Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
File: 9c3be55c-de0f-4901-938e-229a296fa31f.roa (raw, json)
Hash identifier: vH0y93NwDuqMm5quB2yE/Na2gIjN+tCbnkkiwNpVbgA=
Subject key identifier: 18:A0:6F:DA:87:6F:7A:7A:BF:78:AD:21:F5:4E:04:D9:4E:88:E7:BA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03C0EFC77A5D5E9AE09DB9D672B1CE93BC7EB8C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
Signing time: Tue 03 Jun 2025 16:30:11 +0000
ROA not before: Tue 03 Jun 2025 16:30:11 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c0:ef:c7:7a:5d:5e:9a:e0:9d:b9:d6:72:b1:ce:93:bc:7e:b8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:11 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=25fe7288873e3cec12bbe86568ca39b167bec5e479ae7fef647df42d0e66d8e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6b:49:e2:a4:f4:42:bb:aa:42:92:b9:cd:b7:
eb:ef:a4:2e:80:46:4c:4f:b0:f4:f5:79:b4:35:55:
25:44:13:71:e8:94:6b:f8:2d:3c:a4:8a:8b:70:0e:
51:ec:4e:3c:4f:07:ed:c7:81:a6:ce:6f:f8:c5:fa:
7e:90:1d:ef:49:0f:ea:05:bd:23:32:89:4a:3f:3a:
94:12:14:05:95:a1:f6:6d:f5:b1:2b:f2:f2:ee:2d:
a2:10:3a:d0:4a:84:06:8f:ed:e4:5d:8a:84:e4:0c:
d7:08:fb:03:24:1f:fd:34:05:c8:3e:99:c5:7a:2d:
9c:46:4b:af:c4:9e:50:9b:d1:00:db:5b:74:c1:f7:
d4:f3:d9:55:9e:d3:b6:98:c9:09:c1:f9:d4:5d:28:
d9:ec:f1:d9:e0:a0:e6:a5:9e:18:c6:6c:b9:b4:71:
cf:67:2d:c0:a3:8c:d0:56:c1:6c:00:63:51:33:8e:
08:12:ce:b2:c0:41:79:08:29:7b:2a:f8:02:c8:2b:
b3:db:d2:21:66:98:31:ef:4f:3d:01:5b:dd:c4:e4:
d5:67:be:fe:38:6c:01:33:90:a0:ce:60:64:f1:ec:
ba:0c:12:9b:fa:21:07:e4:14:39:4c:26:b1:ca:f5:
90:c5:45:18:80:d8:0d:a3:b6:3a:bc:c7:d5:e5:7d:
7d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A0:6F:DA:87:6F:7A:7A:BF:78:AD:21:F5:4E:04:D9:4E:88:E7:BA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.168.0/23
Signature Algorithm: sha256WithRSAEncryption
32:dd:c2:8e:68:ac:79:f6:df:f4:10:b6:cf:ac:41:35:cf:e4:
36:cc:9f:34:11:f6:98:75:da:2a:7c:31:19:00:a9:89:1b:45:
d9:20:c7:f8:9a:66:68:19:d9:30:e0:b4:65:f5:ea:64:8d:e9:
4f:16:22:df:8c:67:8b:7e:07:3e:da:32:b2:21:6f:70:fc:8b:
94:6d:2d:21:79:31:c2:d1:f1:7d:ed:fc:3e:a2:7d:8e:77:5c:
62:7a:85:b0:95:74:30:20:17:70:46:00:1e:a2:4d:41:f5:5e:
bb:be:c5:44:73:4b:03:ea:a0:07:20:e5:e8:47:a1:05:5d:3b:
0f:27:9e:77:09:90:22:3f:fc:3d:58:21:79:1b:ea:13:0b:f6:
ec:0b:43:0e:c0:9f:05:b5:9d:eb:a3:9e:f3:56:60:df:29:b9:
5e:85:0b:4b:87:6d:d6:bc:8b:6d:8a:32:25:e3:55:8b:3a:67:
19:f6:15:69:10:00:a6:2b:32:65:56:58:dc:3a:a5:c4:9b:18:
26:f4:0f:a0:f4:6f:1d:73:02:8a:da:80:ef:38:ff:72:81:9a:
ae:14:3f:f0:a6:1f:9a:25:b8:d7:b7:2b:3f:b3:9b:07:7e:68:
13:06:69:ab:ea:d9:62:14:ab:93:96:31:b2:ab:95:99:d1:03:
ea:b1:e9:f7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA8Dvx3pdXprgnbnWcrHOk7x+uMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMTFaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZmU3Mjg4ODczZTNjZWMxMmJiZTg2NTY4Y2EzOWIxNjdiZWM1ZTQ3OWFl
N2ZlZjY0N2RmNDJkMGU2NmQ4ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBrSeKk9EK7qkKSuc236++kLoBGTE+w9PV5tDVVJUQTceiUa/gtPKSKi3AO
UexOPE8H7ceBps5v+MX6fpAd70kP6gW9IzKJSj86lBIUBZWh9m31sSvy8u4tohA6
0EqEBo/t5F2KhOQM1wj7AyQf/TQFyD6ZxXotnEZLr8SeUJvRANtbdMH31PPZVZ7T
tpjJCcH51F0o2ezx2eCg5qWeGMZsubRxz2ctwKOM0FbBbABjUTOOCBLOssBBeQgp
eyr4Asgrs9vSIWaYMe9PPQFb3cTk1We+/jhsATOQoM5gZPHsugwSm/ohB+QUOUwm
scr1kMVFGIDYDaO2OrzH1eV9fcMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQYoG/a
h296er94rSH1TgTZTojnujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMzYmU1NWMtZGUwZi00OTAxLTkzOGUtMjI5YTI5NmZhMzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6JqDAN
BgkqhkiG9w0BAQsFAAOCAQEAMt3Cjmisefbf9BC2z6xBNc/kNsyfNBH2mHXaKnwx
GQCpiRtF2SDH+JpmaBnZMOC0ZfXqZI3pTxYi34xni34HPtoysiFvcPyLlG0tIXkx
wtHxfe38PqJ9jndcYnqFsJV0MCAXcEYAHqJNQfVeu77FRHNLA+qgByDl6EehBV07
DyeedwmQIj/8PVgheRvqEwv27AtDDsCfBbWd66Oe81Zg3ym5XoULS4dt1ryLbYoy
JeNVizpnGfYVaRAApisyZVZY3DqlxJsYJvQPoPRvHXMCitqA7zj/coGarhQ/8KYf
miW417crP7ObB35oEwZpq+rZYhSrk5YxsquVmdED6rHp9w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:21 2025 by rpki-client