Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
File: 8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa (raw, json)
Hash identifier: T7d+o4N4UqCUgztjh7WO1qudXj/u2xTSipTsK4COv34=
Subject key identifier: E9:11:03:16:8A:77:96:83:82:12:82:04:97:03:21:CC:FE:4C:F4:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FEE241BBED8FBD3AA8B39B41317DC8DDFA9B384
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
Signing time: Tue 03 Jun 2025 16:31:25 +0000
ROA not before: Tue 03 Jun 2025 16:31:25 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ee:24:1b:be:d8:fb:d3:aa:8b:39:b4:13:17:dc:8d:df:a9:b3:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:25 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=fd00c88afd667372cf7e22dc5c7291cd393601dfb9d9c93f61bc50ac3b35612c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6e:39:d5:b8:66:8a:70:24:6b:f6:d4:3b:e4:
de:35:b3:50:e4:06:eb:d2:e4:4b:80:35:2a:4f:e5:
15:72:d3:67:ce:3b:86:96:61:03:c3:a5:e3:c5:c9:
ad:9c:f8:25:79:a2:ef:d0:76:90:27:cb:af:89:71:
95:ce:83:c0:24:ad:f8:39:ca:30:9e:16:6a:e7:d7:
a6:96:03:6d:83:5c:ce:8d:49:77:00:ef:0b:8b:fd:
ff:66:d8:6a:12:e6:e3:9c:7a:27:1c:8e:46:40:cc:
1c:49:ea:75:1e:3f:de:4e:d6:78:73:f1:32:d8:a2:
aa:1b:73:c8:5c:98:87:6f:07:8f:9b:d7:f0:68:29:
74:46:83:ae:e5:9d:f8:ea:b5:d7:39:e5:32:01:8f:
91:c8:21:69:92:79:c8:49:6f:51:1c:b7:7c:79:e0:
52:ff:9a:ee:cd:ed:ff:3f:b3:d2:57:cd:99:92:ba:
df:a4:69:33:7b:3b:44:ca:73:e6:03:6e:5d:74:c1:
5f:4e:81:2c:d2:be:7d:96:03:5c:a5:5e:ac:17:05:
88:71:7f:0c:04:3e:2c:1e:f1:c9:59:01:9d:54:3f:
50:40:28:43:d6:61:32:f8:e9:ed:94:56:f6:5c:f4:
fe:a8:aa:7c:f3:31:79:96:8f:ae:8a:31:d8:c7:8b:
69:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:11:03:16:8A:77:96:83:82:12:82:04:97:03:21:CC:FE:4C:F4:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.192.0/20
Signature Algorithm: sha256WithRSAEncryption
43:23:4f:ba:bd:4c:ef:a6:97:96:79:68:11:d3:62:fa:72:fa:
12:65:54:b8:5b:fd:28:3c:05:6b:aa:af:c2:a3:24:df:8a:4b:
94:3f:47:ac:0f:60:15:db:f4:fa:8e:7a:14:ab:fb:8c:ac:0e:
05:72:48:60:e4:6f:fd:63:c6:a6:2a:e5:63:0e:9a:16:09:37:
76:bf:ec:cb:60:63:ad:83:99:fe:f6:96:a3:57:2e:79:a2:97:
5a:e2:25:d4:5b:e6:c5:bf:9d:b9:1d:4f:66:27:0c:b2:e8:2e:
5c:64:42:ba:48:8d:51:84:fb:92:63:ae:6d:0d:f4:91:cd:d5:
7c:ef:30:61:83:92:2a:b1:57:fc:4b:8e:32:3e:7b:7d:46:94:
18:8e:1d:a7:88:25:5e:8c:cb:50:d2:f8:8d:7e:99:66:50:92:
3b:ad:09:9e:b1:09:8b:4d:aa:28:5f:ed:01:4c:64:50:6a:8e:
26:f7:c8:b2:61:d3:1d:76:8e:ff:9e:f8:2b:d0:08:71:fa:90:
68:14:09:1b:f1:89:33:6f:d0:d9:4f:3c:64:88:fc:b8:87:55:
f9:64:26:3d:a0:5f:91:21:91:a3:7e:00:39:35:26:53:03:83:
50:f5:34:06:d4:08:9b:5f:0f:cd:fd:2d:93:0a:3c:32:98:13:
58:d7:b6:96
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUL+4kG77Y+9Oqizm0Exfcjd+ps4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMjVaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMDBjODhhZmQ2NjczNzJjZjdlMjJkYzVjNzI5MWNkMzkzNjAxZGZiOWQ5
YzkzZjYxYmM1MGFjM2IzNTYxMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNuOdW4ZopwJGv21Dvk3jWzUOQG69LkS4A1Kk/lFXLTZ847hpZhA8Ol48XJ
rZz4JXmi79B2kCfLr4lxlc6DwCSt+DnKMJ4WaufXppYDbYNczo1JdwDvC4v9/2bY
ahLm45x6JxyORkDMHEnqdR4/3k7WeHPxMtiiqhtzyFyYh28Hj5vX8GgpdEaDruWd
+Oq11znlMgGPkcghaZJ5yElvURy3fHngUv+a7s3t/z+z0lfNmZK636RpM3s7RMpz
5gNuXXTBX06BLNK+fZYDXKVerBcFiHF/DAQ+LB7xyVkBnVQ/UEAoQ9ZhMvjp7ZRW
9lz0/qiqfPMxeZaProox2MeLaVcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTpEQMW
ineWg4ISggSXAyHM/kz0bDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFiOTMwODMtMDBmNy00ODQxLThjZWYtNmI1OTI2YjZlM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQyNPur1M76aXlnloEdNi+nL6EmVUuFv9KDwFa6qv
wqMk34pLlD9HrA9gFdv0+o56FKv7jKwOBXJIYORv/WPGpirlYw6aFgk3dr/sy2Bj
rYOZ/vaWo1cueaKXWuIl1Fvmxb+duR1PZicMsuguXGRCukiNUYT7kmOubQ30kc3V
fO8wYYOSKrFX/EuOMj57fUaUGI4dp4glXozLUNL4jX6ZZlCSO60JnrEJi02qKF/t
AUxkUGqOJvfIsmHTHXaO/574K9AIcfqQaBQJG/GJM2/Q2U88ZIj8uIdV+WQmPaBf
kSGRo34AOTUmUwODUPU0BtQIm18Pzf0tkwo8MpgTWNe2lg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:15 2025 by rpki-client