Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: qenmA2l9P6aqTHQwY+levNEmz0/W8nXAKvht5W1EJZ4=
Subject key identifier: 2B:FB:48:D9:7B:49:07:9B:4B:64:F0:3F:91:A7:E8:9C:7E:AC:BE:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78097FAA8A58C3C136A3917CAEBF38F0EC23DBEC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Mon 30 Jun 2025 18:00:04 +0000
ROA not before: Mon 30 Jun 2025 18:00:04 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:09:7f:aa:8a:58:c3:c1:36:a3:91:7c:ae:bf:38:f0:ec:23:db:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:04 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=599b6e7bd766e352815c444ff87eb5a73a18d7433514e3321d133095b24412b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f8:ae:1d:78:76:b3:68:2c:d8:8a:97:8d:a6:
7b:12:2e:cd:e3:1e:a9:69:80:3b:4b:83:49:0e:db:
bc:3e:89:9b:62:ec:56:fb:04:66:ef:16:95:bd:48:
36:54:3d:2b:ab:2e:1a:9e:00:c3:df:7c:ca:33:a8:
f2:99:b8:42:b2:f3:3e:1c:ee:5d:a6:06:da:f5:01:
af:d6:85:09:51:04:32:8a:b9:f7:db:03:52:29:f3:
94:55:03:5f:26:3e:5e:7a:d0:31:1d:97:de:4f:31:
05:a6:cb:02:37:49:3d:d9:d9:8c:b6:b6:5f:18:2a:
a9:7f:c3:90:a5:e0:a5:9b:d8:0e:0d:ef:2e:5a:bc:
8f:eb:ad:42:1f:f2:46:d2:22:31:62:ba:4f:4e:7c:
ab:49:26:dd:99:e0:9d:a4:ac:1f:f2:d8:d5:81:20:
15:3a:8e:0a:9b:22:10:98:31:9e:63:03:e4:25:2b:
91:41:17:9a:70:d8:cd:0b:91:f5:f5:52:d6:bf:44:
f2:d3:72:22:6c:da:7c:46:18:39:d4:a5:b2:95:cd:
ca:07:5f:3c:30:f6:3d:41:ee:4d:40:13:2c:5a:b3:
22:63:52:f3:1a:ff:57:03:f2:e2:cf:3e:9a:7e:34:
b9:6a:83:ea:a0:bf:53:f6:17:6f:95:a7:ee:a9:fc:
f8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FB:48:D9:7B:49:07:9B:4B:64:F0:3F:91:A7:E8:9C:7E:AC:BE:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:40:93:8f:c9:37:85:97:8a:74:ef:4a:86:f8:7a:46:6c:22:
3b:d8:29:a3:58:5b:3b:9c:73:d5:85:02:68:31:51:ab:83:66:
63:f4:41:b7:76:c3:87:e0:8f:75:f0:3c:f7:d1:fb:76:11:0d:
ac:de:3c:c8:35:cb:3a:98:78:06:a3:65:83:7c:3d:0f:5e:4f:
32:e0:c3:fe:90:54:1f:b3:fd:cb:5c:48:b3:12:fb:26:4e:62:
35:6e:aa:d7:45:35:8e:3f:51:56:0b:92:37:f7:3b:64:d6:72:
80:25:4d:11:c6:05:c3:08:43:3e:5f:d7:61:6a:63:ed:3b:da:
87:b4:73:e4:4a:12:0b:dd:0f:63:8a:78:3b:08:71:44:a9:ea:
74:3e:f7:84:a3:5c:4c:e8:b6:41:3a:d9:b9:38:54:ce:97:75:
36:1a:b7:1a:d0:90:77:17:fa:52:a6:5e:e7:c1:86:e3:be:86:
54:7d:83:7c:25:23:b7:bd:df:4e:e9:57:b7:71:64:6e:60:97:
a7:5d:40:a1:a4:04:9c:5f:05:35:e3:a0:15:af:c8:81:cd:9b:
27:45:cb:04:8b:1c:1a:90:a6:3c:b0:7d:6a:fe:44:4c:da:0d:
2a:fa:84:e0:4b:70:55:9c:62:1b:1b:41:7d:8d:ac:6a:3c:6a:
de:83:46:1b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeAl/qopYw8E2o5F8rr848Owj2+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMDRaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5OWI2ZTdiZDc2NmUzNTI4MTVjNDQ0ZmY4N2ViNWE3M2ExOGQ3NDMzNTE0
ZTMzMjFkMTMzMDk1YjI0NDEyYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALT4rh14drNoLNiKl42mexIuzeMeqWmAO0uDSQ7bvD6Jm2LsVvsEZu8Wlb1I
NlQ9K6suGp4Aw998yjOo8pm4QrLzPhzuXaYG2vUBr9aFCVEEMoq599sDUinzlFUD
XyY+XnrQMR2X3k8xBabLAjdJPdnZjLa2XxgqqX/DkKXgpZvYDg3vLlq8j+utQh/y
RtIiMWK6T058q0km3ZngnaSsH/LY1YEgFTqOCpsiEJgxnmMD5CUrkUEXmnDYzQuR
9fVS1r9E8tNyImzafEYYOdSlspXNygdfPDD2PUHuTUATLFqzImNS8xr/VwPy4s8+
mn40uWqD6qC/U/YXb5Wn7qn8+DECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQr+0jZ
e0kHm0tk8D+Rp+icfqy+ZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAbUCTj8k3hZeKdO9Khvh6RmwiO9gpo1hbO5xz1YUC
aDFRq4NmY/RBt3bDh+CPdfA899H7dhENrN48yDXLOph4BqNlg3w9D15PMuDD/pBU
H7P9y1xIsxL7Jk5iNW6q10U1jj9RVguSN/c7ZNZygCVNEcYFwwhDPl/XYWpj7Tva
h7Rz5EoSC90PY4p4OwhxRKnqdD73hKNcTOi2QTrZuThUzpd1Nhq3GtCQdxf6UqZe
58GG476GVH2DfCUjt73fTulXt3FkbmCXp11AoaQEnF8FNeOgFa/Igc2bJ0XLBIsc
GpCmPLB9av5ETNoNKvqE4EtwVZxiGxtBfY2sajxq3oNGGw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:23:40 2025 by rpki-client