Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
File: 4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa (raw, json)
Hash identifier: zP/9qZCIB47UnnvXjfIB8iD5Qh6J57p0JPFq2Sl3O7U=
Subject key identifier: 4A:3E:CA:7D:7F:A0:18:71:62:9B:69:B9:A3:CA:F2:D6:B2:DD:A2:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 388AD0214F21BFAAAAA04529E231E918D85C817A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
Signing time: Mon 30 Jun 2025 18:00:08 +0000
ROA not before: Mon 30 Jun 2025 18:00:08 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:8a:d0:21:4f:21:bf:aa:aa:a0:45:29:e2:31:e9:18:d8:5c:81:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:08 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=176a36af8cd58ca618a9098c07ea2225da5cf8e542cebef102977de0c53dd9d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:b0:55:70:d6:a3:e7:ba:da:e4:52:f5:61:
88:fa:bf:70:0a:ea:d0:59:f8:b5:ea:8d:63:80:ef:
e5:11:1b:65:45:39:eb:49:35:b8:bb:30:0f:d9:42:
a8:dc:1e:bd:f6:3c:4d:3f:a4:dd:81:04:49:be:cf:
03:d4:32:6a:a5:58:ad:cb:3a:9c:09:6c:54:23:35:
84:c5:86:59:b7:ee:aa:3e:de:7f:f5:d2:53:08:00:
a5:d8:3d:11:c6:24:6c:ec:88:44:f3:09:f2:09:d3:
13:f3:80:74:22:b5:b7:97:7e:20:41:63:e5:f1:62:
1a:f4:32:d9:4b:0f:49:c3:a7:ff:62:6c:df:85:b6:
1a:4e:8d:28:76:5d:79:0d:7d:3e:f8:17:5c:8a:22:
64:f7:4f:b2:fa:b7:a4:58:4b:75:7b:a6:80:d1:a2:
dd:cb:14:5a:56:44:d0:83:82:72:97:37:35:7f:ea:
fa:b7:2f:2b:f4:93:99:ef:5a:d2:e7:2f:5b:3e:c8:
19:05:43:28:f2:68:fc:24:50:02:2a:ff:af:06:91:
51:7a:af:d0:3b:9f:3b:22:8b:f4:fb:a5:d0:74:2b:
cf:d2:93:14:dd:21:fe:52:98:58:d5:82:45:21:53:
3c:5a:e0:e0:1f:47:24:db:16:17:8e:c4:dd:02:c4:
b2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3E:CA:7D:7F:A0:18:71:62:9B:69:B9:A3:CA:F2:D6:B2:DD:A2:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.240.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:83:8b:99:91:86:38:09:99:da:63:da:d4:1a:1c:d8:d5:a3:
dd:de:da:2e:a8:b2:b3:11:06:5a:51:84:91:13:49:4d:0f:67:
a0:ca:55:3b:80:89:b1:a0:1e:4f:44:17:8f:73:7e:3f:34:5e:
1b:c9:04:57:ba:53:ee:98:68:87:c1:5f:e6:9c:63:b0:92:0d:
92:7d:05:63:90:53:30:89:13:ab:c4:57:0c:38:b1:2b:11:6d:
1d:92:05:46:b8:ad:19:b2:52:df:11:22:05:27:f0:0b:3f:14:
f6:81:48:07:e4:cd:c9:1f:f4:ee:26:3e:ae:e7:1c:3a:3e:97:
90:e4:d1:b7:62:88:ac:3c:3d:7f:b0:b7:65:73:70:37:f6:a4:
ff:84:87:63:44:c3:c9:33:87:2c:92:66:4d:62:9e:c2:9d:26:
81:7b:5e:c2:c7:c8:02:9a:89:2d:ae:df:3c:d7:c5:46:4e:ea:
8d:0e:ec:b7:5d:26:91:41:4d:05:45:84:b3:a9:51:ba:c4:09:
d6:06:7e:c0:9b:37:06:66:fb:0d:f4:8a:b0:39:2b:88:69:e0:
d4:88:7f:54:22:b1:4d:d6:83:79:35:66:ce:f3:02:92:30:e5:
b4:a7:f7:aa:11:6e:7b:e1:11:1e:83:0a:4c:47:eb:75:7a:6e:
be:22:73:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOIrQIU8hv6qqoEUp4jHpGNhcgXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMDhaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NmEzNmFmOGNkNThjYTYxOGE5MDk4YzA3ZWEyMjI1ZGE1Y2Y4ZTU0MmNl
YmVmMTAyOTc3ZGUwYzUzZGQ5ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL46sFVw1qPnutrkUvVhiPq/cArq0Fn4teqNY4Dv5REbZUU560k1uLswD9lC
qNwevfY8TT+k3YEESb7PA9QyaqVYrcs6nAlsVCM1hMWGWbfuqj7ef/XSUwgApdg9
EcYkbOyIRPMJ8gnTE/OAdCK1t5d+IEFj5fFiGvQy2UsPScOn/2Js34W2Gk6NKHZd
eQ19PvgXXIoiZPdPsvq3pFhLdXumgNGi3csUWlZE0IOCcpc3NX/q+rcvK/STme9a
0ucvWz7IGQVDKPJo/CRQAir/rwaRUXqv0DufOyKL9Pul0HQrz9KTFN0h/lKYWNWC
RSFTPFrg4B9HJNsWF47E3QLEsrcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKPsp9
f6AYcWKbabmjyvLWst2iAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRkMzExNjMtMmFkNy00OWY1LWEyNGQtMmVhNDE3MGJiMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J8DAN
BgkqhkiG9w0BAQsFAAOCAQEAb4OLmZGGOAmZ2mPa1Boc2NWj3d7aLqiysxEGWlGE
kRNJTQ9noMpVO4CJsaAeT0QXj3N+PzReG8kEV7pT7phoh8Ff5pxjsJINkn0FY5BT
MIkTq8RXDDixKxFtHZIFRritGbJS3xEiBSfwCz8U9oFIB+TNyR/07iY+ruccOj6X
kOTRt2KIrDw9f7C3ZXNwN/ak/4SHY0TDyTOHLJJmTWKewp0mgXtewsfIApqJLa7f
PNfFRk7qjQ7st10mkUFNBUWEs6lRusQJ1gZ+wJs3Bmb7DfSKsDkriGng1Ih/VCKx
TdaDeTVmzvMCkjDltKf3qhFue+ERHoMKTEfrdXpuviJzpg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:15 2025 by rpki-client