Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
File: bb73d62f-513c-4673-8547-902e7fa2148b.roa (raw, json)
Hash identifier: Q+QihpxdaKITZMezPgrMG8rDgjLJhCzBb7K5csxJLFY=
Subject key identifier: 92:7A:C3:1A:E8:25:74:D3:C2:94:98:4D:F1:EF:40:28:AC:9E:32:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 570C8D252CE2FCC0E7BE551D32FA9B3D44F2D0A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
Signing time: Tue 03 Jun 2025 16:30:59 +0000
ROA not before: Tue 03 Jun 2025 16:30:59 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:0c:8d:25:2c:e2:fc:c0:e7:be:55:1d:32:fa:9b:3d:44:f2:d0:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:59 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=dcc45fa009f26ff06f113f29354445d4a5112b3b62084d703b6905665f066d6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:89:36:1a:5c:7f:ef:fe:81:34:aa:47:7d:1a:
cc:87:40:06:68:cd:61:09:9b:d2:22:5a:4c:b4:28:
78:d1:c3:14:ad:f0:ac:d0:6d:4d:1e:c8:55:6a:bb:
66:09:18:e5:00:10:dd:1f:6b:f8:d0:24:5f:27:7e:
dc:96:57:79:70:2d:87:fa:8d:03:7e:6c:57:17:03:
de:3e:8d:e9:46:a9:8f:1c:ea:01:80:0b:7a:5b:ce:
0b:3d:e5:7a:da:e9:14:77:5e:54:25:e4:8c:50:6f:
ec:0d:3f:f4:72:00:54:41:56:56:38:93:fa:9a:8d:
1d:42:af:f7:0e:2a:31:33:bb:f2:df:d1:50:a2:af:
fb:a9:9a:66:14:4e:4f:eb:93:f1:ce:d0:b0:a1:b7:
6c:5a:af:5a:14:fc:70:f4:e3:0d:94:62:f3:db:d1:
ff:42:72:93:1b:4d:b2:c9:a8:0d:e7:58:bc:c4:7c:
c1:78:e8:91:d9:37:76:e1:3d:75:7e:9f:23:c9:30:
48:61:11:13:27:37:e3:42:ca:f7:f9:9b:fb:29:29:
6d:8b:e9:ab:0b:d6:18:b3:8f:68:65:fa:c1:6c:7f:
19:df:2b:51:d6:66:54:b3:d5:90:8f:fe:4b:75:68:
dc:c4:9d:8c:66:d2:f7:7f:67:55:83:42:7d:33:e8:
ad:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7A:C3:1A:E8:25:74:D3:C2:94:98:4D:F1:EF:40:28:AC:9E:32:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/17
Signature Algorithm: sha256WithRSAEncryption
99:bf:09:f7:6d:8c:d8:4e:5f:50:63:f4:e9:8a:33:a5:69:17:
0e:0d:a6:41:a3:d3:36:f0:7f:61:f2:8e:52:8a:ad:16:ac:8f:
81:5e:3a:1f:24:bf:fd:ff:5e:51:b6:7c:1a:01:f3:53:cf:0a:
af:1a:cf:29:47:1c:85:dc:86:42:e9:c8:49:df:fd:c0:4f:fc:
f7:81:5e:17:08:4d:1a:27:f6:8e:0a:fb:8e:06:b3:3d:0b:91:
76:24:b0:5f:b9:a5:66:a2:a5:09:a6:ab:e6:34:02:45:ba:0f:
33:a2:14:88:1c:8b:2e:1e:8c:d9:8a:5e:a8:a3:90:c7:ed:37:
5d:f1:f6:ec:e7:2d:ba:e6:f3:fb:a9:83:15:6f:a2:b6:d7:0e:
41:4f:91:c4:65:29:37:20:6c:0d:75:c9:73:f9:d8:a1:05:50:
ff:2f:62:ec:f4:20:69:ec:1a:a8:c3:ec:ae:11:f7:bc:90:9a:
98:74:6f:29:22:32:b6:1f:70:e8:48:ed:ff:98:65:1b:5f:bb:
38:a6:5a:80:c3:16:ad:72:d3:4e:3b:ba:86:f5:ff:e1:a2:b3:
77:cb:5b:5a:0f:12:24:35:a8:df:cc:98:6c:cb:8c:e2:b4:1f:
68:ad:c9:da:e9:0a:fe:af:26:c5:4f:71:d8:e0:11:ea:64:fe:
6e:d6:de:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVwyNJSzi/MDnvlUdMvqbPUTy0KIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwNTlaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYzQ1ZmEwMDlmMjZmZjA2ZjExM2YyOTM1NDQ0NWQ0YTUxMTJiM2I2MjA4
NGQ3MDNiNjkwNTY2NWYwNjZkNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSJNhpcf+/+gTSqR30azIdABmjNYQmb0iJaTLQoeNHDFK3wrNBtTR7IVWq7
ZgkY5QAQ3R9r+NAkXyd+3JZXeXAth/qNA35sVxcD3j6N6UapjxzqAYALelvOCz3l
etrpFHdeVCXkjFBv7A0/9HIAVEFWVjiT+pqNHUKv9w4qMTO78t/RUKKv+6maZhRO
T+uT8c7QsKG3bFqvWhT8cPTjDZRi89vR/0JykxtNssmoDedYvMR8wXjokdk3duE9
dX6fI8kwSGEREyc340LK9/mb+ykpbYvpqwvWGLOPaGX6wWx/Gd8rUdZmVLPVkI/+
S3Vo3MSdjGbS939nVYNCfTPoresCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSSesMa
6CV008KUmE3x70AorJ4yTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmI3M2Q2MmYtNTEzYy00NjczLTg1NDctOTAyZTdmYTIxNDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAmb8J922M2E5fUGP06YozpWkXDg2mQaPTNvB/YfKO
UoqtFqyPgV46HyS//f9eUbZ8GgHzU88KrxrPKUcchdyGQunISd/9wE/894FeFwhN
Gif2jgr7jgazPQuRdiSwX7mlZqKlCaar5jQCRboPM6IUiByLLh6M2YpeqKOQx+03
XfH27Octuubz+6mDFW+ittcOQU+RxGUpNyBsDXXJc/nYoQVQ/y9i7PQgaewaqMPs
rhH3vJCamHRvKSIyth9w6Ejt/5hlG1+7OKZagMMWrXLTTju6hvX/4aKzd8tbWg8S
JDWo38yYbMuM4rQfaK3J2ukK/q8mxU9x2OAR6mT+btbe5Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:19 2025 by rpki-client