Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json)
Hash identifier: Jp2X9pNGgMlmQO/Fq/qPyOYEtk11njokqSzZay/QHFw=
Subject key identifier: 42:14:D7:4A:AC:83:04:3D:89:75:F0:84:3C:57:F7:12:E4:B4:9B:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0865DC753426EC15203AF17B73EF02C0CDEC3DA0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
Signing time: Tue 03 Jun 2025 16:30:20 +0000
ROA not before: Tue 03 Jun 2025 16:30:20 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:65:dc:75:34:26:ec:15:20:3a:f1:7b:73:ef:02:c0:cd:ec:3d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:20 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=d3fb920ef66c37baa64dc8ddf98fdd89359b5d04efd9710dad39b609a3f17188, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:84:c1:72:70:f0:0e:2a:16:e8:00:78:06:73:
1a:28:b8:33:ef:57:ab:6f:4e:a6:72:51:9a:f9:b0:
3b:1f:a9:b9:8f:f8:10:90:4a:56:86:d4:ce:6b:21:
6b:a9:49:68:cc:82:d4:98:f4:e7:1c:64:f0:96:5d:
5f:37:c3:11:ec:53:b6:20:5a:58:b0:d6:92:f3:f5:
a6:b2:41:df:15:1d:83:20:06:23:b5:09:cb:4c:56:
19:12:fe:2e:fd:64:ba:fb:cc:67:bd:05:8c:c9:6c:
aa:a0:4e:e0:b3:d5:7e:f6:7e:74:ef:ec:c9:7a:b3:
42:85:70:29:0e:58:3c:18:58:e5:15:e0:ee:f8:a3:
e6:bc:70:e2:06:68:45:f4:d5:75:50:a1:6f:d5:26:
1e:a7:87:30:eb:1f:d7:48:92:3c:3a:8f:c2:44:ae:
24:e2:8b:c4:7b:eb:12:b1:ac:9e:19:ce:f3:34:0c:
b4:f8:c3:60:dd:02:ff:16:d1:0c:ea:9d:b1:e8:d5:
ad:62:02:1a:6a:94:02:ec:8a:27:39:3c:ec:f3:3a:
d0:d4:3d:9e:08:6e:8c:20:48:10:93:05:b1:56:27:
c3:dd:bd:43:04:aa:6f:0c:2e:fe:b9:fb:d2:86:24:
45:51:77:12:8f:29:05:31:9e:09:ea:85:db:89:a9:
90:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:14:D7:4A:AC:83:04:3D:89:75:F0:84:3C:57:F7:12:E4:B4:9B:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
17:23:d2:84:e2:c8:06:9c:5c:31:c6:bd:60:48:b3:35:4b:99:
c5:b5:13:84:4b:80:48:26:b0:40:45:3c:5b:28:8d:9c:c5:46:
5b:41:0d:16:ee:f7:65:1a:8c:a4:b6:d9:39:e5:9f:f1:05:de:
9a:6f:c9:65:aa:2c:5c:c0:22:5a:57:61:4c:88:ca:9a:dd:68:
17:76:b3:bb:b4:40:31:fa:e0:3e:49:68:0f:9b:16:ee:80:d5:
94:84:a5:d3:cc:bf:6f:f8:f9:9f:77:6b:c0:4b:7c:e6:8a:ad:
ef:1e:5a:8b:d3:fe:79:09:f7:1b:88:ec:ab:b4:5e:c4:a2:7f:
37:f4:4f:16:09:80:e6:5b:8f:ac:c9:5a:be:5f:19:c8:b3:fd:
75:4d:03:27:70:84:2c:ca:5e:c0:27:30:57:0c:70:eb:7c:37:
fd:17:a6:dd:81:5d:29:b1:a9:db:cd:2e:46:92:ab:4d:30:3e:
fc:37:df:94:6e:86:65:9d:38:8d:d9:09:3f:cb:51:03:65:f3:
8f:36:03:7e:df:8a:7d:ef:85:ec:fb:55:bf:10:73:29:e3:45:
69:9b:75:7f:8d:d7:c4:62:14:94:8e:e8:4d:e1:fc:ed:34:b0:
e7:97:35:ff:62:9d:fc:29:1e:c4:e0:46:d8:fd:8c:00:38:81:
7c:af:b8:2a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCGXcdTQm7BUgOvF7c+8CwM3sPaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMjBaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzZmI5MjBlZjY2YzM3YmFhNjRkYzhkZGY5OGZkZDg5MzU5YjVkMDRlZmQ5
NzEwZGFkMzliNjA5YTNmMTcxODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeEwXJw8A4qFugAeAZzGii4M+9Xq29OpnJRmvmwOx+puY/4EJBKVobUzmsh
a6lJaMyC1Jj05xxk8JZdXzfDEexTtiBaWLDWkvP1prJB3xUdgyAGI7UJy0xWGRL+
Lv1kuvvMZ70FjMlsqqBO4LPVfvZ+dO/syXqzQoVwKQ5YPBhY5RXg7vij5rxw4gZo
RfTVdVChb9UmHqeHMOsf10iSPDqPwkSuJOKLxHvrErGsnhnO8zQMtPjDYN0C/xbR
DOqdsejVrWICGmqUAuyKJzk87PM60NQ9nghujCBIEJMFsVYnw929QwSqbwwu/rn7
0oYkRVF3Eo8pBTGeCeqF24mpkKUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRCFNdK
rIMEPYl18IQ8V/cS5LSbiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAFyPShOLIBpxcMca9YEizNUuZxbUThEuASCawQEU8
WyiNnMVGW0ENFu73ZRqMpLbZOeWf8QXemm/JZaosXMAiWldhTIjKmt1oF3azu7RA
MfrgPkloD5sW7oDVlISl08y/b/j5n3drwEt85oqt7x5ai9P+eQn3G4jsq7RexKJ/
N/RPFgmA5luPrMlavl8ZyLP9dU0DJ3CELMpewCcwVwxw63w3/Rem3YFdKbGp280u
RpKrTTA+/DfflG6GZZ04jdkJP8tRA2XzjzYDft+Kfe+F7PtVvxBzKeNFaZt1f43X
xGIUlI7oTeH87TSw55c1/2Kd/CkexOBG2P2MADiBfK+4Kg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:14 2025 by rpki-client