Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
File: fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa (raw, json)
Hash identifier: Wci8qH7Pglh/Zdk1LC62mkV0DjLIHQ+G6hCwYK9xfN8=
Subject key identifier: DE:71:D0:67:58:70:A9:6F:50:20:2B:8D:AF:2F:34:75:60:C6:DF:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BAD586853469A21A053122681108A8DBED9C062
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
Signing time: Tue 03 Jun 2025 16:31:00 +0000
ROA not before: Tue 03 Jun 2025 16:31:00 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ad:58:68:53:46:9a:21:a0:53:12:26:81:10:8a:8d:be:d9:c0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 3 16:31:00 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=d7fa611cc5b06faff461999dd7591e2bed76f5b4c8ed204dc4d5bd4a9e44f103, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:8c:ea:ac:6e:d5:ff:50:c6:86:7e:f7:e3:
c6:81:04:54:2f:8c:dd:7f:87:7a:47:12:af:2e:90:
b6:63:6d:27:d3:7e:17:54:43:e6:94:5e:f3:91:bd:
bd:53:74:9d:9c:53:7f:e7:6d:ee:99:2c:73:88:8b:
0e:fc:80:36:3c:2e:f6:0e:58:bc:c7:a9:d2:37:e0:
6e:21:7d:ef:fe:f9:d0:e4:6b:51:b2:35:87:4d:85:
b6:8e:a5:13:67:21:89:bb:05:b3:f7:5f:cc:17:40:
43:c3:a9:07:c5:73:db:26:b6:fa:68:3b:f1:76:a7:
7d:65:fd:b7:0e:10:bb:42:49:ed:a6:ac:fb:35:aa:
9a:42:e6:24:7d:02:da:b9:2b:4e:25:15:0f:c2:69:
8c:c0:b7:7c:f1:9c:31:3e:3d:8f:ec:b8:ee:af:5a:
99:b8:1f:33:49:d8:c5:7d:bc:9f:6c:ee:85:54:eb:
5d:d6:57:46:dc:c9:fd:16:f6:b7:d8:5c:9d:86:a4:
46:47:f6:3b:ff:a3:3f:4b:33:c6:35:5c:ec:cf:e8:
93:8e:21:55:ea:45:cf:04:23:e8:48:61:6f:a0:b0:
44:5f:74:a1:14:c0:a7:e7:cf:7c:df:8e:ba:4f:1b:
31:42:5e:21:f2:6f:30:00:2d:eb:76:b1:f1:3a:21:
bc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:71:D0:67:58:70:A9:6F:50:20:2B:8D:AF:2F:34:75:60:C6:DF:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/20
Signature Algorithm: sha256WithRSAEncryption
20:a1:8e:43:4f:8b:a1:08:f8:7d:95:06:0d:a1:a2:34:89:92:
b4:7b:14:c4:40:09:58:6d:3f:be:15:47:9a:df:ce:92:6d:5e:
d6:e1:18:69:37:63:7b:18:eb:8f:9e:63:c5:48:4c:2d:a8:b0:
df:0b:48:ee:46:9b:ec:1b:41:56:92:df:82:7c:4e:bd:4e:83:
31:03:09:33:ca:cf:5e:89:9c:e6:bb:c0:a5:9b:99:b9:3e:75:
88:60:eb:59:01:61:e6:31:45:f6:b0:a2:ca:17:1f:14:0a:40:
a5:4e:37:0f:50:98:bf:58:e4:14:c7:e7:bb:b3:f1:53:27:4f:
ef:1b:0d:c1:8f:10:7b:c1:18:0c:36:41:80:64:cf:51:a2:a3:
2d:41:35:51:b5:4f:66:ad:ec:7b:b3:40:f6:4e:d2:c0:b0:55:
ac:ad:3d:58:2b:e8:8d:b6:e4:c3:fb:16:8a:7a:e1:5c:62:ba:
cf:6c:b0:84:b9:e8:57:0a:1c:63:eb:be:3a:a6:27:97:23:06:
3b:22:1a:ef:00:97:cb:86:ab:31:9f:11:05:5f:5e:17:61:a2:
e0:3e:88:41:df:68:a7:08:ac:06:5c:c6:55:7a:5e:4d:d7:f6:
59:c6:e0:cc:b6:b3:a3:b7:27:ad:4c:56:5f:f0:b3:96:e2:f7:
3f:c3:26:cc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUa61YaFNGmiGgUxImgRCKjb7ZwGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDMxNjMxMDBaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3ZmE2MTFjYzViMDZmYWZmNDYxOTk5ZGQ3NTkxZTJiZWQ3NmY1YjRjOGVk
MjA0ZGM0ZDViZDRhOWU0NGYxMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALC8jOqsbtX/UMaGfvfjxoEEVC+M3X+HekcSry6QtmNtJ9N+F1RD5pRe85G9
vVN0nZxTf+dt7pksc4iLDvyANjwu9g5YvMep0jfgbiF97/750ORrUbI1h02Fto6l
E2chibsFs/dfzBdAQ8OpB8Vz2ya2+mg78XanfWX9tw4Qu0JJ7aas+zWqmkLmJH0C
2rkrTiUVD8JpjMC3fPGcMT49j+y47q9ambgfM0nYxX28n2zuhVTrXdZXRtzJ/Rb2
t9hcnYakRkf2O/+jP0szxjVc7M/ok44hVepFzwQj6Ehhb6CwRF90oRTAp+fPfN+O
uk8bMUJeIfJvMAAt63ax8TohvF0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTecdBn
WHCpb1AgK42vLzR1YMbfxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlZTY1Y2EtOWM2Ny00OTI1LWI0NmYtNjBlYzJlZWNiN2EzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAIKGOQ0+LoQj4fZUGDaGiNImStHsUxEAJWG0/vhVH
mt/Okm1e1uEYaTdjexjrj55jxUhMLaiw3wtI7kab7BtBVpLfgnxOvU6DMQMJM8rP
Xomc5rvApZuZuT51iGDrWQFh5jFF9rCiyhcfFApApU43D1CYv1jkFMfnu7PxUydP
7xsNwY8Qe8EYDDZBgGTPUaKjLUE1UbVPZq3se7NA9k7SwLBVrK09WCvojbbkw/sW
inrhXGK6z2ywhLnoVwocY+u+OqYnlyMGOyIa7wCXy4arMZ8RBV9eF2Gi4D6IQd9o
pwisBlzGVXpeTdf2WcbgzLazo7cnrUxWX/CzluL3P8MmzA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:54 2025 by rpki-client