Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
File: b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa (raw, json)
Hash identifier: 9wDMwgH/wYPiHD3L7o2mw4sUlbmgbpzy1XF/0zcZQyk=
Subject key identifier: A1:CB:18:D8:91:D4:58:2F:AC:2B:65:59:A4:45:5B:7B:6D:E3:38:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27FABAB12C4E5390AF83AF55F95DCE7CAA4E0EE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
Signing time: Fri 25 Jul 2025 17:00:32 +0000
ROA not before: Fri 25 Jul 2025 17:00:32 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:fa:ba:b1:2c:4e:53:90:af:83:af:55:f9:5d:ce:7c:aa:4e:0e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 17:00:32 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=b37b379f8c1ea10273a0144bb98f65498f8e098a360dd6533ac2a3050c5740e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f0:5c:b7:46:98:c0:48:36:ab:12:30:02:2d:
41:97:c7:c6:4d:7a:b6:a1:da:50:79:8e:73:b7:23:
a0:eb:c6:19:6b:d3:e8:7a:98:54:ea:e0:0a:37:c4:
ac:d1:ae:24:0a:68:0a:74:0c:29:9b:f3:de:8e:86:
99:03:00:d0:a8:35:97:9a:ba:fe:09:52:71:88:bb:
d7:3e:f6:f3:e7:6f:fe:ec:fe:89:47:39:78:ae:4a:
1a:9f:1a:52:ca:95:5e:cb:7b:2a:43:7a:9a:f4:c5:
d6:91:bb:ac:59:22:35:2f:b6:9c:b5:cf:3d:9a:1c:
b0:6f:de:23:f3:6e:bf:5b:9c:34:05:b0:45:fa:1d:
32:53:e6:36:7a:3f:dd:e0:28:ea:e4:4d:eb:1c:d1:
1d:bf:be:e7:5d:4d:3f:65:bc:81:1c:3d:7e:c1:74:
e8:f9:6f:d9:51:30:08:c8:44:0a:b0:94:87:5a:36:
ab:00:83:d3:5c:9a:7a:f1:0c:49:e8:a0:6f:71:e7:
a8:9a:7d:28:cf:c2:fb:4a:8c:56:82:d1:56:71:d8:
57:ce:84:ef:ca:80:b9:9a:2d:04:ce:64:12:32:06:
c3:e3:c2:a9:2b:a4:80:97:73:39:68:59:91:1b:3a:
b4:ad:cd:b5:94:fb:5d:c1:09:2f:33:01:b7:52:e7:
fc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CB:18:D8:91:D4:58:2F:AC:2B:65:59:A4:45:5B:7B:6D:E3:38:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.160.0/21
Signature Algorithm: sha256WithRSAEncryption
24:27:4a:62:c1:6b:4a:5a:a2:e2:4d:2d:4b:fc:8a:52:d6:4d:
67:41:da:67:d1:2f:28:82:95:06:3f:22:70:cb:8f:6a:70:24:
5d:1e:7e:f9:99:76:f6:53:7f:11:7f:62:dc:c7:ee:8f:50:f8:
05:52:e5:06:cb:65:64:2f:b4:e2:c3:e4:b1:b8:4a:9c:3f:ec:
8d:33:fa:45:dc:d4:43:bc:eb:53:99:da:09:33:d5:13:d1:de:
76:9b:09:34:d0:7f:a0:3e:1f:1f:a2:09:64:53:bf:1c:ee:2d:
52:3f:2e:10:b5:ab:0b:ba:8b:5f:cf:e5:52:d6:b2:d6:2c:fc:
bf:7b:5c:cb:7f:41:9b:bb:79:20:37:53:c9:d9:fb:96:64:da:
7b:01:21:47:4d:31:91:a1:bb:76:1e:9f:c9:c7:3d:64:ab:79:
13:02:83:2f:87:73:ee:a9:b0:d6:6e:4d:c4:0a:0c:d4:aa:6e:
bb:d3:97:f5:6c:73:a9:98:fb:0b:f4:2c:7a:0a:db:60:66:da:
eb:64:36:ea:62:c8:05:79:26:b9:1b:f6:26:83:8d:88:1d:56:
80:8b:86:08:54:8d:c7:e1:a1:fe:eb:c2:1b:70:59:0f:a3:3c:
75:36:c3:c9:68:82:38:78:a4:3d:1e:8a:9d:f5:2f:9a:24:77:
ef:52:ba:eb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJ/q6sSxOU5Cvg69V+V3OfKpODuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNzAwMzJaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzN2IzNzlmOGMxZWExMDI3M2EwMTQ0YmI5OGY2NTQ5OGY4ZTA5OGEzNjBk
ZDY1MzNhYzJhMzA1MGM1NzQwZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/wXLdGmMBINqsSMAItQZfHxk16tqHaUHmOc7cjoOvGGWvT6HqYVOrgCjfE
rNGuJApoCnQMKZvz3o6GmQMA0Kg1l5q6/glScYi71z728+dv/uz+iUc5eK5KGp8a
UsqVXst7KkN6mvTF1pG7rFkiNS+2nLXPPZocsG/eI/Nuv1ucNAWwRfodMlPmNno/
3eAo6uRN6xzRHb++511NP2W8gRw9fsF06Plv2VEwCMhECrCUh1o2qwCD01yaevEM
Seigb3HnqJp9KM/C+0qMVoLRVnHYV86E78qAuZotBM5kEjIGw+PCqSukgJdzOWhZ
kRs6tK3NtZT7XcEJLzMBt1Ln/IsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBShyxjY
kdRYL6wrZVmkRVt7beM4HDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjczMGVlZjAtYmI5NC00ZDMxLWJmOWEtYzBmYjlhNDdiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zoDAN
BgkqhkiG9w0BAQsFAAOCAQEAJCdKYsFrSlqi4k0tS/yKUtZNZ0HaZ9EvKIKVBj8i
cMuPanAkXR5++Zl29lN/EX9i3Mfuj1D4BVLlBstlZC+04sPksbhKnD/sjTP6RdzU
Q7zrU5naCTPVE9HedpsJNNB/oD4fH6IJZFO/HO4tUj8uELWrC7qLX8/lUtay1iz8
v3tcy39Bm7t5IDdTydn7lmTaewEhR00xkaG7dh6fycc9ZKt5EwKDL4dz7qmw1m5N
xAoM1Kpuu9OX9WxzqZj7C/QsegrbYGba62Q26mLIBXkmuRv2JoONiB1WgIuGCFSN
x+Gh/uvCG3BZD6M8dTbDyWiCOHikPR6KnfUvmiR371K66w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:16 2025 by rpki-client