Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
File: 46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa (raw, json)
Hash identifier: SIJuqtH8Kg1YSJdwPyOgfYc489Awh4waq4qHKu5YvIQ=
Subject key identifier: 4D:5A:25:0A:88:85:F1:FF:1A:9C:48:EE:77:E0:2C:30:16:AA:03:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 710F76651424B2986BAE78D3014BC4037A2DC19E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
Signing time: Mon 30 Jun 2025 18:00:09 +0000
ROA not before: Mon 30 Jun 2025 18:00:09 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:0f:76:65:14:24:b2:98:6b:ae:78:d3:01:4b:c4:03:7a:2d:c1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:09 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=75ae45097613bde3511020f3eddab31f060f213885cfcbf71eef27564cfcec75, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c7:72:f1:6a:cb:3d:70:b3:95:bf:30:75:e6:
93:35:21:6d:8a:c2:fb:82:2c:f2:e7:34:28:8f:01:
a4:93:ff:18:8e:de:e8:ac:e5:b7:71:d3:1c:19:3f:
f0:df:09:48:02:34:19:5b:c5:cc:58:d3:75:94:17:
c5:7a:a4:72:1b:03:4c:12:07:51:52:aa:54:47:3e:
34:a4:55:cb:f0:d7:55:57:52:ec:0f:b5:83:76:4e:
a9:e4:ca:ea:be:42:16:c6:b8:ca:50:e0:6e:08:93:
26:87:13:2d:b3:78:ff:66:a4:df:39:e3:f3:57:00:
bb:7e:11:32:76:29:e8:77:91:e7:fa:60:80:b2:68:
a8:6a:43:fb:4a:e0:01:da:ac:ae:13:d3:14:92:77:
5f:6f:e0:e3:95:dc:31:ed:ad:19:52:6b:49:5b:6c:
0e:e8:14:5d:c3:ba:ac:85:38:55:af:20:4b:ab:a7:
69:9c:15:3a:99:be:e5:53:b3:40:60:3e:be:16:1a:
0b:69:a4:33:66:1e:85:aa:d8:9a:46:66:da:31:63:
de:f7:02:c8:47:8f:c1:5b:91:27:5e:b4:78:c1:4a:
c7:0a:72:93:54:80:b3:3d:13:dd:fa:85:e4:40:9e:
81:26:87:7a:33:f4:cd:c7:40:10:84:b5:a1:59:9a:
23:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5A:25:0A:88:85:F1:FF:1A:9C:48:EE:77:E0:2C:30:16:AA:03:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/19
Signature Algorithm: sha256WithRSAEncryption
73:15:0d:b6:ad:83:1e:a7:03:b3:76:36:ed:46:50:20:92:10:
f2:8d:56:42:fd:48:10:2c:b4:32:b1:de:39:5d:d2:31:9c:59:
b2:81:56:d5:8e:63:d5:99:36:aa:ff:e0:2e:89:d2:8d:40:20:
22:ee:65:a8:43:23:99:50:b5:39:a1:ad:6a:99:1e:ab:b1:c7:
c6:39:54:cc:45:0b:95:38:aa:c4:01:4d:c9:4a:a9:b4:85:0b:
11:d2:56:2d:db:89:0d:8f:7d:30:a8:30:99:bb:46:5a:6a:54:
5b:4c:45:b7:7d:2e:ac:75:a8:f8:4c:98:f5:4d:2d:75:4e:64:
b2:34:b4:e6:c4:38:b9:0b:e8:a5:59:5d:03:4b:5e:3d:b4:fa:
77:5d:05:59:56:ac:19:ed:0d:1e:60:de:d5:fb:83:af:19:f4:
6e:f7:20:92:4b:9e:d8:56:40:3c:af:4e:7e:36:56:e7:82:36:
63:04:53:22:cd:2e:10:ec:ef:55:bb:f3:ed:97:6e:6b:28:8a:
b1:48:e3:f4:ea:c5:a6:7c:2d:fc:f7:94:73:8c:db:b4:f3:5a:
ac:15:a4:6d:06:eb:03:bf:d6:f4:84:14:81:63:4a:a2:80:01:
a4:11:70:80:6e:2b:e1:c8:24:8c:87:45:2e:d8:99:0f:81:b5:
72:24:18:61
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcQ92ZRQksphrrnjTAUvEA3otwZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMDlaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1YWU0NTA5NzYxM2JkZTM1MTEwMjBmM2VkZGFiMzFmMDYwZjIxMzg4NWNm
Y2JmNzFlZWYyNzU2NGNmY2VjNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/HcvFqyz1ws5W/MHXmkzUhbYrC+4Is8uc0KI8BpJP/GI7e6Kzlt3HTHBk/
8N8JSAI0GVvFzFjTdZQXxXqkchsDTBIHUVKqVEc+NKRVy/DXVVdS7A+1g3ZOqeTK
6r5CFsa4ylDgbgiTJocTLbN4/2ak3znj81cAu34RMnYp6HeR5/pggLJoqGpD+0rg
AdqsrhPTFJJ3X2/g45XcMe2tGVJrSVtsDugUXcO6rIU4Va8gS6unaZwVOpm+5VOz
QGA+vhYaC2mkM2YeharYmkZm2jFj3vcCyEePwVuRJ160eMFKxwpyk1SAsz0T3fqF
5ECegSaHejP0zcdAEIS1oVmaI0ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRNWiUK
iIXx/xqcSO534CwwFqoDDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDZhMjFmZjgtNGRlYS00ZGE0LWEyNzYtNmI0MjRkNGUzYmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEAcxUNtq2DHqcDs3Y27UZQIJIQ8o1WQv1IECy0MrHe
OV3SMZxZsoFW1Y5j1Zk2qv/gLonSjUAgIu5lqEMjmVC1OaGtapkeq7HHxjlUzEUL
lTiqxAFNyUqptIULEdJWLduJDY99MKgwmbtGWmpUW0xFt30urHWo+EyY9U0tdU5k
sjS05sQ4uQvopVldA0tePbT6d10FWVasGe0NHmDe1fuDrxn0bvcgkkue2FZAPK9O
fjZW54I2YwRTIs0uEOzvVbvz7ZduayiKsUjj9OrFpnwt/PeUc4zbtPNarBWkbQbr
A7/W9IQUgWNKooABpBFwgG4r4cgkjIdFLtiZD4G1ciQYYQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:30 2025 by rpki-client