Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: eeDt5PzuWvjQCZckNCDTPb+t95i17hQC34odZPbr11I=
Subject key identifier: 88:C4:07:31:5D:80:AB:F9:44:E0:BB:2C:B4:7B:96:53:F9:11:77:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73F017902770D98484DB1E80269DFE647FC28FAE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Tue 03 Jun 2025 16:30:54 +0000
ROA not before: Tue 03 Jun 2025 16:30:54 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:f0:17:90:27:70:d9:84:84:db:1e:80:26:9d:fe:64:7f:c2:8f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:54 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=280f4a418ada3593009c5b6300a74eba65859f339fd61357664d294c64457a32, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:df:90:5d:e2:bc:cf:ff:49:9a:3e:0e:d6:b7:
ba:02:30:8f:c0:a6:a3:3f:3e:1d:17:b9:54:57:eb:
cd:e8:a0:28:2e:eb:f3:fe:e2:fc:f3:54:6e:d5:da:
d9:25:55:20:d9:89:0f:a7:9b:bd:47:ef:9c:76:36:
a0:d6:1c:c7:5e:54:df:81:b0:09:45:05:42:4c:c1:
db:96:7a:54:db:33:0c:4a:53:4c:35:e8:85:fe:f8:
d2:78:52:ca:f3:8f:3d:11:f5:ab:2e:a6:32:13:da:
fb:69:3b:d9:53:f2:89:3f:28:df:c0:6b:8b:78:53:
23:c1:a5:ce:d5:07:d4:42:c7:5d:e3:bd:af:10:db:
09:9c:2b:2f:d4:a6:7d:03:c8:92:6f:00:16:e4:f1:
94:c0:2d:71:29:4f:c1:9c:4e:e9:83:89:c9:b8:a3:
32:e0:47:64:da:8b:00:b8:3e:1a:b6:a9:ba:ac:b2:
61:31:28:23:6d:c2:51:71:17:56:73:f8:8e:3a:6d:
93:e4:37:18:4c:84:15:99:a3:e3:48:72:fd:73:08:
7d:9f:d3:d9:38:95:44:ff:d7:2a:8f:bf:33:b6:3e:
8b:27:13:79:24:dc:c8:25:ca:e9:90:2b:15:d2:0e:
77:29:23:7a:a1:ca:62:d0:a5:f6:8d:36:d1:93:68:
ba:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C4:07:31:5D:80:AB:F9:44:E0:BB:2C:B4:7B:96:53:F9:11:77:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:42:d5:e3:80:9c:65:e2:e9:e7:00:10:66:ae:d6:47:20:9a:
cd:ad:5c:83:79:64:b1:22:7b:f9:75:dc:7b:f5:49:39:19:3d:
7a:38:4c:0d:f3:88:c7:a0:fa:26:0b:db:1a:1e:bd:36:ef:b9:
5a:7b:1b:21:f8:11:83:0a:96:a4:54:9b:f2:2c:d0:f6:a5:3c:
4a:8d:e6:27:54:1a:71:15:76:73:66:59:98:30:46:ce:ec:0c:
c3:24:80:a8:06:e4:bf:e7:d6:4e:ce:03:e4:a1:d0:cc:85:f6:
f5:8a:93:29:b2:31:b5:ec:dc:dc:5e:41:e4:9a:9f:06:c0:25:
e5:d2:24:16:1f:e9:69:5e:59:0f:7a:03:65:a8:cc:e7:a8:be:
8d:1d:80:72:a4:0f:6d:c8:6d:83:c2:bf:2a:c4:18:0c:1f:48:
a7:85:02:80:05:4e:53:83:22:72:70:31:40:6c:98:b2:e2:72:
76:49:ec:69:24:f0:77:6a:b4:c8:89:c4:52:56:59:e9:b3:ab:
73:15:59:de:48:b1:67:39:6c:95:d2:8f:4a:10:70:8c:4f:9b:
9d:99:b0:8a:46:0e:a6:c6:bb:b0:a1:ce:7c:49:2d:3f:f0:42:
33:1c:8a:d7:4a:63:33:fc:73:3e:35:92:66:0b:56:06:d7:30:
5a:43:02:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc/AXkCdw2YSE2x6AJp3+ZH/Cj64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwNTRaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MGY0YTQxOGFkYTM1OTMwMDljNWI2MzAwYTc0ZWJhNjU4NTlmMzM5ZmQ2
MTM1NzY2NGQyOTRjNjQ0NTdhMzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHfkF3ivM//SZo+Dta3ugIwj8Cmoz8+HRe5VFfrzeigKC7r8/7i/PNUbtXa
2SVVINmJD6ebvUfvnHY2oNYcx15U34GwCUUFQkzB25Z6VNszDEpTTDXohf740nhS
yvOPPRH1qy6mMhPa+2k72VPyiT8o38Bri3hTI8GlztUH1ELHXeO9rxDbCZwrL9Sm
fQPIkm8AFuTxlMAtcSlPwZxO6YOJybijMuBHZNqLALg+GrapuqyyYTEoI23CUXEX
VnP4jjptk+Q3GEyEFZmj40hy/XMIfZ/T2TiVRP/XKo+/M7Y+iycTeSTcyCXK6ZAr
FdIOdykjeqHKYtCl9o020ZNoug8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIxAcx
XYCr+UTguyy0e5ZT+RF3TjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQAoQtXjgJxl4unnABBmrtZHIJrNrVyDeWSxInv5ddx7
9Uk5GT16OEwN84jHoPomC9saHr0277laexsh+BGDCpakVJvyLND2pTxKjeYnVBpx
FXZzZlmYMEbO7AzDJICoBuS/59ZOzgPkodDMhfb1ipMpsjG17NzcXkHkmp8GwCXl
0iQWH+lpXlkPegNlqMznqL6NHYBypA9tyG2Dwr8qxBgMH0inhQKABU5TgyJycDFA
bJiy4nJ2SexpJPB3arTIicRSVlnps6tzFVneSLFnOWyV0o9KEHCMT5udmbCKRg6m
xruwoc58SS0/8EIzHIrXSmMz/HM+NZJmC1YG1zBaQwLR
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:27 2025 by rpki-client