Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/18d47c03-cff3-4fc4-bd85-07c1063f7047.roa
File: 18d47c03-cff3-4fc4-bd85-07c1063f7047.roa (raw, json)
Hash identifier: kfU0cHi4rEp45OtZ6UYWa2Np0MBl+HnL338epVTzlNc=
Subject key identifier: B1:C2:EC:BA:92:AE:DE:45:EB:DE:2D:0C:92:E2:DC:D4:E4:9C:59:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12A5CAC791141139B3266E1FF9245E7589EB6E24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/18d47c03-cff3-4fc4-bd85-07c1063f7047.roa
Signing time: Mon 30 Jun 2025 18:00:41 +0000
ROA not before: Mon 30 Jun 2025 18:00:41 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:a5:ca:c7:91:14:11:39:b3:26:6e:1f:f9:24:5e:75:89:eb:6e:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:41 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=11e6c1d8f43ccc30c2ebed97d1ad4eb8896562f44d031ad225c56df4a80be022, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c3:d5:5b:66:50:ca:86:13:d5:86:de:2d:67:
78:32:31:47:19:ca:01:2c:02:04:41:f7:bb:eb:ef:
d0:cf:83:5e:0e:dd:c3:00:8f:e2:e2:f8:e8:93:03:
6d:5f:40:61:05:e3:1e:fd:5e:a5:90:31:12:cb:a7:
2a:29:65:b6:f5:9c:0e:50:50:74:d4:b3:10:15:87:
36:4b:33:e3:94:54:cc:6c:f0:29:b4:57:dd:d8:d6:
8d:3c:9c:ab:dd:11:69:9b:a8:0e:98:b9:04:40:49:
13:73:7f:b1:96:f3:2a:d1:74:bf:ce:cd:7b:59:c1:
7c:4d:37:17:ca:3c:66:23:84:8c:26:59:b8:a5:6b:
fa:c0:d7:74:0a:04:77:8b:bd:8c:ed:71:3d:6a:f3:
99:38:f2:94:47:6a:ac:2b:f6:f4:12:cc:27:ee:5a:
ff:6a:79:73:33:8d:e1:f6:f2:85:1c:1b:ea:68:dc:
80:9d:ab:75:6c:6f:78:df:e8:bb:f2:d2:42:ff:e4:
01:78:4b:b0:a3:b1:47:3f:1a:50:19:40:ad:47:7a:
11:e3:a9:92:b3:91:88:5f:a0:44:45:58:6e:78:47:
84:d4:a8:2d:8e:c9:98:32:4b:00:dc:86:de:4c:bf:
b2:65:c2:6a:b7:23:69:39:4b:2b:19:ab:ef:c8:8b:
79:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C2:EC:BA:92:AE:DE:45:EB:DE:2D:0C:92:E2:DC:D4:E4:9C:59:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/18d47c03-cff3-4fc4-bd85-07c1063f7047.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/19
Signature Algorithm: sha256WithRSAEncryption
83:40:d1:70:60:70:a6:7a:5e:b5:69:e0:01:0d:63:69:7f:ca:
ec:8b:8a:a0:52:38:c6:a2:ee:ee:27:d0:d8:d7:f9:86:12:51:
d8:d5:f8:3f:6f:44:94:3a:c3:29:80:62:32:ab:3b:3f:53:07:
5b:39:f3:98:21:3d:39:c7:63:5d:c6:51:12:54:7b:fe:d4:b2:
79:cd:33:52:01:ac:f5:8e:55:d3:0f:59:36:bb:dd:68:dc:48:
cf:2c:4a:56:fb:7c:6d:ea:27:1f:a8:b0:bd:19:7a:03:c5:33:
33:08:a3:57:19:6a:8f:27:fe:2c:bc:b5:86:26:04:39:47:e9:
d9:59:af:b5:91:6e:c1:86:d4:4b:79:02:8d:fe:bd:99:55:1a:
f3:7a:0e:1b:55:04:ce:9d:2b:49:f5:dc:08:78:53:f4:f3:f4:
22:d0:37:40:5b:8c:6b:53:2c:50:8b:2d:fe:33:fc:57:d1:25:
0d:b8:61:2c:cd:3c:1a:50:28:08:94:ad:43:4f:3d:01:54:64:
5c:ed:05:44:41:67:81:64:a1:e3:be:a0:6c:ef:6d:99:d1:6e:
c8:b8:00:86:a7:5c:db:e3:e2:47:63:c2:d9:9e:35:49:31:bd:
8b:b8:4b:34:a1:f5:1e:83:6d:b5:f6:a4:64:1a:97:30:0e:23:
50:d9:e9:ca
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEqXKx5EUETmzJm4f+SRedYnrbiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwNDFaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDExZTZjMWQ4ZjQzY2NjMzBjMmViZWQ5N2QxYWQ0ZWI4ODk2NTYyZjQ0ZDAz
MWFkMjI1YzU2ZGY0YTgwYmUwMjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3D1VtmUMqGE9WG3i1neDIxRxnKASwCBEH3u+vv0M+DXg7dwwCP4uL46JMD
bV9AYQXjHv1epZAxEsunKilltvWcDlBQdNSzEBWHNksz45RUzGzwKbRX3djWjTyc
q90RaZuoDpi5BEBJE3N/sZbzKtF0v87Ne1nBfE03F8o8ZiOEjCZZuKVr+sDXdAoE
d4u9jO1xPWrzmTjylEdqrCv29BLMJ+5a/2p5czON4fbyhRwb6mjcgJ2rdWxveN/o
u/LSQv/kAXhLsKOxRz8aUBlArUd6EeOpkrORiF+gREVYbnhHhNSoLY7JmDJLANyG
3ky/smXCarcjaTlLKxmr78iLeccCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSxwuy6
kq7eReveLQyS4tzU5JxZtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MThkNDdjMDMtY2ZmMy00ZmM0LWJkODUtMDdjMTA2M2Y3MDQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEAg0DRcGBwpnpetWngAQ1jaX/K7IuKoFI4xqLu7ifQ
2Nf5hhJR2NX4P29ElDrDKYBiMqs7P1MHWznzmCE9OcdjXcZRElR7/tSyec0zUgGs
9Y5V0w9ZNrvdaNxIzyxKVvt8beonH6iwvRl6A8UzMwijVxlqjyf+LLy1hiYEOUfp
2VmvtZFuwYbUS3kCjf69mVUa83oOG1UEzp0rSfXcCHhT9PP0ItA3QFuMa1MsUIst
/jP8V9ElDbhhLM08GlAoCJStQ089AVRkXO0FREFngWSh476gbO9tmdFuyLgAhqdc
2+PiR2PC2Z41STG9i7hLNKH1HoNttfakZBqXMA4jUNnpyg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:36:49 2025 by rpki-client