Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: Lh/C6Q9KzYL84kmxx9bk7JLm5VGUbyRlSQxnluLTp/A=
Subject key identifier: 76:F5:ED:AA:35:0B:95:69:0F:8D:76:43:9C:30:18:17:72:95:15:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4ADA2C9FC4D691682E78814C6B57D7887E60FEBD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Tue 03 Jun 2025 16:30:16 +0000
ROA not before: Tue 03 Jun 2025 16:30:16 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:da:2c:9f:c4:d6:91:68:2e:78:81:4c:6b:57:d7:88:7e:60:fe:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:16 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=549d2bb358712bb20b3a0725dedead885fd7c5bc24809644b998292ba2c1dd77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:09:38:35:29:e7:4a:4c:1d:27:ea:f7:2c:23:
b8:ac:47:21:3c:e0:fb:3e:c1:d0:46:35:60:91:c9:
5e:91:7d:0c:77:f1:20:82:60:94:61:bb:29:e5:95:
03:63:d4:82:de:1d:0f:76:48:e2:f0:9d:3e:c6:0f:
ed:a1:17:53:ff:4c:ef:56:b4:21:86:5d:43:f2:c7:
4b:3b:0b:de:a2:5f:a0:df:f8:72:fa:20:10:18:cc:
63:91:7e:5f:c8:ac:ab:ea:0e:b7:3f:73:25:09:2f:
30:61:98:d9:48:62:d0:d6:fb:f4:4d:dd:6a:d9:00:
e7:65:91:91:f8:fd:f2:f4:28:9f:d5:53:f4:a0:aa:
ac:d7:98:26:4a:78:cc:06:d2:f6:d8:d8:5f:57:3a:
0e:51:07:af:d9:56:e2:bc:05:05:0f:a8:2b:53:94:
63:17:3a:00:85:fd:65:6d:b5:f0:db:84:60:1d:23:
4c:94:e6:a7:5c:a0:b8:8b:a8:ce:8e:af:4e:71:5c:
31:52:81:e3:7e:35:ad:df:18:cb:2d:f6:ff:2b:09:
f6:df:f2:84:05:5b:b0:e3:8b:87:f8:94:44:77:da:
93:40:b9:38:f1:71:5b:7e:14:d7:9c:ed:97:39:aa:
b8:1d:98:3b:b8:50:97:28:3a:f3:f4:38:59:11:92:
75:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F5:ED:AA:35:0B:95:69:0F:8D:76:43:9C:30:18:17:72:95:15:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:8f:6c:fb:dc:ff:14:d4:0d:37:e9:45:06:e6:7b:9d:81:b4:
83:bc:fc:68:dc:91:b9:37:19:ca:1b:02:81:17:60:ab:ed:2b:
4d:3c:92:7b:de:5c:50:45:5e:fb:99:ac:7b:aa:12:bb:c1:f7:
a9:31:a3:b0:1e:3f:3e:14:ab:81:15:cb:dd:93:47:10:69:67:
26:c4:2e:af:9b:b2:98:78:3a:94:55:70:4d:af:45:36:b4:d6:
ab:24:53:e8:a4:cc:ef:41:01:97:b3:5f:1f:b1:83:82:48:47:
bd:6b:43:75:98:f2:4c:1c:fe:86:9c:44:ba:a4:b5:f1:95:b6:
72:1b:1e:11:6f:bc:1e:50:80:a9:a6:ec:08:e7:e7:2e:41:c8:
b8:ab:27:25:52:a0:c8:ed:c3:62:e2:f8:8e:31:0f:66:d2:8f:
92:37:da:ec:9b:d4:c9:6c:15:9e:a9:34:7d:36:32:4a:21:09:
dd:58:3e:c6:03:d4:23:dd:20:f9:a4:1e:3b:70:ce:3c:0d:e6:
e0:ca:18:f8:0e:19:0f:d9:18:7f:7d:b5:df:a8:9c:c2:36:86:
50:64:42:2b:54:5b:f2:00:f7:6a:21:33:f9:fd:31:06:87:7c:
dc:58:20:dd:3f:5c:29:4c:88:14:21:c3:ec:8a:c9:4d:d4:4a:
e7:0c:db:44
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUStosn8TWkWgueIFMa1fXiH5g/r0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMTZaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0OWQyYmIzNTg3MTJiYjIwYjNhMDcyNWRlZGVhZDg4NWZkN2M1YmMyNDgw
OTY0NGI5OTgyOTJiYTJjMWRkNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwJODUp50pMHSfq9ywjuKxHITzg+z7B0EY1YJHJXpF9DHfxIIJglGG7KeWV
A2PUgt4dD3ZI4vCdPsYP7aEXU/9M71a0IYZdQ/LHSzsL3qJfoN/4cvogEBjMY5F+
X8isq+oOtz9zJQkvMGGY2Uhi0Nb79E3datkA52WRkfj98vQon9VT9KCqrNeYJkp4
zAbS9tjYX1c6DlEHr9lW4rwFBQ+oK1OUYxc6AIX9ZW218NuEYB0jTJTmp1yguIuo
zo6vTnFcMVKB4341rd8Yyy32/ysJ9t/yhAVbsOOLh/iURHfak0C5OPFxW34U15zt
lzmquB2YO7hQlyg68/Q4WRGSdckCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR29e2q
NQuVaQ+NdkOcMBgXcpUVNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEAuY9s+9z/FNQNN+lFBuZ7nYG0g7z8aNyRuTcZyhsC
gRdgq+0rTTySe95cUEVe+5mse6oSu8H3qTGjsB4/PhSrgRXL3ZNHEGlnJsQur5uy
mHg6lFVwTa9FNrTWqyRT6KTM70EBl7NfH7GDgkhHvWtDdZjyTBz+hpxEuqS18ZW2
chseEW+8HlCAqabsCOfnLkHIuKsnJVKgyO3DYuL4jjEPZtKPkjfa7JvUyWwVnqk0
fTYySiEJ3Vg+xgPUI90g+aQeO3DOPA3m4MoY+A4ZD9kYf32136icwjaGUGRCK1Rb
8gD3aiEz+f0xBod83Fgg3T9cKUyIFCHD7IrJTdRK5wzbRA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:51:43 2025 by rpki-client