Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
File: ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa (raw, json)
Hash identifier: by+deQIhdxn1gTkttElkQ5/Msb8izhR/1incCLMHDzI=
Subject key identifier: 3E:97:A8:C0:FF:C2:B7:0F:A6:68:AD:9B:8B:3A:B8:D1:C1:AE:93:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45F0FC7F3828496A338FF7C60AE681E0300BD7CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
Signing time: Tue 03 Jun 2025 16:31:03 +0000
ROA not before: Tue 03 Jun 2025 16:31:03 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:f0:fc:7f:38:28:49:6a:33:8f:f7:c6:0a:e6:81:e0:30:0b:d7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:03 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=2b99692f7157373fe716d3602ced8e26d575840969f537c6cf10c77f63b941f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cd:c1:e3:94:84:c7:b7:b0:39:7d:9c:41:da:
08:fc:11:d9:5b:15:71:d3:f5:77:fa:91:b6:40:69:
0f:7a:89:88:84:85:53:95:0e:db:65:42:ca:02:5c:
1b:0a:c8:30:da:2c:24:e0:09:47:df:e3:ae:16:c3:
df:12:d7:e0:58:c9:1d:11:96:d9:0d:e6:63:f8:99:
55:6a:27:4d:8f:98:aa:b3:95:b8:41:2a:14:10:0e:
4b:e6:3f:b3:ae:48:a1:38:b3:ce:6f:b4:46:6e:1e:
5b:72:0d:4e:e1:ea:20:55:8c:0d:82:ff:ad:2f:19:
55:4b:61:fc:fa:47:3c:be:b6:3e:de:b4:d1:e4:c9:
77:52:b6:b8:d0:7a:0c:9b:a2:b0:a5:46:4e:1c:ee:
a0:68:07:a1:e6:70:2c:91:c4:86:e2:74:8d:11:53:
6c:2e:76:9c:b7:c6:7f:ec:30:fe:8c:c7:c3:df:4a:
75:5b:d0:0f:b3:ad:43:18:fc:e7:01:56:ee:a2:a3:
63:d9:9d:77:57:2a:fb:47:8d:a8:44:3a:41:73:6a:
b2:14:5e:90:e9:29:00:32:48:aa:69:16:18:f8:21:
01:e5:f9:94:de:e5:54:03:6c:97:4e:9a:16:3a:1e:
2a:fd:c0:ac:88:ff:3d:8e:98:c5:2d:b3:0a:d7:e2:
ab:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:97:A8:C0:FF:C2:B7:0F:A6:68:AD:9B:8B:3A:B8:D1:C1:AE:93:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:a0:3d:a1:5b:af:c8:c0:9e:50:07:92:06:36:8f:1b:57:96:
44:dc:27:51:69:4a:52:83:c6:8a:7d:ed:4d:b5:e8:eb:7d:1d:
0d:ad:20:44:6d:4b:2d:41:87:8e:92:a1:59:ae:b9:52:61:7b:
60:3d:f4:07:f5:5e:80:01:62:0d:9b:f0:7d:03:c6:89:5f:1d:
ca:fa:73:5b:51:62:90:6c:b4:6c:2f:78:75:e7:d9:03:07:78:
e0:cc:e4:f6:f7:e0:36:3d:4a:88:f0:e7:b8:45:15:32:d1:94:
b1:40:ad:cb:73:27:09:86:68:4e:94:cb:a1:01:27:53:7c:16:
2b:26:20:0a:9d:88:b7:e9:66:3f:45:bd:ad:da:8c:eb:67:45:
c8:b2:2d:65:86:21:03:6d:3c:f4:ee:f9:ef:2f:76:8f:cd:15:
cf:10:d1:48:47:98:ba:3a:ff:54:74:06:bf:e7:6d:fc:7a:3a:
fd:7f:2e:84:e6:45:e7:4a:a9:ad:58:26:30:5c:74:82:fe:cd:
69:5d:7c:d0:0c:12:82:5f:d2:d4:af:23:e5:90:a1:7b:20:c3:
4f:de:f0:7c:a9:bc:50:5c:0d:c9:0e:da:d3:39:77:2d:3f:fe:
e3:aa:ba:1e:84:56:28:e5:46:7e:8e:a4:e8:6e:64:4d:9b:52:
3d:4e:0c:6e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURfD8fzgoSWozj/fGCuaB4DAL18wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMDNaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiOTk2OTJmNzE1NzM3M2ZlNzE2ZDM2MDJjZWQ4ZTI2ZDU3NTg0MDk2OWY1
MzdjNmNmMTBjNzdmNjNiOTQxZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDNweOUhMe3sDl9nEHaCPwR2VsVcdP1d/qRtkBpD3qJiISFU5UO22VCygJc
GwrIMNosJOAJR9/jrhbD3xLX4FjJHRGW2Q3mY/iZVWonTY+YqrOVuEEqFBAOS+Y/
s65IoTizzm+0Rm4eW3INTuHqIFWMDYL/rS8ZVUth/PpHPL62Pt600eTJd1K2uNB6
DJuisKVGThzuoGgHoeZwLJHEhuJ0jRFTbC52nLfGf+ww/ozHw99KdVvQD7OtQxj8
5wFW7qKjY9mdd1cq+0eNqEQ6QXNqshRekOkpADJIqmkWGPghAeX5lN7lVANsl06a
FjoeKv3ArIj/PY6YxS2zCtfiq/ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ+l6jA
/8K3D6ZorZuLOrjRwa6TXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQxZmExYTQtNDRkNi00YTRlLTgyYzQtZjMyZDMxNTgzMGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAoaA9oVuvyMCeUAeSBjaPG1eWRNwnUWlKUoPGin3t
TbXo630dDa0gRG1LLUGHjpKhWa65UmF7YD30B/VegAFiDZvwfQPGiV8dyvpzW1Fi
kGy0bC94defZAwd44Mzk9vfgNj1KiPDnuEUVMtGUsUCty3MnCYZoTpTLoQEnU3wW
KyYgCp2It+lmP0W9rdqM62dFyLItZYYhA2089O757y92j80VzxDRSEeYujr/VHQG
v+dt/Ho6/X8uhOZF50qprVgmMFx0gv7NaV180AwSgl/S1K8j5ZCheyDDT97wfKm8
UFwNyQ7a0zl3LT/+46q6HoRWKOVGfo6k6G5kTZtSPU4Mbg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:36 2025 by rpki-client