Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
File: d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa (raw, json)
Hash identifier: Wlmnr7u9x2OJmVT9fSWKbER8+L7JNE4VcEN7LmtIg20=
Subject key identifier: 2A:20:A6:27:95:5C:E9:1A:C4:5C:E0:78:A7:4D:2E:5D:10:B2:82:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72C2C3CFF8FA1CED9AD60F5398F0A2D2BD04EBE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
Signing time: Tue 03 Jun 2025 16:30:57 +0000
ROA not before: Tue 03 Jun 2025 16:30:57 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:c2:c3:cf:f8:fa:1c:ed:9a:d6:0f:53:98:f0:a2:d2:bd:04:eb:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:57 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=efc40abf2f6a5a7523839d7155c9fa959af319047a3631de26dd69dc96656d60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ad:9f:9e:d7:fd:70:11:d7:28:63:25:58:2a:
a8:d0:3b:4b:1e:50:93:80:f6:fd:29:df:b0:53:bd:
e3:66:c3:6f:82:94:5d:08:7d:a1:f6:79:8c:51:1e:
81:35:93:a2:86:55:c3:c4:1e:0b:22:db:91:b2:b3:
fc:d5:d7:3e:01:4b:3a:71:d2:64:6d:41:96:26:0f:
1f:b2:da:8c:5e:90:ad:69:16:8f:7b:8e:22:e2:a1:
1b:45:57:90:2d:4e:3b:70:4a:96:8f:13:1c:da:e1:
67:cf:db:a8:86:d9:83:b7:3c:fa:62:df:38:55:6e:
94:cc:0a:66:29:ca:66:77:27:f2:b1:cb:c6:01:53:
ae:b3:5e:b5:fb:41:24:41:9d:de:a0:f5:f2:03:47:
50:64:c6:60:a6:60:8d:c7:b4:5c:24:84:3f:76:22:
4f:38:b7:a5:c4:f3:7e:92:a1:7c:65:de:99:03:d4:
43:49:51:01:3a:4a:e8:da:b9:a4:6a:2c:c9:f9:8b:
9a:e9:ca:8c:6c:bf:ae:c5:b2:c8:cf:12:aa:6e:98:
c8:99:10:48:18:20:a1:7f:48:a2:88:e8:5a:bf:73:
fe:b3:d8:19:62:cb:cd:c9:16:45:a3:17:f5:e0:e1:
fe:a8:81:87:9e:b1:f5:11:bb:3d:82:61:cb:d8:f6:
87:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:20:A6:27:95:5C:E9:1A:C4:5C:E0:78:A7:4D:2E:5D:10:B2:82:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8364c06-b75e-4d85-8c8c-afad4df7cd1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/20
Signature Algorithm: sha256WithRSAEncryption
34:8c:12:d3:c8:7c:b4:f7:36:d5:c8:86:f0:be:92:a5:b5:21:
3c:3d:2d:db:5e:4f:c5:2f:07:b1:7d:75:a4:70:76:fb:1e:3b:
04:90:d5:82:0a:ae:28:c0:90:ed:65:a9:0b:ec:1e:67:c8:62:
ac:b1:71:7e:3a:e7:da:c6:32:75:ee:b3:30:58:1d:8d:dc:4c:
11:db:60:3c:3e:9a:37:6b:5b:9c:80:4e:72:52:54:19:dd:de:
cb:84:d1:2e:dd:f0:d5:d8:ad:ed:00:73:a7:0f:60:28:43:e1:
7c:77:ef:50:2e:01:d1:b3:a6:4b:d5:d0:35:0d:ae:b3:47:79:
a3:28:ae:68:ea:c7:dc:9c:43:3c:df:93:29:f7:66:aa:26:84:
13:ef:f8:57:31:7a:7c:2c:98:00:b4:31:3f:19:6e:24:91:88:
e4:d0:6b:af:6b:2c:cf:e2:ab:84:4f:e8:02:9f:6f:55:67:da:
e6:43:87:94:a2:85:9d:a2:c2:20:4b:43:4d:32:9c:7c:d5:a9:
de:fe:02:a5:1f:73:87:6b:50:fc:38:05:11:9c:d7:5b:9e:f7:
1f:b5:10:81:72:5f:3d:4e:aa:72:73:a1:d2:68:65:79:a6:dd:
79:1b:1b:ad:31:63:50:07:92:e3:f5:ec:0e:d0:af:96:7e:7e:
cf:79:9c:1d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcsLDz/j6HO2a1g9TmPCi0r0E6+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwNTdaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmYzQwYWJmMmY2YTVhNzUyMzgzOWQ3MTU1YzlmYTk1OWFmMzE5MDQ3YTM2
MzFkZTI2ZGQ2OWRjOTY2NTZkNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGtn57X/XAR1yhjJVgqqNA7Sx5Qk4D2/SnfsFO942bDb4KUXQh9ofZ5jFEe
gTWTooZVw8QeCyLbkbKz/NXXPgFLOnHSZG1BliYPH7LajF6QrWkWj3uOIuKhG0VX
kC1OO3BKlo8THNrhZ8/bqIbZg7c8+mLfOFVulMwKZinKZncn8rHLxgFTrrNetftB
JEGd3qD18gNHUGTGYKZgjce0XCSEP3YiTzi3pcTzfpKhfGXemQPUQ0lRATpK6Nq5
pGosyfmLmunKjGy/rsWyyM8Sqm6YyJkQSBggoX9IoojoWr9z/rPYGWLLzckWRaMX
9eDh/qiBh56x9RG7PYJhy9j2h7MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQqIKYn
lVzpGsRc4HinTS5dELKCkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDgzNjRjMDYtYjc1ZS00ZDg1LThjOGMtYWZhZDRkZjdjZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEANIwS08h8tPc21ciG8L6SpbUhPD0t215PxS8HsX11
pHB2+x47BJDVggquKMCQ7WWpC+weZ8hirLFxfjrn2sYyde6zMFgdjdxMEdtgPD6a
N2tbnIBOclJUGd3ey4TRLt3w1dit7QBzpw9gKEPhfHfvUC4B0bOmS9XQNQ2us0d5
oyiuaOrH3JxDPN+TKfdmqiaEE+/4VzF6fCyYALQxPxluJJGI5NBrr2ssz+KrhE/o
Ap9vVWfa5kOHlKKFnaLCIEtDTTKcfNWp3v4CpR9zh2tQ/DgFEZzXW573H7UQgXJf
PU6qcnOh0mhleabdeRsbrTFjUAeS4/XsDtCvln5+z3mcHQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:35 2025 by rpki-client