Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: TFi9LqaxZrN46OFyowX7ogc3tle5jKCvCbMweVXa7C4=
Subject key identifier: 82:D9:DB:EF:F8:29:F3:E2:26:FB:85:9F:12:75:F4:26:13:CC:41:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D9FC200ADFD04AABE72396929C5D43B0ABB82B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Mon 30 Jun 2025 17:50:18 +0000
ROA not before: Mon 30 Jun 2025 17:50:18 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:9f:c2:00:ad:fd:04:aa:be:72:39:69:29:c5:d4:3b:0a:bb:82:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 17:50:18 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=083debf404c2abe5866453bb5d0423ad9db77be2b22ee0feaeb4810b37e498ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c1:64:8b:8f:bc:a7:67:47:f0:44:ab:c2:3b:
ee:dc:26:59:ff:4c:f1:9d:42:82:ca:1f:b0:22:7e:
d2:7e:e2:5b:ce:c2:66:ed:a4:2f:a2:ad:ea:48:36:
b4:58:ff:67:e1:67:2a:af:47:63:49:0c:3d:9a:d5:
ab:b3:89:2c:2a:e3:2d:d4:a4:c8:6c:e6:06:f2:f8:
99:93:61:40:d3:41:2b:ae:a0:66:c0:03:ad:d0:95:
c4:d1:d1:d8:02:31:1d:34:27:3c:2a:50:5e:aa:33:
30:39:a6:79:50:54:b8:15:32:af:e7:cf:b5:bb:00:
cc:a7:04:ad:6e:f9:51:92:90:e0:2c:03:85:8b:7e:
83:d5:bd:46:56:96:24:90:11:e7:9f:a8:58:df:bc:
d6:03:44:7f:fd:1b:38:b9:3c:3a:52:14:ab:37:27:
a5:4c:6a:91:65:a5:0e:57:a5:11:49:59:4f:58:e5:
bf:70:a0:62:09:d9:ef:28:99:1c:7c:d5:7a:19:82:
4e:55:81:3c:e0:9b:fa:35:0c:87:eb:98:41:9f:6a:
13:a8:dd:e5:86:37:fd:06:b9:01:3b:9a:91:dd:01:
e0:1e:34:de:c7:9f:14:80:56:04:bd:e4:93:2f:71:
15:8e:0d:5f:ed:ab:0b:30:e0:43:75:91:bc:93:af:
41:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D9:DB:EF:F8:29:F3:E2:26:FB:85:9F:12:75:F4:26:13:CC:41:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
65:fa:b5:6f:60:e3:f0:3e:78:80:0f:a8:fd:45:f3:0f:0b:e2:
37:97:91:10:7a:5e:26:e8:b1:ee:4a:50:27:df:9e:8a:f8:6b:
58:20:e9:46:9f:10:71:19:fc:09:82:4c:55:91:98:4d:93:5e:
92:f8:15:0d:24:75:0b:ad:d0:62:71:a9:72:7c:d7:39:7a:fc:
58:3e:e0:11:4e:a1:9c:2a:83:98:3c:f7:d9:6d:b7:31:7a:de:
d8:3c:3f:0d:02:6f:81:d9:4f:5e:cd:e3:c0:e2:56:00:dd:25:
c5:c8:69:28:85:16:26:f0:bd:d9:7a:84:fe:b1:ad:46:0b:4c:
b9:cf:3f:28:37:1d:4a:d5:ed:c2:1e:13:1c:f4:18:0a:83:e7:
d8:c9:4b:10:b9:23:61:4e:7b:03:b4:c1:98:3d:f5:f3:c5:1b:
87:ad:54:d5:0e:6d:5c:20:c1:3b:d7:5f:38:04:a1:ab:c0:2c:
fa:78:46:ba:4c:e1:5e:87:03:f8:55:1e:29:75:b3:02:7d:70:
a2:7d:a5:1a:58:0b:61:b0:2f:86:21:f6:6e:ae:12:d0:0b:4c:
0d:8c:ed:02:86:26:af:8e:3d:15:31:a0:30:11:fe:7e:ae:00:
e5:cf:42:94:53:58:29:ef:22:b9:fb:25:b6:55:59:9a:9b:a3:
78:b9:c5:72
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPZ/CAK39BKq+cjlpKcXUOwq7grQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxNzUwMThaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4M2RlYmY0MDRjMmFiZTU4NjY0NTNiYjVkMDQyM2FkOWRiNzdiZTJiMjJl
ZTBmZWFlYjQ4MTBiMzdlNDk4Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLBZIuPvKdnR/BEq8I77twmWf9M8Z1CgsofsCJ+0n7iW87CZu2kL6Kt6kg2
tFj/Z+FnKq9HY0kMPZrVq7OJLCrjLdSkyGzmBvL4mZNhQNNBK66gZsADrdCVxNHR
2AIxHTQnPCpQXqozMDmmeVBUuBUyr+fPtbsAzKcErW75UZKQ4CwDhYt+g9W9RlaW
JJAR55+oWN+81gNEf/0bOLk8OlIUqzcnpUxqkWWlDlelEUlZT1jlv3CgYgnZ7yiZ
HHzVehmCTlWBPOCb+jUMh+uYQZ9qE6jd5YY3/Qa5ATuakd0B4B403sefFIBWBL3k
ky9xFY4NX+2rCzDgQ3WRvJOvQVsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSC2dvv
+Cnz4ib7hZ8SdfQmE8xBtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEAZfq1b2Dj8D54gA+o/UXzDwviN5eREHpeJuix7kpQ
J9+eivhrWCDpRp8QcRn8CYJMVZGYTZNekvgVDSR1C63QYnGpcnzXOXr8WD7gEU6h
nCqDmDz32W23MXre2Dw/DQJvgdlPXs3jwOJWAN0lxchpKIUWJvC92XqE/rGtRgtM
uc8/KDcdStXtwh4THPQYCoPn2MlLELkjYU57A7TBmD3188Ubh61U1Q5tXCDBO9df
OAShq8As+nhGukzhXocD+FUeKXWzAn1won2lGlgLYbAvhiH2bq4S0AtMDYztAoYm
r449FTGgMBH+fq4A5c9ClFNYKe8iufsltlVZmpujeLnFcg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:34 2025 by rpki-client