Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
File: 216f72e9-3c9a-414e-a688-ee99e3f2e840.roa (raw, json)
Hash identifier: OeFWUFaZjklDr3fPVjVhm5YGmDQ6Tw4VzMqKfSJLWAk=
Subject key identifier: 57:7E:28:95:BA:08:AE:AE:B9:20:3E:B8:89:06:06:C1:4E:69:68:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C66A092E493FAF2228FB0B17C904607C43B68D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
Signing time: Mon 30 Jun 2025 17:50:12 +0000
ROA not before: Mon 30 Jun 2025 17:50:12 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.220.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:66:a0:92:e4:93:fa:f2:22:8f:b0:b1:7c:90:46:07:c4:3b:68:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 17:50:12 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=e60a8d876e3b9c26e8ae469eec7a41aa3e30b3c6edea1761891c87df15028dc2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c5:47:fb:9b:fa:4a:60:37:1a:e5:2a:69:d8:
4f:2c:25:4d:a6:eb:ab:36:ff:ea:66:30:9d:3d:d0:
62:6e:6c:a6:40:0b:6f:88:64:52:71:be:87:0e:21:
42:4d:14:73:44:5a:96:64:b0:d8:81:8e:1b:7a:82:
32:a1:19:56:fc:7d:f0:46:83:37:4b:db:a9:00:9c:
a5:7e:b8:8d:a8:a3:19:c3:2f:d7:25:67:d8:9e:da:
4a:1b:0f:51:28:39:dc:b0:c7:69:a6:e3:2c:9d:00:
d9:3c:36:e4:0e:d3:98:45:2b:fe:a8:7b:79:b9:47:
bb:d1:02:79:09:f0:bb:72:85:84:11:8a:cf:53:af:
13:80:ad:1b:21:b5:42:8a:6a:de:6b:12:80:dc:c0:
4e:59:9c:ea:a8:29:ec:69:57:a8:6d:68:42:2e:2b:
59:85:9a:53:9e:1e:f9:0c:24:6b:b0:c3:45:70:36:
a6:49:c3:7e:cf:04:85:75:43:b8:1d:d5:24:d1:07:
3f:61:cd:04:85:63:d2:c5:b0:7f:55:5e:5c:e6:5e:
23:85:34:5b:c1:b0:1a:08:6e:88:ef:34:ac:59:dc:
cf:6d:fd:03:99:29:ca:fe:df:1c:71:67:0e:f7:0c:
2d:65:07:68:71:d1:85:ee:b7:0a:8c:c7:a5:3f:29:
34:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:7E:28:95:BA:08:AE:AE:B9:20:3E:B8:89:06:06:C1:4E:69:68:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.220.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:6a:ab:93:d1:5d:23:ad:a2:f8:b9:43:40:9a:06:c9:c4:0d:
37:63:66:aa:70:cb:7a:21:86:70:4e:c1:52:81:85:9d:fd:8d:
18:f4:38:d5:1d:e5:fb:b4:0b:bd:3b:1a:6e:ec:5f:93:be:60:
9d:12:7a:54:ed:ed:a3:79:39:63:67:c9:36:a3:ba:c7:2a:ac:
72:c1:cf:7b:16:e1:3b:7c:d2:90:df:d5:94:17:69:20:cd:0e:
98:1d:5f:64:bd:13:88:ef:6b:fd:c2:bd:34:f9:29:5a:e7:ea:
78:1f:d7:81:00:f7:36:04:f2:b0:02:91:b3:88:0f:ee:79:ff:
4e:d4:8e:14:6b:ce:6d:ac:c4:ff:da:8e:19:90:0d:69:fa:ab:
dd:fb:ec:90:b5:8f:af:b7:2a:6f:1a:e5:65:35:c6:46:eb:58:
89:ca:e0:60:94:93:08:c0:6c:39:e3:42:0f:d5:d3:c1:91:cd:
93:6f:37:33:9c:03:ff:86:52:9b:0d:02:f7:f9:45:86:27:9f:
7d:44:66:08:19:54:d3:6b:34:47:cb:72:9e:a6:4c:70:2b:f1:
19:2a:35:ec:3a:46:6c:21:db:9c:ba:70:d2:c2:98:5e:ca:9a:
6d:f5:e5:a6:fb:6b:3f:a0:fd:68:05:a4:49:12:fa:c9:05:ea:
46:c6:56:dc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULGagkuST+vIij7CxfJBGB8Q7aNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxNzUwMTJaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2MGE4ZDg3NmUzYjljMjZlOGFlNDY5ZWVjN2E0MWFhM2UzMGIzYzZlZGVh
MTc2MTg5MWM4N2RmMTUwMjhkYzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzFR/ub+kpgNxrlKmnYTywlTabrqzb/6mYwnT3QYm5spkALb4hkUnG+hw4h
Qk0Uc0RalmSw2IGOG3qCMqEZVvx98EaDN0vbqQCcpX64jaijGcMv1yVn2J7aShsP
USg53LDHaabjLJ0A2Tw25A7TmEUr/qh7eblHu9ECeQnwu3KFhBGKz1OvE4CtGyG1
Qopq3msSgNzATlmc6qgp7GlXqG1oQi4rWYWaU54e+Qwka7DDRXA2pknDfs8EhXVD
uB3VJNEHP2HNBIVj0sWwf1VeXOZeI4U0W8GwGghuiO80rFncz239A5kpyv7fHHFn
DvcMLWUHaHHRhe63CozHpT8pNBcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRXfiiV
ugiurrkgPriJBgbBTmlo1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE2ZjcyZTktM2M5YS00MTRlLWE2ODgtZWU5OWUzZjJlODQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6J3DAN
BgkqhkiG9w0BAQsFAAOCAQEAqmqrk9FdI62i+LlDQJoGycQNN2NmqnDLeiGGcE7B
UoGFnf2NGPQ41R3l+7QLvTsabuxfk75gnRJ6VO3to3k5Y2fJNqO6xyqscsHPexbh
O3zSkN/VlBdpIM0OmB1fZL0TiO9r/cK9NPkpWufqeB/XgQD3NgTysAKRs4gP7nn/
TtSOFGvObazE/9qOGZANafqr3fvskLWPr7cqbxrlZTXGRutYicrgYJSTCMBsOeNC
D9XTwZHNk283M5wD/4ZSmw0C9/lFhieffURmCBlU02s0R8tynqZMcCvxGSo17DpG
bCHbnLpw0sKYXsqabfXlpvtrP6D9aAWkSRL6yQXqRsZW3A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:45 2025 by rpki-client