Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
File: 27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa (raw, json)
Hash identifier: DV3T6FeDKy+JanFxQgXXYMkILTG8xfdpppJmW88NszY=
Subject key identifier: 85:AE:4D:8C:B5:57:A5:51:C2:D9:B7:83:F5:C8:37:48:34:A1:0A:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76B91692D485FF204716B15C6D6F031633B95249
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
Signing time: Mon 30 Jun 2025 18:00:37 +0000
ROA not before: Mon 30 Jun 2025 18:00:37 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:b9:16:92:d4:85:ff:20:47:16:b1:5c:6d:6f:03:16:33:b9:52:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:37 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=e7fb1212a9e6522572b68a2d289bbc8d6a613c0a1042dea9e2ea500051a8c498, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:95:51:5f:4d:03:0b:97:f6:45:29:88:56:18:
52:5c:dd:df:54:a8:91:75:c4:bf:6f:1a:0f:3d:d6:
8f:58:64:92:f2:73:c0:4f:30:a0:83:3b:1a:0c:0f:
40:48:cd:5c:e8:26:92:88:4d:5b:a6:56:e7:76:b3:
80:d6:81:79:4d:ee:9e:8e:88:92:7e:7e:ba:5d:92:
54:f2:19:38:81:8e:61:0e:6a:c1:1e:a9:e5:6d:06:
5a:aa:c6:3e:ed:59:62:30:66:0e:9a:b8:97:f1:c1:
af:68:d6:2e:bf:d6:b1:48:86:af:01:12:26:2c:b4:
48:76:ae:38:58:b6:ae:b8:95:20:47:a3:1f:f0:67:
01:54:8f:d4:06:9c:75:59:7a:8c:08:7a:65:f7:e8:
0f:9d:fa:ac:73:2f:c0:02:e4:8c:6f:3a:f9:e1:95:
eb:e9:6f:c6:9f:75:b7:b7:29:f4:a3:21:cc:0e:be:
a3:c4:49:22:2b:19:da:4c:f6:93:4d:ed:51:b6:fb:
9c:b8:21:ee:25:af:23:fa:8b:1f:b7:54:dd:60:45:
ac:1a:ae:bd:25:96:db:e0:f0:35:6a:1c:0b:82:67:
21:d5:58:a9:8f:26:8a:a9:4d:61:27:ec:35:57:ec:
82:c3:b5:60:bb:61:b0:64:98:32:78:93:96:35:de:
40:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AE:4D:8C:B5:57:A5:51:C2:D9:B7:83:F5:C8:37:48:34:A1:0A:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.176.0/20
Signature Algorithm: sha256WithRSAEncryption
33:18:92:c4:93:b6:6b:bd:ee:b2:74:da:34:20:48:db:f1:1e:
b2:8f:11:c2:23:c8:75:de:cd:76:c4:a7:b6:a3:cd:5a:38:0e:
4e:53:4b:4f:33:7d:a1:e7:ee:b2:d5:2a:4f:05:ec:0d:da:79:
7c:11:5d:a3:6b:93:03:5d:1f:46:8d:4d:32:a6:12:db:4e:ec:
4e:3b:f2:09:11:53:c3:c7:73:53:3c:ca:e0:fa:86:03:7b:7f:
d1:b0:fc:e7:cc:ac:8c:c1:67:1a:30:7b:ac:7f:9d:11:d3:e3:
24:60:20:df:d4:89:c4:7c:5f:6c:47:8d:8d:12:10:2e:57:c6:
a5:6e:6d:9d:c5:18:36:96:20:50:64:3e:ce:f3:b3:18:eb:a2:
5b:74:ae:a5:16:ac:e2:f0:91:e9:97:e6:06:65:6f:3b:3e:fd:
c1:82:ca:cc:a6:a0:27:9e:27:36:0d:76:1a:4d:f4:66:c5:6a:
89:80:bb:49:f5:38:46:22:28:cf:21:c5:9f:12:80:8e:56:22:
1a:04:64:66:4c:36:05:b4:cc:74:8d:54:32:38:c8:10:15:50:
ac:5e:e2:61:12:fb:41:0d:fd:3c:fc:9c:49:96:9f:38:cc:54:
e2:09:e5:78:1b:e2:f3:86:15:67:ff:39:e7:3e:c6:66:89:af:
6a:fc:d0:13
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdrkWktSF/yBHFrFcbW8DFjO5UkkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMzdaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ZmIxMjEyYTllNjUyMjU3MmI2OGEyZDI4OWJiYzhkNmE2MTNjMGExMDQy
ZGVhOWUyZWE1MDAwNTFhOGM0OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqVUV9NAwuX9kUpiFYYUlzd31SokXXEv28aDz3Wj1hkkvJzwE8woIM7GgwP
QEjNXOgmkohNW6ZW53azgNaBeU3uno6Ikn5+ul2SVPIZOIGOYQ5qwR6p5W0GWqrG
Pu1ZYjBmDpq4l/HBr2jWLr/WsUiGrwESJiy0SHauOFi2rriVIEejH/BnAVSP1Aac
dVl6jAh6ZffoD536rHMvwALkjG86+eGV6+lvxp91t7cp9KMhzA6+o8RJIisZ2kz2
k03tUbb7nLgh7iWvI/qLH7dU3WBFrBquvSWW2+DwNWocC4JnIdVYqY8miqlNYSfs
NVfsgsO1YLthsGSYMniTljXeQNUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSFrk2M
tVelUcLZt4P1yDdINKEKwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjdkMjc0MzItYjU0Mi00YWFkLWIzYTQtZGFmMmEwYTliYjVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zsDAN
BgkqhkiG9w0BAQsFAAOCAQEAMxiSxJO2a73usnTaNCBI2/Eeso8RwiPIdd7NdsSn
tqPNWjgOTlNLTzN9oefustUqTwXsDdp5fBFdo2uTA10fRo1NMqYS207sTjvyCRFT
w8dzUzzK4PqGA3t/0bD858ysjMFnGjB7rH+dEdPjJGAg39SJxHxfbEeNjRIQLlfG
pW5tncUYNpYgUGQ+zvOzGOuiW3SupRas4vCR6ZfmBmVvOz79wYLKzKagJ54nNg12
Gk30ZsVqiYC7SfU4RiIozyHFnxKAjlYiGgRkZkw2BbTMdI1UMjjIEBVQrF7iYRL7
QQ39PPycSZafOMxU4gnleBvi84YVZ/855z7GZomvavzQEw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:15 2025 by rpki-client