Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
File: b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa (raw, json)
Hash identifier: FeF80YWT4nlFzZlfMLhLffTvtGoTuj2EhvF0LvNRtcc=
Subject key identifier: F5:3C:36:A6:E3:5F:CD:88:2C:AD:C2:5B:64:13:6F:E2:9B:00:D0:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E6C0C3DEC599965A7BF7A98E3637B9717F01BD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
Signing time: Tue 03 Jun 2025 16:31:08 +0000
ROA not before: Tue 03 Jun 2025 16:31:08 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:6c:0c:3d:ec:59:99:65:a7:bf:7a:98:e3:63:7b:97:17:f0:1b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:08 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=426c79360f214a5290d8a4247b3b22b8a1be9de712e984a3c1fe9c7409f21fe2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1b:92:65:42:00:ea:0b:28:7a:1b:d4:2c:7a:
c9:92:2c:c7:1f:81:04:82:a4:b2:c9:6d:64:8a:8b:
e9:ff:d5:2e:06:ff:98:c0:81:0f:6d:e0:0c:21:f1:
5e:e9:07:0e:f9:1d:5d:7a:64:29:af:cb:51:e1:e7:
32:d6:27:38:27:74:b6:3c:6b:4b:af:ad:77:41:89:
b0:ed:56:5b:b7:65:34:d9:a6:8b:ab:b4:7a:02:e9:
68:ef:90:72:57:99:7a:06:61:5d:f8:92:54:66:92:
cd:d8:8d:8b:af:e2:ab:e4:9e:c7:9d:8a:8a:13:8f:
fb:8e:82:0c:de:5d:e3:16:6b:f9:4c:51:a7:b4:39:
4f:db:3f:3b:bf:31:4b:6d:e6:41:f1:f5:9f:48:f6:
0b:a0:1c:c9:63:8c:94:7a:05:61:f3:27:fc:ef:5d:
0b:79:8c:e7:dc:e6:5c:9d:93:8f:7f:f6:a4:ea:cc:
ae:8a:bb:7b:35:a9:b4:55:c7:88:a3:8d:6a:74:ff:
70:8f:2a:58:13:94:1e:6b:c3:d4:04:84:ce:55:c0:
de:8a:4b:41:7b:04:da:57:2a:e4:53:dc:2b:77:e2:
cf:c8:06:75:6f:18:31:a5:ff:9b:5f:7f:5a:7e:27:
f6:b1:b6:be:cb:05:25:1a:2a:50:35:cd:ef:65:01:
16:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3C:36:A6:E3:5F:CD:88:2C:AD:C2:5B:64:13:6F:E2:9B:00:D0:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.160.0/21
Signature Algorithm: sha256WithRSAEncryption
01:a1:5d:dd:d1:70:20:56:80:2c:2c:28:ea:d8:0d:51:1e:a4:
dc:5d:6a:54:5e:78:6c:23:a9:a6:97:0e:11:fc:d2:86:49:f2:
9a:f9:e4:09:61:71:b9:22:48:69:43:d8:89:71:3e:03:e8:86:
e6:d7:06:c2:87:29:88:c6:69:3d:cf:5f:96:31:b6:d7:30:04:
9b:94:6f:38:f0:7a:33:7c:22:06:64:a5:69:21:ce:27:5f:63:
c1:2d:90:06:a7:22:fe:08:c1:2f:ee:a5:65:78:84:c2:2e:c3:
c1:f9:cf:37:2b:1a:2a:78:57:71:29:97:3f:e3:94:39:30:33:
23:9a:54:85:f5:af:b4:93:c3:11:1c:ab:bf:db:6b:8a:eb:94:
de:87:1d:e7:73:15:5d:f6:98:1d:95:da:b2:8d:b6:a0:db:95:
1f:af:23:84:31:b8:0b:7c:62:1a:7a:de:1c:c4:f1:3e:84:cb:
36:45:46:e4:34:14:c3:d5:d1:7e:32:e3:03:e7:d5:e8:9f:b1:
5e:82:45:22:9d:e6:7b:11:0f:2b:da:f5:fe:95:a9:fb:c6:c4:
b0:cd:4e:c8:45:03:ca:48:a1:32:fd:ea:65:f8:67:4b:ca:f5:
69:d9:90:b9:9f:51:b8:20:26:41:63:7c:89:bc:22:3b:37:c4:
6a:d0:59:f5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDmwMPexZmWWnv3qY42N7lxfwG9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMDhaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNmM3OTM2MGYyMTRhNTI5MGQ4YTQyNDdiM2IyMmI4YTFiZTlkZTcxMmU5
ODRhM2MxZmU5Yzc0MDlmMjFmZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYbkmVCAOoLKHob1Cx6yZIsxx+BBIKkssltZIqL6f/VLgb/mMCBD23gDCHx
XukHDvkdXXpkKa/LUeHnMtYnOCd0tjxrS6+td0GJsO1WW7dlNNmmi6u0egLpaO+Q
cleZegZhXfiSVGaSzdiNi6/iq+Sex52KihOP+46CDN5d4xZr+UxRp7Q5T9s/O78x
S23mQfH1n0j2C6AcyWOMlHoFYfMn/O9dC3mM59zmXJ2Tj3/2pOrMroq7ezWptFXH
iKONanT/cI8qWBOUHmvD1ASEzlXA3opLQXsE2lcq5FPcK3fiz8gGdW8YMaX/m19/
Wn4n9rG2vssFJRoqUDXN72UBFvcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT1PDam
41/NiCytwltkE2/imwDQuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjczMGVlZjAtYmI5NC00ZDMxLWJmOWEtYzBmYjlhNDdiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zoDAN
BgkqhkiG9w0BAQsFAAOCAQEAAaFd3dFwIFaALCwo6tgNUR6k3F1qVF54bCOpppcO
EfzShknymvnkCWFxuSJIaUPYiXE+A+iG5tcGwocpiMZpPc9fljG21zAEm5RvOPB6
M3wiBmSlaSHOJ19jwS2QBqci/gjBL+6lZXiEwi7DwfnPNysaKnhXcSmXP+OUOTAz
I5pUhfWvtJPDERyrv9triuuU3ocd53MVXfaYHZXaso22oNuVH68jhDG4C3xiGnre
HMTxPoTLNkVG5DQUw9XRfjLjA+fV6J+xXoJFIp3mexEPK9r1/pWp+8bEsM1OyEUD
ykihMv3qZfhnS8r1admQuZ9RuCAmQWN8ibwiOzfEatBZ9Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:12 2025 by rpki-client