Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
File: 07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa (raw, json)
Hash identifier: VNBOo4REOcJpB3DNi4GX5BwueihqUhsEEW9PFRqlNY8=
Subject key identifier: 03:87:03:76:B6:43:55:AD:7E:A3:47:4D:90:17:E8:45:F2:01:4E:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F7E1FD8E3E5673454B58477966E9EAA83657EF0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
Signing time: Mon 30 Jun 2025 18:00:10 +0000
ROA not before: Mon 30 Jun 2025 18:00:10 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:7e:1f:d8:e3:e5:67:34:54:b5:84:77:96:6e:9e:aa:83:65:7e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:10 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=ec7a2fd80dcb7d0fe06c8c40ed1654780707d5c7d7824d62478190b434814d1d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ec:dd:81:a6:25:2e:47:ce:e9:d0:b3:22:58:
4b:25:a5:8e:34:91:2f:98:ba:0c:69:71:80:d2:90:
ad:6c:0c:4c:c4:fe:b2:33:f2:a3:ca:8a:ee:d3:37:
98:7f:2f:5c:53:9b:9f:6f:16:f2:1c:8b:c0:2e:9e:
c3:66:80:24:df:22:ba:46:24:bf:96:20:d5:76:d9:
5a:3a:60:e8:a4:c6:76:65:21:fa:9d:0f:a6:ea:1e:
e8:33:74:8f:ac:6c:fd:ad:12:be:84:35:73:ae:39:
c5:66:af:0b:2b:62:23:4e:7b:a7:ea:45:56:7d:96:
20:34:df:a2:4e:f5:f1:7f:27:9b:26:6b:08:ae:34:
5b:d7:60:5e:03:31:2f:3c:44:aa:a4:5f:7f:a4:7d:
91:2e:8f:3b:05:87:98:ea:ac:c4:06:75:de:b9:b6:
91:46:85:02:07:db:72:7c:3e:2c:ff:9e:40:43:13:
c5:5b:4a:ff:52:64:e1:ed:89:bb:ef:a4:8c:09:a6:
20:82:b4:05:63:3b:ba:d6:88:84:60:1c:d0:f8:2f:
24:ad:0f:5c:e7:ee:db:cd:6f:5f:b8:59:90:10:b9:
89:6a:65:a5:f2:a1:b7:9a:aa:cc:b1:a1:2f:9c:b4:
97:df:37:87:ec:25:a1:6d:b7:86:a4:34:3d:57:eb:
b6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:87:03:76:B6:43:55:AD:7E:A3:47:4D:90:17:E8:45:F2:01:4E:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:34:00:aa:65:51:d5:cf:db:a3:cb:b9:4a:f0:bb:24:0d:fc:
e5:a5:30:7b:04:2b:e3:9e:29:c7:e5:ca:cc:1c:2a:89:fa:85:
0d:05:90:da:7b:bd:12:bc:18:10:75:e3:28:e1:da:e6:36:d6:
21:62:20:11:39:43:b4:af:46:2f:80:12:4e:7c:58:f2:56:23:
39:d1:70:18:75:30:69:ea:93:e3:74:de:4b:75:88:73:01:e3:
81:8a:27:9b:60:26:60:c8:c7:99:f4:30:87:4f:9d:93:57:3f:
b3:87:43:c5:3e:e1:d8:bc:da:83:af:69:90:e9:28:6f:48:bd:
f3:e4:22:1d:c2:7c:5b:88:f0:c8:26:98:c7:b5:8f:c6:e5:de:
a3:b0:d8:93:e6:b7:1c:e4:23:20:69:3c:c0:e4:46:9b:18:76:
25:c7:8a:24:3e:2f:44:a6:c3:22:ef:87:a9:35:52:01:97:b9:
78:34:a5:66:3e:f7:af:d6:89:b4:12:cf:ff:e8:ee:36:94:b2:
e2:a1:0b:0b:94:e6:ca:fa:3c:b9:b8:b6:fa:32:a0:1d:90:e1:
05:1a:a0:d6:9c:8f:25:72:92:a6:72:99:b6:64:dd:9e:c1:8c:
f4:c1:58:4d:81:f4:7f:bb:67:a9:f0:83:a4:27:c9:91:f2:34:
cb:27:75:82
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb34f2OPlZzRUtYR3lm6eqoNlfvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMTBaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjN2EyZmQ4MGRjYjdkMGZlMDZjOGM0MGVkMTY1NDc4MDcwN2Q1YzdkNzgy
NGQ2MjQ3ODE5MGI0MzQ4MTRkMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzs3YGmJS5HzunQsyJYSyWljjSRL5i6DGlxgNKQrWwMTMT+sjPyo8qK7tM3
mH8vXFObn28W8hyLwC6ew2aAJN8iukYkv5Yg1XbZWjpg6KTGdmUh+p0Ppuoe6DN0
j6xs/a0SvoQ1c645xWavCytiI057p+pFVn2WIDTfok718X8nmyZrCK40W9dgXgMx
LzxEqqRff6R9kS6POwWHmOqsxAZ13rm2kUaFAgfbcnw+LP+eQEMTxVtK/1Jk4e2J
u++kjAmmIIK0BWM7utaIhGAc0PgvJK0PXOfu281vX7hZkBC5iWplpfKht5qqzLGh
L5y0l983h+wloW23hqQ0PVfrtv8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQDhwN2
tkNVrX6jR02QF+hF8gFOrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDcxNDRmMzgtZWQ0Ni00MGJjLWEzZWQtMzA3ODVjMGNjM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JsDAN
BgkqhkiG9w0BAQsFAAOCAQEAmjQAqmVR1c/bo8u5SvC7JA385aUwewQr454px+XK
zBwqifqFDQWQ2nu9ErwYEHXjKOHa5jbWIWIgETlDtK9GL4ASTnxY8lYjOdFwGHUw
aeqT43TeS3WIcwHjgYonm2AmYMjHmfQwh0+dk1c/s4dDxT7h2Lzag69pkOkob0i9
8+QiHcJ8W4jwyCaYx7WPxuXeo7DYk+a3HOQjIGk8wORGmxh2JceKJD4vRKbDIu+H
qTVSAZe5eDSlZj73r9aJtBLP/+juNpSy4qELC5Tmyvo8ubi2+jKgHZDhBRqg1pyP
JXKSpnKZtmTdnsGM9MFYTYH0f7tnqfCDpCfJkfI0yyd1gg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:41 2025 by rpki-client