Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
File: bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa (raw, json)
Hash identifier: ZI7dWpUZCcl2ijkck+BplWTkKx7X4/ZM6dTnCp1VxR8=
Subject key identifier: 37:63:BA:80:9B:49:94:92:CB:78:0A:3B:B2:C2:00:6A:D9:A7:78:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0121791488CA2359FECCCB9D34840B31A503BF27
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
Signing time: Tue 03 Jun 2025 16:30:17 +0000
ROA not before: Tue 03 Jun 2025 16:30:17 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:21:79:14:88:ca:23:59:fe:cc:cb:9d:34:84:0b:31:a5:03:bf:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:17 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=5b35f5708cbdacd5d234f0c16aad8973a2351145bb43e57d30f30eb20ec42afb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:84:60:f8:9c:6e:1c:a6:e1:ee:96:e3:30:a3:
c9:a2:61:fa:bb:11:5c:ca:8c:e2:e0:55:43:47:ba:
38:75:52:7e:d5:c8:1a:a4:ff:cc:3d:f0:d9:8e:09:
a7:75:36:0c:05:27:97:90:c2:66:5a:ed:d3:f8:23:
0c:36:73:7d:38:f4:50:55:8f:45:87:38:b1:31:3c:
8e:f2:c6:68:75:61:05:f4:65:1c:8f:af:90:fc:b9:
55:0f:5c:a0:5f:7b:c0:7c:6a:35:26:a7:e3:f4:d3:
e8:be:8f:b8:bf:04:e8:e6:71:e0:2f:47:ce:ec:d6:
4b:91:ba:25:ff:ba:5c:86:66:d8:fa:0d:e3:17:74:
4c:0d:41:a9:81:f2:b6:af:5f:58:b2:77:59:ba:d2:
9a:6c:d2:a1:a5:5c:89:2c:8c:1c:20:7b:db:ba:db:
7f:66:53:a8:36:33:c1:72:2c:b9:42:f2:41:07:33:
db:cd:0c:2f:43:4b:9b:19:29:c6:fc:ca:1c:84:ad:
8f:03:19:7c:be:6c:16:8b:53:3b:d0:f7:21:4d:c8:
75:67:c2:bb:53:9c:91:4b:ab:bf:20:19:76:c4:6f:
47:55:52:dd:11:07:0c:d5:7a:c1:8d:ca:de:d6:6c:
c4:62:1d:2d:07:d7:63:fd:e0:8f:0c:1b:de:49:bd:
00:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:63:BA:80:9B:49:94:92:CB:78:0A:3B:B2:C2:00:6A:D9:A7:78:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.204.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:28:e5:e3:99:8a:de:42:ad:fc:16:ff:41:3a:71:01:34:b5:
96:e1:5d:14:76:5e:96:2d:45:7f:a6:ad:e0:62:12:02:1f:f7:
9a:4d:f1:31:91:9d:46:00:06:a5:e2:32:61:a5:dc:3a:8d:9f:
5c:3e:11:e3:08:f8:fa:9e:c7:00:ad:66:36:11:19:32:48:b2:
04:a3:dc:a2:e4:29:ac:0d:0a:19:58:1c:ff:11:fb:94:e6:fe:
9a:9d:da:23:0e:3e:dd:0d:c5:e1:91:10:85:91:b3:c0:ad:8d:
cf:a6:05:7b:aa:45:1d:76:1a:3b:cf:d2:10:7d:e8:85:42:4e:
a7:71:b1:a9:2b:33:6d:5e:4e:38:5d:23:40:4e:22:d6:1b:18:
94:70:f9:ff:98:4f:a3:e7:77:2e:26:cd:33:23:13:08:66:62:
73:a5:3d:1c:07:ab:d8:cc:eb:62:89:fb:c4:3b:79:0a:55:ed:
22:3a:cf:8e:e8:65:fc:16:74:59:3e:8a:d1:bd:99:a1:b9:18:
60:81:fe:cc:39:3e:b2:7e:86:11:65:95:eb:17:ed:45:a5:11:
2d:e6:cc:57:5c:2a:f4:88:0d:14:b6:b7:47:2a:51:26:4d:7a:
2f:5f:ea:4f:03:95:93:39:33:53:00:1d:40:88:11:3f:97:d1:
96:58:0f:a2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUASF5FIjKI1n+zMudNIQLMaUDvycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMTdaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMzVmNTcwOGNiZGFjZDVkMjM0ZjBjMTZhYWQ4OTczYTIzNTExNDViYjQz
ZTU3ZDMwZjMwZWIyMGVjNDJhZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSEYPicbhym4e6W4zCjyaJh+rsRXMqM4uBVQ0e6OHVSftXIGqT/zD3w2Y4J
p3U2DAUnl5DCZlrt0/gjDDZzfTj0UFWPRYc4sTE8jvLGaHVhBfRlHI+vkPy5VQ9c
oF97wHxqNSan4/TT6L6PuL8E6OZx4C9HzuzWS5G6Jf+6XIZm2PoN4xd0TA1BqYHy
tq9fWLJ3WbrSmmzSoaVciSyMHCB727rbf2ZTqDYzwXIsuULyQQcz280ML0NLmxkp
xvzKHIStjwMZfL5sFotTO9D3IU3IdWfCu1OckUurvyAZdsRvR1VS3REHDNV6wY3K
3tZsxGIdLQfXY/3gjwwb3km9APsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ3Y7qA
m0mUkst4CjuywgBq2ad4jDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRjODMxZWItMDdjMi00N2JiLWE3M2QtMTc3YWJjOWIxNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JzDAN
BgkqhkiG9w0BAQsFAAOCAQEAHSjl45mK3kKt/Bb/QTpxATS1luFdFHZeli1Ff6at
4GISAh/3mk3xMZGdRgAGpeIyYaXcOo2fXD4R4wj4+p7HAK1mNhEZMkiyBKPcouQp
rA0KGVgc/xH7lOb+mp3aIw4+3Q3F4ZEQhZGzwK2Nz6YFe6pFHXYaO8/SEH3ohUJO
p3GxqSszbV5OOF0jQE4i1hsYlHD5/5hPo+d3LibNMyMTCGZic6U9HAer2MzrYon7
xDt5ClXtIjrPjuhl/BZ0WT6K0b2ZobkYYIH+zDk+sn6GEWWV6xftRaURLebMV1wq
9IgNFLa3RypRJk16L1/qTwOVkzkzUwAdQIgRP5fRllgPog==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:14 2025 by rpki-client