk+BLq6YXR6nnwXPFXxO5eDP4fw2rgW5No+DMAPxctwMN+e43Nh
X3gYru/I0YY9G8l253CFmYoSVNSYTwkEBP+ZVhXAmKpUAQLCtyQ/pz+/MTDLoKMp
9bQ/2eeq6ueMKANkSOCkyLQMZHYJUYDt5y91jEVZsBMRJ0Ax/GJxfnTUXC58e6ky
X1BFBmKJkzzSvIctXc8v+PqHjNaccBAApopOJz+u9C2OXw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:17 2025 by rpki-client