Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
File: b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa (raw, json)
Hash identifier: 8zZW20kqqHazrWiA0ODs7MVHwgSDAv1nTRSPXbtolJs=
Subject key identifier: BD:02:46:2F:30:26:AC:6D:24:C4:14:53:0B:B3:52:F4:DA:E7:25:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16ED26D642E9875370B9B5B9D5FAB57C4A99324E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
Signing time: Tue 03 Jun 2025 16:31:21 +0000
ROA not before: Tue 03 Jun 2025 16:31:21 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:ed:26:d6:42:e9:87:53:70:b9:b5:b9:d5:fa:b5:7c:4a:99:32:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:21 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=d44569344e2401279b88ddd2cf61e723ce9301b95ea63421559cc021db8f9e15, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:84:20:a1:c3:a2:fa:ed:75:e4:4a:31:1e:ad:
4d:1f:77:2c:9e:b3:f3:96:e8:26:2a:32:61:42:3f:
0b:77:7c:2a:2c:8c:25:0c:b8:4b:d4:15:4d:7c:89:
12:72:cd:76:e5:09:3f:64:53:23:04:76:35:ad:35:
cb:43:8c:3d:43:66:ed:6c:2e:c0:40:2d:18:df:77:
15:5a:92:df:50:f1:56:75:17:6f:b7:1c:a6:52:fc:
54:b2:15:a1:c3:04:fc:b6:4e:29:c1:b4:f8:b1:6f:
d1:2b:35:0f:c2:01:85:61:99:fb:a6:be:ea:e2:39:
52:5d:9d:e0:fe:73:72:22:07:3c:68:4b:a6:6e:45:
0e:5a:dc:38:f7:bc:69:bc:b9:0e:6c:e2:62:24:d9:
dd:6c:42:13:71:8b:b9:22:16:56:1e:ba:99:fb:00:
0e:f4:5e:a9:0d:c7:18:95:4c:1e:ea:ec:58:01:ca:
cb:27:e8:4b:10:3d:ae:e2:97:24:80:0d:73:ba:00:
10:8f:ce:99:4a:49:d1:f2:d1:c1:fa:5d:a3:1f:f9:
8b:a2:94:a5:28:a6:21:2c:0d:29:1a:ef:7e:c3:79:
33:a7:02:11:25:c6:09:38:97:16:bf:05:51:6a:31:
60:b7:94:c0:92:58:e0:6c:49:75:1a:b5:76:51:c6:
48:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:02:46:2F:30:26:AC:6D:24:C4:14:53:0B:B3:52:F4:DA:E7:25:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.240.0/20
Signature Algorithm: sha256WithRSAEncryption
56:b9:7c:4a:40:27:11:d6:f8:56:57:21:ab:31:7e:df:9a:4d:
7d:8b:49:8a:b9:7e:06:08:5e:cc:8e:72:96:22:1f:a1:3c:d6:
b2:56:fa:54:2d:c7:e7:6c:d4:65:c7:51:bf:b7:3d:65:eb:4b:
b5:fb:17:c8:ff:c3:3f:95:f4:14:6b:b5:c9:d7:9e:79:8e:36:
34:cd:2f:f9:3a:cb:97:56:f8:86:5a:b1:f5:e2:b9:de:0a:fc:
b0:4d:06:54:2b:09:b1:43:8e:f3:6f:4d:d5:eb:8c:ff:90:f5:
69:6e:b1:6c:be:c6:45:f1:7b:1e:68:62:48:f6:db:f7:91:b3:
1e:39:cf:05:b4:86:e2:d3:79:1f:40:8e:49:92:e1:43:d6:a0:
8b:ac:85:1c:81:5b:37:5e:10:1c:09:e0:18:6a:54:cd:ba:75:
ce:48:17:72:03:14:be:51:51:61:58:ce:95:c0:c9:4c:bd:5e:
fd:fe:c0:fa:33:05:83:4d:0d:a1:21:4b:71:62:d0:9a:a9:1d:
57:ab:f9:11:9e:6b:f4:34:19:23:e4:27:79:c1:09:07:8f:b7:
f8:11:f8:45:26:4e:67:42:5b:66:26:f0:7a:49:4e:85:45:66:
a9:6c:b4:12:5b:98:c6:d3:4b:2f:c5:e0:1d:7b:e1:73:7a:06:
a0:11:2e:d9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFu0m1kLph1NwubW51fq1fEqZMk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMjFaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NDU2OTM0NGUyNDAxMjc5Yjg4ZGRkMmNmNjFlNzIzY2U5MzAxYjk1ZWE2
MzQyMTU1OWNjMDIxZGI4ZjllMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaEIKHDovrtdeRKMR6tTR93LJ6z85boJioyYUI/C3d8KiyMJQy4S9QVTXyJ
EnLNduUJP2RTIwR2Na01y0OMPUNm7WwuwEAtGN93FVqS31DxVnUXb7ccplL8VLIV
ocME/LZOKcG0+LFv0Ss1D8IBhWGZ+6a+6uI5Ul2d4P5zciIHPGhLpm5FDlrcOPe8
aby5DmziYiTZ3WxCE3GLuSIWVh66mfsADvReqQ3HGJVMHursWAHKyyfoSxA9ruKX
JIANc7oAEI/OmUpJ0fLRwfpdox/5i6KUpSimISwNKRrvfsN5M6cCESXGCTiXFr8F
UWoxYLeUwJJY4GxJdRq1dlHGSPsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS9AkYv
MCasbSTEFFMLs1L02ucl6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQ0MzYzYjktYmE0OC00OTEzLWI4YTQtOWNkMGRjMzJiYTAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4z8DAN
BgkqhkiG9w0BAQsFAAOCAQEAVrl8SkAnEdb4VlchqzF+35pNfYtJirl+BghezI5y
liIfoTzWslb6VC3H52zUZcdRv7c9ZetLtfsXyP/DP5X0FGu1ydeeeY42NM0v+TrL
l1b4hlqx9eK53gr8sE0GVCsJsUOO829N1euM/5D1aW6xbL7GRfF7HmhiSPbb95Gz
HjnPBbSG4tN5H0COSZLhQ9agi6yFHIFbN14QHAngGGpUzbp1zkgXcgMUvlFRYVjO
lcDJTL1e/f7A+jMFg00NoSFLcWLQmqkdV6v5EZ5r9DQZI+QnecEJB4+3+BH4RSZO
Z0JbZibweklOhUVmqWy0EluYxtNLL8XgHXvhc3oGoBEu2Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:14 2025 by rpki-client