Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json)
Hash identifier: Cmkq5M6RzBMEraQX8SbAHNZeFvTgpu+c91ert+aJsgA=
Subject key identifier: 97:3E:6B:9A:D6:64:D8:21:43:B9:43:14:84:B9:18:2C:A0:12:46:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 034EB2A469213AE6F69DF5EE754C651E4A55374A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
Signing time: Fri 25 Jul 2025 16:51:17 +0000
ROA not before: Fri 25 Jul 2025 16:51:17 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:4e:b2:a4:69:21:3a:e6:f6:9d:f5:ee:75:4c:65:1e:4a:55:37:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:51:17 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=9cb1076e089d161200f9d4bc1684b49938dd14425d5ab92525192e3fab1b4576, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9c:25:51:bb:45:a8:e3:b2:b7:d5:42:8d:eb:
fd:2b:5e:6b:3c:e7:c2:d9:91:08:f2:b4:a8:e1:2d:
40:5b:50:5d:86:ff:14:41:97:c4:d9:dd:08:2b:60:
be:bb:e7:e0:ae:bc:fc:e1:5c:e2:f4:c0:f3:ac:92:
a3:29:2b:75:81:4f:ed:57:5b:21:b1:76:f7:15:58:
9d:e2:74:9d:a9:d6:71:ca:68:90:3e:eb:42:9e:ae:
31:16:f3:18:d9:e1:4e:0a:a1:2b:84:1a:48:44:f7:
f4:c1:e6:48:cb:40:07:39:c5:b7:bc:1c:71:fe:d1:
dd:4c:c3:42:79:79:57:cc:ee:85:cc:c1:86:30:e7:
ce:16:1b:cf:ca:38:9c:94:49:29:26:1b:fc:a1:a0:
34:92:e3:e1:75:65:a1:7b:9a:91:aa:c2:6c:46:27:
64:cb:38:7e:12:32:29:4d:65:8e:15:57:a0:c9:59:
3a:43:e3:d8:47:5e:cc:6a:47:6e:f3:b5:64:38:5e:
7e:83:12:36:a2:e6:f8:59:85:41:c6:00:82:99:e4:
f3:1f:1a:50:44:3a:f6:53:7a:b4:28:57:e8:e5:9b:
4f:7a:14:78:b4:7c:28:91:95:e5:2c:ec:9b:74:80:
8b:6e:67:88:6f:31:41:8c:bf:e7:96:0a:76:ee:8f:
c2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3E:6B:9A:D6:64:D8:21:43:B9:43:14:84:B9:18:2C:A0:12:46:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:9e:a0:04:fc:43:62:2f:de:60:a0:d7:3b:9e:04:fc:3e:75:
94:4a:e4:55:62:e4:d9:15:43:d7:77:56:de:96:c4:25:4e:09:
6a:73:60:bb:1e:c4:00:d9:ac:18:de:32:1c:76:12:dd:5e:60:
50:dd:d6:13:15:65:eb:55:96:0a:bd:d0:c5:77:b6:0d:a2:e0:
7b:3a:d1:7f:3c:1a:98:23:f3:39:4b:92:76:2d:83:71:81:5d:
71:a2:e7:87:e4:78:ee:2d:99:a9:a2:b8:ff:c0:7e:b2:90:3e:
4e:f1:e2:9e:1e:7f:30:bd:eb:bd:0a:e3:eb:61:93:fe:5f:62:
ea:43:24:3e:cf:34:08:a6:f3:07:45:89:27:eb:2c:5b:18:b7:
cf:38:cf:aa:f7:0b:1a:98:45:dd:c1:be:f2:bb:17:96:f4:a3:
d9:96:7e:80:8a:b2:05:70:b4:f8:a4:6f:ea:de:54:df:f5:ae:
44:1f:72:eb:0f:d3:d3:b2:da:37:d5:9f:3c:8a:c3:5b:90:1c:
4e:d9:ec:42:51:9a:91:aa:b0:3c:fe:50:47:8a:fa:58:9a:9c:
7e:54:3b:89:1d:b7:98:f4:3e:66:91:b8:02:16:18:8d:66:1f:
d7:46:47:df:f3:13:7f:47:b9:ad:76:02:ca:2f:56:03:01:95:
d3:5c:32:83
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA06ypGkhOub2nfXudUxlHkpVN0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUxMTdaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDljYjEwNzZlMDg5ZDE2MTIwMGY5ZDRiYzE2ODRiNDk5MzhkZDE0NDI1ZDVh
YjkyNTI1MTkyZTNmYWIxYjQ1NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmcJVG7RajjsrfVQo3r/SteazznwtmRCPK0qOEtQFtQXYb/FEGXxNndCCtg
vrvn4K68/OFc4vTA86ySoykrdYFP7VdbIbF29xVYneJ0nanWccpokD7rQp6uMRbz
GNnhTgqhK4QaSET39MHmSMtABznFt7wccf7R3UzDQnl5V8zuhczBhjDnzhYbz8o4
nJRJKSYb/KGgNJLj4XVloXuakarCbEYnZMs4fhIyKU1ljhVXoMlZOkPj2EdezGpH
bvO1ZDhefoMSNqLm+FmFQcYAgpnk8x8aUEQ69lN6tChX6OWbT3oUeLR8KJGV5Szs
m3SAi25niG8xQYy/55YKdu6PwlUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSXPmua
1mTYIUO5QxSEuRgsoBJG9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAW56gBPxDYi/eYKDXO54E/D51lErkVWLk2RVD13dW
3pbEJU4JanNgux7EANmsGN4yHHYS3V5gUN3WExVl61WWCr3QxXe2DaLgezrRfzwa
mCPzOUuSdi2DcYFdcaLnh+R47i2ZqaK4/8B+spA+TvHinh5/ML3rvQrj62GT/l9i
6kMkPs80CKbzB0WJJ+ssWxi3zzjPqvcLGphF3cG+8rsXlvSj2ZZ+gIqyBXC0+KRv
6t5U3/WuRB9y6w/T07LaN9WfPIrDW5AcTtnsQlGakaqwPP5QR4r6WJqcflQ7iR23
mPQ+ZpG4AhYYjWYf10ZH3/MTf0e5rXYCyi9WAwGV01wygw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:21 2025 by rpki-client