Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
File: 01bbf67c-f7ae-457c-80b3-728a951b236a.roa (raw, json)
Hash identifier: FhFX1wulzge8cXkiiDgteTb+erh72brSiARxPVBPeoQ=
Subject key identifier: A7:BE:B9:0A:28:86:81:D8:F9:24:1D:F1:BF:97:A8:8F:6B:FC:1C:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 355B34258F0519871D691E8102A2B0849193BB2C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
Signing time: Mon 30 Jun 2025 18:00:11 +0000
ROA not before: Mon 30 Jun 2025 18:00:11 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:5b:34:25:8f:05:19:87:1d:69:1e:81:02:a2:b0:84:91:93:bb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:11 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=6d0ec538d4c98fc8701306ddb7a8f9307fd19b1219d6ef7f2f515c72d8ad8f68, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:60:2d:f7:84:95:1b:60:89:65:33:1a:f0:58:
97:96:67:61:05:be:25:e4:58:c0:72:03:98:d1:67:
c6:8b:2a:12:2a:64:b3:02:12:ca:d2:4d:ba:c9:53:
94:6c:e2:17:00:89:ec:bf:d1:21:25:79:0a:33:2e:
0a:85:eb:5b:dc:14:b0:50:7e:2a:35:44:58:c3:83:
0d:e9:ed:cc:d2:5c:d6:fe:9b:09:cc:9e:c6:5a:35:
d3:22:48:13:10:4e:3c:97:78:ee:53:0c:12:d8:28:
3c:85:8e:29:f0:e8:0b:f9:7c:d8:ac:ea:85:57:c2:
39:5c:b1:d2:7c:fa:e4:2a:6d:87:6e:8c:19:12:2b:
3f:51:ed:e7:be:95:63:4c:f9:9a:4a:b7:f5:9d:86:
63:4f:1c:b3:c9:3b:f0:0c:5e:09:68:cc:bc:17:57:
72:f2:1b:02:5c:36:ac:a2:72:f5:39:82:2c:3a:ca:
d9:07:d6:7f:48:6c:a2:e3:ec:64:82:7b:00:c3:ba:
4d:7d:64:ae:82:97:5e:1b:c9:e0:9a:b9:fe:b9:0e:
09:e6:f9:1c:1c:56:15:d8:c8:e3:c1:7c:ee:ad:6b:
79:ee:d0:04:84:b0:b7:2b:37:d3:87:79:a2:89:a5:
ef:9a:92:ba:76:5e:fe:15:e9:77:3c:4d:93:a9:8c:
e6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:BE:B9:0A:28:86:81:D8:F9:24:1D:F1:BF:97:A8:8F:6B:FC:1C:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01bbf67c-f7ae-457c-80b3-728a951b236a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/18
Signature Algorithm: sha256WithRSAEncryption
b5:e0:ae:77:44:69:7e:c6:d7:d3:70:de:5d:85:ca:79:65:8a:
29:59:ec:ae:fd:69:c5:03:8f:99:09:ed:3d:4e:4c:92:21:15:
72:8e:df:21:a4:99:a8:17:ee:3b:2d:c9:35:1a:5d:d0:4f:ea:
3b:c9:7f:2d:bc:80:dd:03:e0:ca:93:42:36:cf:41:c2:05:2a:
cc:5a:9d:26:1f:70:fe:69:83:76:82:ee:eb:dc:7d:85:fa:58:
85:ad:e8:44:15:30:35:27:b6:6e:05:90:58:ec:f2:af:19:7f:
4a:bb:71:9c:d7:4b:f2:fe:36:8d:83:d6:bb:5b:7c:2d:1d:70:
fd:2a:99:79:e7:77:a8:ca:8f:35:34:1f:07:2b:1d:e3:f8:fc:
56:93:a0:8f:b1:2b:52:50:07:1f:fd:73:13:3a:af:9c:d3:01:
8a:2e:26:3a:37:bb:81:bc:ed:a0:92:19:d3:37:51:05:d5:f5:
20:92:2d:b6:76:55:1e:5c:a0:eb:9c:f7:01:c5:0f:fa:72:5d:
f1:fe:bd:a2:94:41:d8:9a:3b:d6:46:a3:a0:bd:bb:06:7a:a3:
18:a5:43:db:25:97:e8:35:39:05:d2:b0:bb:61:14:aa:71:89:
b9:9f:d9:7e:2c:18:fb:2c:11:a2:0d:03:32:53:dc:8c:8d:46:
96:a6:1b:ad
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNVs0JY8FGYcdaR6BAqKwhJGTuywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMTFaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkMGVjNTM4ZDRjOThmYzg3MDEzMDZkZGI3YThmOTMwN2ZkMTliMTIxOWQ2
ZWY3ZjJmNTE1YzcyZDhhZDhmNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpgLfeElRtgiWUzGvBYl5ZnYQW+JeRYwHIDmNFnxosqEipkswISytJNuslT
lGziFwCJ7L/RISV5CjMuCoXrW9wUsFB+KjVEWMODDentzNJc1v6bCcyexlo10yJI
ExBOPJd47lMMEtgoPIWOKfDoC/l82KzqhVfCOVyx0nz65Cpth26MGRIrP1Ht576V
Y0z5mkq39Z2GY08cs8k78AxeCWjMvBdXcvIbAlw2rKJy9TmCLDrK2QfWf0hsouPs
ZIJ7AMO6TX1kroKXXhvJ4Jq5/rkOCeb5HBxWFdjI48F87q1ree7QBISwtys304d5
ooml75qSunZe/hXpdzxNk6mM5nECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSnvrkK
KIaB2PkkHfG/l6iPa/wcozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDFiYmY2N2MtZjdhZS00NTdjLTgwYjMtNzI4YTk1MWIyMzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAteCud0RpfsbX03DeXYXKeWWKKVnsrv1pxQOPmQnt
PU5MkiEVco7fIaSZqBfuOy3JNRpd0E/qO8l/LbyA3QPgypNCNs9BwgUqzFqdJh9w
/mmDdoLu69x9hfpYha3oRBUwNSe2bgWQWOzyrxl/SrtxnNdL8v42jYPWu1t8LR1w
/SqZeed3qMqPNTQfBysd4/j8VpOgj7ErUlAHH/1zEzqvnNMBii4mOje7gbztoJIZ
0zdRBdX1IJIttnZVHlyg65z3AcUP+nJd8f69opRB2Jo71kajoL27BnqjGKVD2yWX
6DU5BdKwu2EUqnGJuZ/ZfiwY+ywRog0DMlPcjI1GlqYbrQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:03 2025 by rpki-client