Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
File: df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa (raw, json)
Hash identifier: 7fmP8aJM2rCLILqExrxqJ5nqKaJz8NKcgWWtkVDgSf8=
Subject key identifier: 78:A6:6E:A1:06:7E:0E:4E:03:FB:23:02:77:6B:E8:73:20:F4:1A:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76BF6DBD2574EE76563076E9D089A0559970F6F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
Signing time: Tue 03 Jun 2025 16:30:15 +0000
ROA not before: Tue 03 Jun 2025 16:30:15 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:bf:6d:bd:25:74:ee:76:56:30:76:e9:d0:89:a0:55:99:70:f6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:15 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=d72563a5577f4fcc75c5aebe72822c54b80020d445d106671991a77f32c8882f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:91:4b:bd:77:e5:4e:d0:83:f3:77:0b:c3:9a:
72:cd:4d:38:18:7a:2a:f4:5b:35:77:c1:56:12:f3:
51:d7:d6:fd:14:56:6c:9b:81:d7:89:21:e3:61:14:
cf:aa:e7:86:ca:cb:0f:9f:25:d1:2c:d6:41:00:50:
fa:d8:69:ff:0a:63:eb:14:51:5c:51:4a:7b:b7:b5:
c5:d5:11:ed:08:ea:76:ed:15:1b:42:92:37:6b:46:
42:bf:6a:cc:6e:68:19:cd:a2:c4:41:cb:01:dc:7e:
55:63:a6:4f:5f:54:67:41:75:51:d5:7e:c6:07:cf:
12:8a:d7:85:91:e9:d2:26:bf:58:f4:7c:01:9b:e9:
06:9f:4b:a0:40:bb:6c:31:73:87:88:b7:c5:00:5b:
0e:cf:52:64:04:ff:21:de:6b:84:ac:74:38:4d:00:
23:fe:83:f0:a3:3b:de:01:8e:01:1c:8f:64:64:d3:
f0:ef:13:12:44:2c:10:fa:cb:8f:c1:6d:c3:56:1b:
5e:07:98:e3:70:4b:4a:66:e0:9f:6b:2b:40:ce:ea:
f1:9c:c5:27:a6:4d:47:60:57:b3:7a:06:72:7b:a5:
98:78:25:53:60:8b:5a:87:8e:d9:9d:91:e9:11:86:
ea:f5:bc:c3:61:3e:ee:b1:16:a5:83:8d:86:19:e7:
6a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A6:6E:A1:06:7E:0E:4E:03:FB:23:02:77:6B:E8:73:20:F4:1A:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:fb:31:f3:77:87:34:eb:6c:04:40:52:12:bc:1d:fa:07:c6:
e9:5b:ad:cd:19:c5:54:ff:b3:b5:79:03:f1:4e:05:2b:da:2b:
a9:ec:e9:99:6b:bc:b5:e5:d7:3b:7a:d8:aa:02:8c:b0:60:01:
ed:7f:a0:6e:8a:66:33:ed:80:4a:6e:8c:ec:74:bd:2e:6a:60:
bc:5a:5d:06:70:34:d3:be:1b:43:4e:d3:a8:a0:da:6c:81:17:
61:b9:a5:c1:53:ae:e5:31:85:41:3e:25:ec:97:7f:e9:81:83:
ba:55:35:6a:f8:8a:57:67:c4:fa:16:6b:e8:b1:11:56:2d:f3:
91:d2:17:8a:84:aa:3a:15:c2:ea:24:66:08:d6:5f:c0:11:21:
c8:96:78:b3:5e:07:cf:d8:ef:4a:67:b5:27:28:08:cf:eb:9f:
46:26:c4:03:e8:0c:83:39:41:35:45:0e:dc:e8:62:e0:6f:f2:
ba:7e:dc:26:d3:10:e2:99:87:f9:3c:a7:57:78:ac:8b:81:8e:
59:28:bd:8a:7d:3e:01:c4:a7:d5:43:de:86:ff:4b:d6:3a:6c:
4b:02:25:94:35:37:f9:6c:bb:8d:bf:e4:b6:5c:01:1f:62:0f:
c0:88:07:5a:d9:be:d4:38:fc:c0:93:a8:cc:36:18:c5:ee:b3:
d1:50:4b:25
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdr9tvSV07nZWMHbp0ImgVZlw9vYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMTVaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3MjU2M2E1NTc3ZjRmY2M3NWM1YWViZTcyODIyYzU0YjgwMDIwZDQ0NWQx
MDY2NzE5OTFhNzdmMzJjODg4MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaRS7135U7Qg/N3C8Oacs1NOBh6KvRbNXfBVhLzUdfW/RRWbJuB14kh42EU
z6rnhsrLD58l0SzWQQBQ+thp/wpj6xRRXFFKe7e1xdUR7Qjqdu0VG0KSN2tGQr9q
zG5oGc2ixEHLAdx+VWOmT19UZ0F1UdV+xgfPEorXhZHp0ia/WPR8AZvpBp9LoEC7
bDFzh4i3xQBbDs9SZAT/Id5rhKx0OE0AI/6D8KM73gGOARyPZGTT8O8TEkQsEPrL
j8Ftw1YbXgeY43BLSmbgn2srQM7q8ZzFJ6ZNR2BXs3oGcnulmHglU2CLWoeO2Z2R
6RGG6vW8w2E+7rEWpYONhhnnajcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR4pm6h
Bn4OTgP7IwJ3a+hzIPQa4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGY3NDBlMmYtOGNlNS00YjFiLWE5NWUtNjA0ODdkOTM4OGE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JyDAN
BgkqhkiG9w0BAQsFAAOCAQEACvsx83eHNOtsBEBSErwd+gfG6VutzRnFVP+ztXkD
8U4FK9orqezpmWu8teXXO3rYqgKMsGAB7X+gbopmM+2ASm6M7HS9LmpgvFpdBnA0
074bQ07TqKDabIEXYbmlwVOu5TGFQT4l7Jd/6YGDulU1aviKV2fE+hZr6LERVi3z
kdIXioSqOhXC6iRmCNZfwBEhyJZ4s14Hz9jvSme1JygIz+ufRibEA+gMgzlBNUUO
3Ohi4G/yun7cJtMQ4pmH+TynV3isi4GOWSi9in0+AcSn1UPehv9L1jpsSwIllDU3
+Wy7jb/ktlwBH2IPwIgHWtm+1Dj8wJOozDYYxe6z0VBLJQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:19 2025 by rpki-client