Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
File: b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa (raw, json)
Hash identifier: tmX43xbZAXdZ1Lk2mD23dZYewCosy1dkdk52nqvq2gE=
Subject key identifier: 9D:7D:1E:B3:2C:6D:37:2B:52:B8:D7:51:92:54:87:53:4A:A6:9A:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 560C284089902657A397BB51357486EFB49BCDA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
Signing time: Tue 03 Jun 2025 16:30:16 +0000
ROA not before: Tue 03 Jun 2025 16:30:16 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:0c:28:40:89:90:26:57:a3:97:bb:51:35:74:86:ef:b4:9b:cd:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:16 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=c321c947bdb45599993bf26b4c2c06141f118b166af2ee82a3bc74d7786775c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:43:04:6a:47:73:95:c1:ed:3b:1b:ab:cf:68:
1e:36:a2:33:e5:42:bf:03:04:0c:48:96:96:f4:01:
c9:1b:54:74:d1:eb:ae:5c:69:3a:fa:4b:ed:ef:c3:
76:44:f9:61:32:b0:84:14:3d:2f:e1:35:bd:80:81:
b6:03:7b:a8:e3:85:00:0c:95:c2:d8:da:3f:59:df:
dd:cf:2d:13:53:94:58:c2:a1:4f:dc:f3:ae:29:2b:
88:09:7a:54:b2:18:ab:29:fd:cf:d0:f1:2f:a2:2b:
f0:c7:85:e3:50:d2:16:94:39:d5:9b:27:d8:d5:83:
27:a7:75:86:57:f5:45:94:44:3e:6e:73:d4:ae:13:
bd:6e:fa:9d:ea:43:f5:fa:ff:d4:83:83:e6:80:6a:
f6:84:fe:be:3f:12:5a:78:08:35:30:ac:ff:17:5c:
90:e2:cb:1b:ee:cd:07:89:ad:21:d7:b0:5a:f4:a5:
73:93:26:00:39:36:0b:5e:78:e1:0f:87:c6:97:a0:
59:1c:33:83:4e:f2:fa:4a:d5:f5:85:1f:02:93:c2:
6d:f6:76:8e:bc:e7:20:f5:5f:7a:f9:95:d5:22:ee:
d5:c2:8e:53:1d:12:9f:9b:88:0a:ab:b1:a4:01:d0:
04:c2:a3:e6:1b:4d:9c:4c:f4:64:ae:bf:04:29:d7:
36:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7D:1E:B3:2C:6D:37:2B:52:B8:D7:51:92:54:87:53:4A:A6:9A:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.156.0/22
Signature Algorithm: sha256WithRSAEncryption
10:37:c8:85:d7:28:b6:e7:4d:ee:90:ee:0f:8b:54:55:71:0b:
9f:b4:14:1b:ce:bf:7e:49:c2:55:ce:6e:ef:fa:06:d7:02:c2:
8b:f7:32:8b:d4:64:96:0d:ea:81:db:df:80:a5:52:be:6c:28:
81:1d:83:eb:e1:28:c4:c8:8c:4d:0d:3e:37:7d:a1:98:80:55:
a5:53:a6:3e:d9:0a:90:00:68:29:0b:64:05:13:76:93:af:a0:
dc:27:18:77:45:d6:7a:e1:06:1b:9d:7e:d6:74:f6:b3:a5:93:
2d:9c:fe:9a:f5:28:5c:e5:f8:f1:24:fb:39:c5:2b:73:08:5d:
37:f0:cd:a4:f5:8c:1c:3a:66:fa:4c:e8:42:24:c2:da:c3:f5:
a6:da:00:52:90:1f:c6:ea:15:6f:a2:bf:1a:6a:24:57:eb:b6:
3d:08:f1:dd:a0:7a:4d:c8:07:8b:4a:93:e5:84:f5:2f:b3:5b:
a6:b2:cf:0b:45:30:9c:cf:7e:7a:30:0a:db:b5:18:48:e5:9c:
48:7d:29:e5:28:7b:45:12:b6:eb:96:d5:a6:92:0e:b6:78:c6:
63:a3:bf:84:94:f1:18:cb:d1:9f:7e:2f:0d:bf:51:e1:92:f5:
e4:dc:02:95:90:f4:e5:e1:05:91:12:6f:be:db:08:82:f0:4a:
4f:30:72:53
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVgwoQImQJlejl7tRNXSG77SbzaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMTZaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzMjFjOTQ3YmRiNDU1OTk5OTNiZjI2YjRjMmMwNjE0MWYxMThiMTY2YWYy
ZWU4MmEzYmM3NGQ3Nzg2Nzc1YzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIhDBGpHc5XB7Tsbq89oHjaiM+VCvwMEDEiWlvQByRtUdNHrrlxpOvpL7e/D
dkT5YTKwhBQ9L+E1vYCBtgN7qOOFAAyVwtjaP1nf3c8tE1OUWMKhT9zzrikriAl6
VLIYqyn9z9DxL6Ir8MeF41DSFpQ51Zsn2NWDJ6d1hlf1RZREPm5z1K4TvW76nepD
9fr/1IOD5oBq9oT+vj8SWngINTCs/xdckOLLG+7NB4mtIdewWvSlc5MmADk2C154
4Q+HxpegWRwzg07y+krV9YUfApPCbfZ2jrznIPVfevmV1SLu1cKOUx0Sn5uICqux
pAHQBMKj5htNnEz0ZK6/BCnXNq8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSdfR6z
LG03K1K411GSVIdTSqaabDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllODUxNzQtMmZmZC00YjkzLTgzNTctMWUyYmE4NTQ0OWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JnDAN
BgkqhkiG9w0BAQsFAAOCAQEAEDfIhdcotudN7pDuD4tUVXELn7QUG86/fknCVc5u
7/oG1wLCi/cyi9Rklg3qgdvfgKVSvmwogR2D6+EoxMiMTQ0+N32hmIBVpVOmPtkK
kABoKQtkBRN2k6+g3CcYd0XWeuEGG51+1nT2s6WTLZz+mvUoXOX48ST7OcUrcwhd
N/DNpPWMHDpm+kzoQiTC2sP1ptoAUpAfxuoVb6K/GmokV+u2PQjx3aB6TcgHi0qT
5YT1L7NbprLPC0UwnM9+ejAK27UYSOWcSH0p5Sh7RRK265bVppIOtnjGY6O/hJTx
GMvRn34vDb9R4ZL15NwClZD05eEFkRJvvtsIgvBKTzByUw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:21 2025 by rpki-client