Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
File: 968c7897-1d8d-4c3a-b38e-6602ae947f34.roa (raw, json)
Hash identifier: 8DtnThnNtdUNiiuRejXzYtZK7ukvCGdS/uepP3Lhatc=
Subject key identifier: E7:7B:F2:C1:69:B9:D1:73:EC:4F:34:25:8D:BC:5A:01:B1:63:49:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A33DB757AD81E8E1443C6564D1A7C0CFC35E527
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
Signing time: Tue 03 Jun 2025 16:30:25 +0000
ROA not before: Tue 03 Jun 2025 16:30:25 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:33:db:75:7a:d8:1e:8e:14:43:c6:56:4d:1a:7c:0c:fc:35:e5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:25 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=ae81c10f8b4f0249985021e74cee817e6fb14b17215bae1605e12632ed79dd9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f3:4c:4d:96:6e:60:ec:59:d3:7b:d3:4c:14:
26:0d:90:c0:a8:46:34:a1:07:d3:0e:f0:85:4e:a7:
03:fe:e5:85:bd:64:96:1f:fb:b1:96:01:33:de:17:
20:88:15:96:a9:ed:f4:7f:30:1d:97:05:ab:b2:ae:
0f:80:82:6a:7b:46:07:82:af:0a:13:55:58:27:00:
ed:2c:75:42:c3:a0:cf:44:7a:6e:b1:3b:f1:20:23:
84:c2:1d:67:94:0e:54:5a:2d:3a:4e:fc:1b:45:d1:
ae:38:f5:5e:b7:96:27:4f:87:f3:02:3a:35:1b:bb:
86:a1:c9:68:9f:6e:5f:77:25:92:94:9b:c9:83:fa:
fc:ac:58:a4:a4:8f:15:8e:00:e5:5a:b8:a6:5d:65:
97:c2:00:9f:4b:61:ae:32:ca:d8:97:7a:e8:19:8c:
3d:d1:24:c4:bd:29:1e:c2:64:45:5c:3a:6b:c9:21:
e4:32:07:6a:e5:a9:4b:eb:05:0b:3e:b6:0e:f4:c6:
a3:03:74:f9:d6:8e:eb:7e:85:a3:b6:e3:fa:43:35:
f4:14:2f:bf:1a:30:bb:4e:ff:6c:a9:34:7a:c7:de:
17:fd:00:3a:8b:04:9e:f8:a6:fe:7e:4c:6b:27:89:
05:3f:19:0a:6d:b1:56:c4:d8:ac:f2:83:5e:96:78:
f3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7B:F2:C1:69:B9:D1:73:EC:4F:34:25:8D:BC:5A:01:B1:63:49:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.208.0/21
Signature Algorithm: sha256WithRSAEncryption
1a:e4:ce:67:45:68:9f:32:2b:82:c6:c3:6d:80:b3:6f:b4:f1:
e6:71:d5:c5:dd:61:4b:b7:59:59:45:70:e7:28:6c:0e:0f:ee:
eb:89:c4:e0:f9:ae:22:57:0a:57:8c:bf:b8:7d:f8:59:88:c0:
49:d8:c2:d5:de:fd:6a:c9:42:d5:81:e3:d5:11:2f:56:49:bf:
6e:fe:81:4e:a1:83:88:3b:7b:90:b4:d0:40:ae:dd:c5:44:0c:
1a:5d:5c:48:86:25:c9:43:bc:74:81:25:d5:26:69:d2:8a:91:
5c:37:bf:30:ee:81:a6:66:12:1e:f7:1d:ee:a3:0f:84:e1:11:
65:75:9a:de:46:9c:72:15:1f:a7:8e:93:7c:14:c4:47:ab:4e:
14:59:4a:aa:0c:6c:eb:31:cb:94:14:49:5d:9a:41:bd:38:fe:
63:af:e3:e9:64:73:17:77:22:82:6a:49:86:b5:f2:ff:72:4b:
56:1e:5c:84:56:9b:34:6a:e3:44:bf:66:2a:f1:9a:4c:01:45:
cf:75:43:6a:d4:41:15:35:5a:12:f6:e4:c3:ef:25:9b:c8:0d:
1d:57:df:77:4f:90:73:72:9f:18:b9:db:fd:0d:63:f0:a6:c3:
a6:b8:48:bc:67:66:ac:db:04:8f:f7:37:e1:66:a1:bf:f7:e9:
19:73:dd:e1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUajPbdXrYHo4UQ8ZWTRp8DPw15ScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMjVaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlODFjMTBmOGI0ZjAyNDk5ODUwMjFlNzRjZWU4MTdlNmZiMTRiMTcyMTVi
YWUxNjA1ZTEyNjMyZWQ3OWRkOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDzTE2WbmDsWdN700wUJg2QwKhGNKEH0w7whU6nA/7lhb1klh/7sZYBM94X
IIgVlqnt9H8wHZcFq7KuD4CCantGB4KvChNVWCcA7Sx1QsOgz0R6brE78SAjhMId
Z5QOVFotOk78G0XRrjj1XreWJ0+H8wI6NRu7hqHJaJ9uX3clkpSbyYP6/KxYpKSP
FY4A5Vq4pl1ll8IAn0thrjLK2Jd66BmMPdEkxL0pHsJkRVw6a8kh5DIHauWpS+sF
Cz62DvTGowN0+daO636Fo7bj+kM19BQvvxowu07/bKk0esfeF/0AOosEnvim/n5M
ayeJBT8ZCm2xVsTYrPKDXpZ485cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTne/LB
abnRc+xPNCWNvFoBsWNJiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY4Yzc4OTctMWQ4ZC00YzNhLWIzOGUtNjYwMmFlOTQ3ZjM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6J0DAN
BgkqhkiG9w0BAQsFAAOCAQEAGuTOZ0VonzIrgsbDbYCzb7Tx5nHVxd1hS7dZWUVw
5yhsDg/u64nE4PmuIlcKV4y/uH34WYjASdjC1d79aslC1YHj1REvVkm/bv6BTqGD
iDt7kLTQQK7dxUQMGl1cSIYlyUO8dIEl1SZp0oqRXDe/MO6BpmYSHvcd7qMPhOER
ZXWa3kacchUfp46TfBTER6tOFFlKqgxs6zHLlBRJXZpBvTj+Y6/j6WRzF3cigmpJ
hrXy/3JLVh5chFabNGrjRL9mKvGaTAFFz3VDatRBFTVaEvbkw+8lm8gNHVffd0+Q
c3KfGLnb/Q1j8KbDprhIvGdmrNsEj/c34Wahv/fpGXPd4Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:13 2025 by rpki-client