Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
File: 2c6881bd-10fc-4994-83fe-43244d2b078a.roa (raw, json)
Hash identifier: ZtYX6pQrSvgsoZb0whHZgcxtI9boDbLZb7L6NN2gnZY=
Subject key identifier: 6B:92:2B:EB:31:A3:85:17:23:76:F9:A4:15:4B:CD:2D:A5:09:E4:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CF6662F7813601E28028897DBAA2F812724C7A8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
Signing time: Mon 30 Jun 2025 18:00:12 +0000
ROA not before: Mon 30 Jun 2025 18:00:12 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.80.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:f6:66:2f:78:13:60:1e:28:02:88:97:db:aa:2f:81:27:24:c7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:12 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=d6a163c17813d55dc65a360009ea66e3ee5500c870fb5e3228d273339f0c1da7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:83:5b:cf:21:ef:ce:9b:5e:d7:56:d0:51:1a:
1e:c2:ee:a8:9d:4a:42:49:9f:f5:78:6c:de:9c:ab:
f8:96:78:90:4a:41:f5:be:61:7d:7d:15:b4:44:9f:
aa:b5:b2:75:34:a7:57:50:30:d2:57:49:f3:cd:00:
62:04:90:aa:0e:db:21:5d:b9:93:fb:64:e6:76:e2:
e8:e1:d4:fd:b2:16:aa:39:97:f8:d5:ef:5b:35:d1:
0f:7a:0b:58:09:b2:68:df:e3:42:e0:04:fd:ca:38:
42:21:50:f2:72:e3:55:ef:4b:e9:a2:71:f0:b5:cb:
77:09:44:4a:db:e0:22:d6:da:9a:b0:aa:b0:e2:c5:
b7:40:e9:fe:c5:17:b4:41:ab:1d:de:0d:28:66:05:
ad:de:25:a4:c0:aa:0d:74:1a:a0:4e:38:5b:e9:84:
8a:65:5c:e8:1a:9c:fb:5b:0c:06:dd:67:12:2d:06:
30:01:3d:8a:8b:eb:3d:ac:ee:64:3a:f8:88:27:1d:
a3:60:20:48:71:dc:df:e3:43:7c:b6:91:ff:bd:a4:
ce:e3:bf:0f:2b:d2:54:3e:b7:28:64:f1:df:82:37:
92:2c:9c:04:a1:23:3e:46:02:81:bf:68:87:8b:df:
34:f7:17:4a:3e:5c:d1:72:f0:c8:c3:ce:f4:d6:8b:
08:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:92:2B:EB:31:A3:85:17:23:76:F9:A4:15:4B:CD:2D:A5:09:E4:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.80.0/20
Signature Algorithm: sha256WithRSAEncryption
70:cc:74:1a:9d:59:30:00:ab:af:4b:21:53:e3:58:5f:e9:53:
80:25:5b:01:80:94:28:eb:a9:0c:78:26:51:e2:a1:4f:f9:77:
ba:76:e1:3a:83:de:19:12:63:2e:09:7d:7a:79:c8:22:ed:f9:
1c:d7:cc:65:f2:65:c0:9f:a4:32:53:3a:19:db:ed:61:4a:19:
fd:8f:e9:c3:ca:86:27:6a:b1:62:d0:db:60:f3:2d:e6:7f:89:
62:cf:cc:9e:59:97:5f:22:4d:bc:73:e8:d7:f6:8e:f0:3a:e7:
98:1a:07:74:91:94:4f:07:5a:0b:9d:0f:bf:c8:91:ab:19:93:
b0:6f:45:50:9f:30:1f:99:a7:f6:38:13:80:2d:09:29:a7:2e:
29:9b:d5:5e:14:de:64:72:db:31:89:0c:f7:98:d6:4c:b4:70:
64:cd:5b:93:b4:6e:2c:29:9b:fe:cc:c9:9c:d9:77:4a:e6:88:
20:49:65:0d:c5:ae:62:d2:09:23:4d:7f:dc:65:00:7d:5a:e9:
ab:06:54:af:73:83:09:4a:42:49:14:db:0e:42:d6:97:4d:2c:
0b:18:55:59:8d:49:65:a0:9d:bd:e0:10:f7:d9:35:b2:3d:18:
8a:9f:08:dc:10:74:b2:65:26:19:51:a1:e0:9b:43:95:28:5e:
7b:5c:63:04
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTPZmL3gTYB4oAoiX26ovgSckx6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMTJaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2YTE2M2MxNzgxM2Q1NWRjNjVhMzYwMDA5ZWE2NmUzZWU1NTAwYzg3MGZi
NWUzMjI4ZDI3MzMzOWYwYzFkYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmDW88h786bXtdW0FEaHsLuqJ1KQkmf9Xhs3pyr+JZ4kEpB9b5hfX0VtESf
qrWydTSnV1Aw0ldJ880AYgSQqg7bIV25k/tk5nbi6OHU/bIWqjmX+NXvWzXRD3oL
WAmyaN/jQuAE/co4QiFQ8nLjVe9L6aJx8LXLdwlEStvgItbamrCqsOLFt0Dp/sUX
tEGrHd4NKGYFrd4lpMCqDXQaoE44W+mEimVc6Bqc+1sMBt1nEi0GMAE9iovrPazu
ZDr4iCcdo2AgSHHc3+NDfLaR/72kzuO/DyvSVD63KGTx34I3kiycBKEjPkYCgb9o
h4vfNPcXSj5c0XLwyMPO9NaLCAUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRrkivr
MaOFFyN2+aQVS80tpQnklzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM2ODgxYmQtMTBmYy00OTk0LTgzZmUtNDMyNDRkMmIwNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JUDAN
BgkqhkiG9w0BAQsFAAOCAQEAcMx0Gp1ZMACrr0shU+NYX+lTgCVbAYCUKOupDHgm
UeKhT/l3unbhOoPeGRJjLgl9ennIIu35HNfMZfJlwJ+kMlM6GdvtYUoZ/Y/pw8qG
J2qxYtDbYPMt5n+JYs/MnlmXXyJNvHPo1/aO8DrnmBoHdJGUTwdaC50Pv8iRqxmT
sG9FUJ8wH5mn9jgTgC0JKacuKZvVXhTeZHLbMYkM95jWTLRwZM1bk7RuLCmb/szJ
nNl3SuaIIEllDcWuYtIJI01/3GUAfVrpqwZUr3ODCUpCSRTbDkLWl00sCxhVWY1J
ZaCdveAQ99k1sj0Yip8I3BB0smUmGVGh4JtDlShee1xjBA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:44 2025 by rpki-client