Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
File: e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa (raw, json)
Hash identifier: 7xoFLyeK3xHfJQiKbWLrIlElD7XLuagKhbf+/slUV84=
Subject key identifier: 40:A4:C8:82:14:AE:07:7E:4B:3D:C6:86:65:A0:76:27:03:66:DC:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DD3DE30B323BFFABA99DDE59FFDF10D45B000ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
Signing time: Tue 03 Jun 2025 16:30:20 +0000
ROA not before: Tue 03 Jun 2025 16:30:20 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:d3:de:30:b3:23:bf:fa:ba:99:dd:e5:9f:fd:f1:0d:45:b0:00:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:30:20 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=5e0549fe3ddbddcf06357764beb34f9c395d2bff22afdc8ed7a58dc074d72cee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b4:1b:8e:02:3c:64:b0:5e:78:a6:c8:9b:55:
a8:c1:d8:55:45:83:07:23:4b:40:50:88:9c:89:57:
34:f7:b6:4c:0c:90:01:1e:b8:52:a2:7c:12:54:89:
7f:e3:cd:03:11:8a:ae:6d:98:f2:73:94:b7:a1:1b:
ac:83:f9:95:e4:3e:74:d0:bd:0a:25:c2:70:3f:c5:
6a:59:58:3f:d7:bf:c6:69:70:47:b3:a0:9e:29:69:
9e:14:19:71:85:bb:d4:35:74:63:f0:8b:21:77:40:
f9:6a:81:eb:80:0a:8c:38:74:23:bf:be:64:4f:0a:
1e:87:6d:6e:9a:2b:fc:a3:5b:9b:53:07:7a:1e:6a:
d6:e6:98:c5:b1:0a:14:d9:a3:62:4d:78:f5:ba:7b:
7b:af:f1:19:09:0f:5f:28:74:06:4c:86:7f:f2:cf:
83:d3:a1:40:86:f0:ef:bb:6f:35:cf:9b:31:0a:25:
d6:d4:05:e1:3a:ac:29:9f:46:17:75:66:36:94:4c:
d2:24:8a:92:06:ae:94:43:9b:ff:64:fe:b4:b3:b2:
19:67:94:63:1d:4f:56:cd:02:34:c6:0c:c6:21:a2:
a3:0e:54:b5:5f:af:aa:e0:ac:0f:06:ef:b7:0f:ac:
c5:bb:64:b8:06:89:a0:b4:42:8c:4f:b6:fd:2b:a9:
c4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A4:C8:82:14:AE:07:7E:4B:3D:C6:86:65:A0:76:27:03:66:DC:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e91b62a9-2885-4504-84a4-ba2cc2f2ac80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.160.0/21
Signature Algorithm: sha256WithRSAEncryption
20:e0:e8:1c:67:76:93:a6:97:1a:2b:2c:64:00:48:49:b8:ad:
75:91:ae:b6:79:0b:3a:45:9c:80:03:42:94:34:25:25:a9:ca:
27:33:53:ed:f2:fb:2b:80:76:1b:93:f8:c6:ec:f8:39:5b:fc:
b8:17:d8:dd:98:cd:01:fe:4a:41:51:46:2e:4b:da:fe:3b:84:
04:ec:7b:68:f0:87:96:dd:cf:8b:3b:f7:9d:e7:ce:3b:22:c6:
e8:0e:48:2b:ae:a2:58:5e:ba:7f:6d:cd:7e:fd:aa:72:73:10:
94:6a:4e:b5:e4:79:b3:57:b2:c9:8a:ff:52:08:d9:df:e8:7a:
6b:45:b9:ec:bb:95:1d:39:78:20:0a:cb:07:e7:77:5b:84:d5:
12:d4:56:f4:83:1a:7d:e7:76:e8:7d:7b:5c:c0:99:83:16:27:
ef:1a:10:0b:87:fa:d1:84:90:d7:06:32:0f:65:62:a2:e3:75:
44:0d:19:d1:14:b9:a2:68:b5:37:1d:b7:63:5c:26:45:b5:78:
a4:da:a4:30:23:43:d8:af:a5:94:74:61:95:fb:6b:8d:50:da:
04:3b:e6:37:31:fe:bd:a8:3f:e7:73:8b:f0:a6:db:55:de:ce:
87:87:01:53:90:e6:2f:82:3f:53:8a:21:df:a6:99:b7:42:78:
99:b5:82:c1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPdPeMLMjv/q6md3ln/3xDUWwAO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMwMjBaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlMDU0OWZlM2RkYmRkY2YwNjM1Nzc2NGJlYjM0ZjljMzk1ZDJiZmYyMmFm
ZGM4ZWQ3YTU4ZGMwNzRkNzJjZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALi0G44CPGSwXnimyJtVqMHYVUWDByNLQFCInIlXNPe2TAyQAR64UqJ8ElSJ
f+PNAxGKrm2Y8nOUt6EbrIP5leQ+dNC9CiXCcD/FallYP9e/xmlwR7OgnilpnhQZ
cYW71DV0Y/CLIXdA+WqB64AKjDh0I7++ZE8KHodtbpor/KNbm1MHeh5q1uaYxbEK
FNmjYk149bp7e6/xGQkPXyh0BkyGf/LPg9OhQIbw77tvNc+bMQol1tQF4TqsKZ9G
F3VmNpRM0iSKkgaulEOb/2T+tLOyGWeUYx1PVs0CNMYMxiGiow5UtV+vquCsDwbv
tw+sxbtkuAaJoLRCjE+2/SupxN0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRApMiC
FK4Hfks9xoZloHYnA2bc7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkxYjYyYTktMjg4NS00NTA0LTg0YTQtYmEyY2MyZjJhYzgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JoDAN
BgkqhkiG9w0BAQsFAAOCAQEAIODoHGd2k6aXGissZABISbitdZGutnkLOkWcgANC
lDQlJanKJzNT7fL7K4B2G5P4xuz4OVv8uBfY3ZjNAf5KQVFGLkva/juEBOx7aPCH
lt3Pizv3nefOOyLG6A5IK66iWF66f23Nfv2qcnMQlGpOteR5s1eyyYr/UgjZ3+h6
a0W57LuVHTl4IArLB+d3W4TVEtRW9IMafed26H17XMCZgxYn7xoQC4f60YSQ1wYy
D2ViouN1RA0Z0RS5omi1Nx23Y1wmRbV4pNqkMCND2K+llHRhlftrjVDaBDvmNzH+
vag/53OL8KbbVd7Oh4cBU5DmL4I/U4oh36aZt0J4mbWCwQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:07 2025 by rpki-client