Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
File: 9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa (raw, json)
Hash identifier: 0S1yrXtd9e59vsSDmbEeN+YdV6cGAQhFEYg8klv3htU=
Subject key identifier: C0:54:29:F1:D7:F3:46:37:1D:FD:A7:93:66:3B:13:ED:4F:A5:61:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 459B6708A95612C053AD7F96912B48673A9A418C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
Signing time: Tue 03 Jun 2025 16:30:13 +0000
ROA not before: Tue 03 Jun 2025 16:30:13 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:9b:67:08:a9:56:12:c0:53:ad:7f:96:91:2b:48:67:3a:9a:41:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:13 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=613478c4e7da4aaba94b6096e8ff7492f8ff6998b0dd1e071fa3a4cd1a2bd074, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:76:63:e2:5f:1d:e6:63:5b:1c:02:69:69:
d9:24:3b:14:06:68:61:72:d9:bf:65:b5:95:b8:2c:
a5:fa:a0:c2:ca:a9:48:0c:4b:d0:28:11:99:fd:e2:
30:f6:2c:91:2e:50:6d:ed:60:ea:5b:d3:25:8c:98:
49:15:6d:de:8f:1a:2b:2e:96:36:c1:2c:5e:30:55:
88:fd:58:6b:7b:89:d4:96:d5:1e:d8:0d:b6:ac:92:
d6:c8:2f:00:73:67:8a:30:9b:01:b5:f9:13:cd:fa:
99:32:e7:1f:ad:d7:89:3c:cd:c0:01:f6:e1:e8:e4:
49:28:cb:61:67:d1:b4:06:53:9c:c9:c4:99:83:09:
d4:6e:e8:57:2c:bf:39:c5:c2:23:9e:65:e0:c6:14:
88:c1:0a:58:db:22:9f:74:86:ed:b9:7c:47:4b:30:
24:2a:c4:e4:75:f8:c8:9e:49:20:db:b9:4a:85:ec:
df:d4:79:0e:09:39:15:30:15:f3:42:04:82:d3:72:
7e:04:45:ee:7b:c6:bf:2e:82:7d:6a:8f:ba:69:a9:
b3:4d:4a:f1:ee:a4:0a:7a:a6:20:0f:2d:7c:ce:ea:
c8:3d:df:29:13:9a:6d:b3:04:41:2d:76:a5:85:33:
57:eb:9f:6a:8b:61:c7:37:30:90:b6:a6:5e:13:48:
33:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:54:29:F1:D7:F3:46:37:1D:FD:A7:93:66:3B:13:ED:4F:A5:61:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.216.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:86:f3:06:b2:28:5a:eb:6c:45:b6:11:65:96:33:44:64:bc:
c1:95:1c:dd:a2:be:39:23:3e:34:03:16:a7:30:40:63:44:9d:
11:a7:ff:f4:8b:f6:61:6d:fb:cf:41:f3:76:d7:58:83:bc:60:
67:d7:4b:94:0f:22:69:04:7d:2e:d3:d5:7b:44:0f:7a:5d:94:
08:93:d7:31:25:da:f5:e9:cf:b1:4a:1e:80:19:18:b7:a4:0f:
2c:e6:be:ea:b2:92:89:8e:bf:df:94:8e:bc:00:2f:98:e8:fe:
33:db:50:4b:dd:6b:a8:79:f8:0e:fb:09:26:13:f0:ac:63:da:
22:7f:bf:83:1b:fc:e0:4a:2b:ef:46:bf:a4:78:d3:80:e2:bf:
87:39:02:ad:1b:64:93:5f:a5:ff:ab:57:a5:3d:46:37:75:13:
64:56:45:17:9b:57:68:4e:55:30:75:55:07:14:1a:48:dd:c5:
5b:85:41:39:86:1f:66:11:2d:03:4f:67:c7:57:d8:fd:a1:fa:
c2:07:82:73:5d:ae:2d:58:7a:92:9d:01:5d:a1:56:13:64:de:
e8:53:8e:b0:ca:76:2a:b5:26:9d:bc:d6:bb:02:35:91:07:4c:
f3:76:e0:7b:75:36:ef:1d:6e:54:51:0d:45:7f:7b:5c:57:0f:
8d:96:e3:f8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURZtnCKlWEsBTrX+WkStIZzqaQYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMTNaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxMzQ3OGM0ZTdkYTRhYWJhOTRiNjA5NmU4ZmY3NDkyZjhmZjY5OThiMGRk
MWUwNzFmYTNhNGNkMWEyYmQwNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALi7dmPiXx3mY1scAmlp2SQ7FAZoYXLZv2W1lbgspfqgwsqpSAxL0CgRmf3i
MPYskS5Qbe1g6lvTJYyYSRVt3o8aKy6WNsEsXjBViP1Ya3uJ1JbVHtgNtqyS1sgv
AHNnijCbAbX5E836mTLnH63XiTzNwAH24ejkSSjLYWfRtAZTnMnEmYMJ1G7oVyy/
OcXCI55l4MYUiMEKWNsin3SG7bl8R0swJCrE5HX4yJ5JINu5SoXs39R5Dgk5FTAV
80IEgtNyfgRF7nvGvy6CfWqPummps01K8e6kCnqmIA8tfM7qyD3fKROabbMEQS12
pYUzV+ufaothxzcwkLamXhNIM98CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTAVCnx
1/NGNx39p5NmOxPtT6VhPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI2ZWEyYzMtYzI1Yi00OTJjLTk1NDctN2M1ZGRiNzVkMTVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6J2DAN
BgkqhkiG9w0BAQsFAAOCAQEAo4bzBrIoWutsRbYRZZYzRGS8wZUc3aK+OSM+NAMW
pzBAY0SdEaf/9Iv2YW37z0HzdtdYg7xgZ9dLlA8iaQR9LtPVe0QPel2UCJPXMSXa
9enPsUoegBkYt6QPLOa+6rKSiY6/35SOvAAvmOj+M9tQS91rqHn4DvsJJhPwrGPa
In+/gxv84Eor70a/pHjTgOK/hzkCrRtkk1+l/6tXpT1GN3UTZFZFF5tXaE5VMHVV
BxQaSN3FW4VBOYYfZhEtA09nx1fY/aH6wgeCc12uLVh6kp0BXaFWE2Te6FOOsMp2
KrUmnbzWuwI1kQdM83bge3U27x1uVFENRX97XFcPjZbj+A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:54 2025 by rpki-client