Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
File: be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa (raw, json)
Hash identifier: VGsxGFv+mFaTKU+EVxk8aj+plubLmaZBxx6mIn3tZn0=
Subject key identifier: 22:1A:2F:68:B9:72:F1:10:E3:90:2A:65:31:24:2A:E1:7A:25:93:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DBE916DA291B1C117720FA0CFD46E320A14C6CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
Signing time: Tue 03 Jun 2025 16:31:00 +0000
ROA not before: Tue 03 Jun 2025 16:31:00 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:be:91:6d:a2:91:b1:c1:17:72:0f:a0:cf:d4:6e:32:0a:14:c6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:00 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=197b219a475be6992638ef55e9ed45a08e002e086cf3f454eb32b9cf0b1470d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:60:07:2e:94:e4:da:28:58:25:c9:28:6d:61:
16:5d:ad:fa:65:21:ae:86:99:27:4f:b9:f3:48:c2:
e3:de:a3:75:92:5a:fa:1d:3f:1a:17:38:5e:93:37:
4e:31:60:7e:09:62:80:dc:84:17:b5:d8:9f:20:28:
fd:66:dd:94:1d:14:13:b5:3c:52:c1:33:f8:c9:9b:
32:33:e9:0b:6b:93:e6:af:5e:e5:03:66:0e:ca:cb:
ec:1b:f0:2f:99:ad:2e:4e:a3:95:2f:0f:8e:09:ee:
70:1b:21:1d:00:f3:43:d1:8c:fe:87:78:cc:c0:1a:
51:ac:6c:d4:bd:9d:c0:04:13:f5:80:08:c8:70:19:
4f:db:94:66:18:85:72:51:a6:33:4d:a3:79:e1:67:
fe:2a:16:31:bc:46:74:05:86:26:9d:4a:58:da:4c:
0f:e0:6e:40:54:30:d1:d2:08:9b:6e:cd:78:6c:8e:
6c:af:d3:25:39:14:49:31:0b:55:fb:ea:39:a1:7b:
a4:44:45:eb:bf:1a:98:cb:00:df:ef:f3:02:1f:e1:
62:d6:d0:ed:42:16:bc:c3:f2:1e:a7:35:4a:04:d4:
59:80:43:98:3f:f0:0c:04:59:1b:14:d0:52:06:d3:
39:41:68:0e:b1:e3:d6:31:93:a0:30:a0:5a:41:e2:
7f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:1A:2F:68:B9:72:F1:10:E3:90:2A:65:31:24:2A:E1:7A:25:93:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.96.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:d5:18:47:25:55:b4:1d:73:a9:d7:7a:55:76:b4:ed:c4:a2:
8d:5e:80:b8:3c:94:1f:d7:0f:bc:6c:c5:1f:a4:a8:ff:b8:03:
a1:43:8e:56:90:d0:16:88:59:c0:10:c6:ec:1b:5f:cf:5c:0a:
c4:09:39:90:f0:f6:d5:b8:37:7f:55:95:bf:ed:bd:c2:be:c9:
14:9a:65:c1:95:02:e7:95:68:01:05:3d:b5:97:7e:9a:2f:7a:
d8:cf:c8:0b:43:cb:77:43:1f:8d:5e:c9:59:a1:7d:47:0e:46:
f1:bc:b4:7e:9e:dc:b8:fa:72:82:b1:16:a0:2f:a9:20:a0:5e:
09:ba:ea:2f:6b:de:56:22:2d:68:9b:82:f3:9d:ac:4c:ae:cd:
3e:fe:9f:98:03:86:73:0f:3d:97:23:8e:f5:f6:44:fe:b1:95:
88:aa:c3:6d:79:6b:a9:d7:73:cb:e7:d5:d3:bc:ab:a0:df:c4:
c7:2a:7b:98:22:8d:f0:c6:a4:7c:a9:66:e7:8c:5a:fb:a4:60:
c6:94:4f:ec:af:52:3a:05:30:bf:36:c1:55:d0:0f:55:f5:ba:
a0:c8:48:13:3c:50:3e:8a:b8:e3:d9:61:c2:01:86:0d:91:73:
10:30:f8:8e:5b:ec:0a:cc:79:84:26:9f:89:01:0f:5f:09:c0:
22:10:7d:bf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbb6RbaKRscEXcg+gz9RuMgoUxsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMDBaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5N2IyMTlhNDc1YmU2OTkyNjM4ZWY1NWU5ZWQ0NWEwOGUwMDJlMDg2Y2Yz
ZjQ1NGViMzJiOWNmMGIxNDcwZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdgBy6U5NooWCXJKG1hFl2t+mUhroaZJ0+580jC496jdZJa+h0/Ghc4XpM3
TjFgfgligNyEF7XYnyAo/WbdlB0UE7U8UsEz+MmbMjPpC2uT5q9e5QNmDsrL7Bvw
L5mtLk6jlS8PjgnucBshHQDzQ9GM/od4zMAaUaxs1L2dwAQT9YAIyHAZT9uUZhiF
clGmM02jeeFn/ioWMbxGdAWGJp1KWNpMD+BuQFQw0dIIm27NeGyObK/TJTkUSTEL
VfvqOaF7pERF678amMsA3+/zAh/hYtbQ7UIWvMPyHqc1SgTUWYBDmD/wDARZGxTQ
UgbTOUFoDrHj1jGToDCgWkHif9ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQiGi9o
uXLxEOOQKmUxJCrheiWTIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2YjdjYjAtM2M1NS00YTY1LWIwMGEtNDViYzEzMTA4NjhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JYDAN
BgkqhkiG9w0BAQsFAAOCAQEATNUYRyVVtB1zqdd6VXa07cSijV6AuDyUH9cPvGzF
H6So/7gDoUOOVpDQFohZwBDG7Btfz1wKxAk5kPD21bg3f1WVv+29wr7JFJplwZUC
55VoAQU9tZd+mi962M/IC0PLd0MfjV7JWaF9Rw5G8by0fp7cuPpygrEWoC+pIKBe
CbrqL2veViItaJuC852sTK7NPv6fmAOGcw89lyOO9fZE/rGViKrDbXlrqddzy+fV
07yroN/Exyp7mCKN8MakfKlm54xa+6RgxpRP7K9SOgUwvzbBVdAPVfW6oMhIEzxQ
Poq449lhwgGGDZFzEDD4jlvsCsx5hCafiQEPXwnAIhB9vw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:20 2025 by rpki-client