Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d3290b1-5123-4651-a2b9-bde2c7d0d334.roa
File: 7d3290b1-5123-4651-a2b9-bde2c7d0d334.roa (raw, json)
Hash identifier: OqUDGSMuWfeKrnGCYeTUgKulCov3RXTbjc4NjxX9deg=
Subject key identifier: EB:8E:77:BE:05:8A:4C:7A:79:03:0E:AC:77:0B:EB:91:32:07:8C:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 630EB598FA7C74CC2D53B33059FB4DC3EFFE1138
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d3290b1-5123-4651-a2b9-bde2c7d0d334.roa
Signing time: Mon 30 Jun 2025 18:00:36 +0000
ROA not before: Mon 30 Jun 2025 18:00:36 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:0e:b5:98:fa:7c:74:cc:2d:53:b3:30:59:fb:4d:c3:ef:fe:11:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:36 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=a8f1c36685694139876865c067fdaf7d6c66e8d27bb4933094972901bfea3981, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3d:91:5b:15:a2:3f:b2:6f:a4:4e:dd:f0:8c:
1a:86:82:2f:9d:2e:37:77:cd:b1:c4:1d:f9:70:c2:
4c:40:f4:03:f6:ab:72:f8:2c:09:e7:13:76:b4:b5:
84:fe:63:35:4d:3d:5f:37:c8:ad:69:f6:99:af:9e:
e3:65:da:b9:0c:76:70:60:a5:c6:38:04:b2:bc:fc:
0f:48:8d:7a:49:2d:14:d8:ac:08:7c:12:24:ba:b6:
97:a7:13:54:fe:50:a7:9f:51:b9:ff:44:31:8d:9a:
fe:8b:3c:f6:b0:db:41:18:f5:a8:04:34:81:66:7d:
2f:0f:f5:24:12:f7:78:df:dc:af:24:8f:f0:1b:22:
10:58:8c:83:b5:af:f1:1e:4a:2e:ea:4d:fe:a6:fa:
14:40:2c:4f:18:1e:55:53:60:99:d9:88:4d:8f:24:
ce:e7:1f:e3:b7:a8:f6:ed:d1:2d:52:2b:0e:8a:4d:
9f:0e:ed:0a:15:ae:06:18:0a:c0:06:c4:07:d9:45:
76:5b:99:80:9b:c9:a1:ca:36:56:aa:61:7e:ec:d5:
d0:c1:e4:12:21:cc:8e:88:4f:fa:64:8b:bd:fd:69:
5d:bf:fd:a4:ba:08:08:fe:2e:a0:a6:84:4d:e2:e9:
df:4d:72:ac:c3:53:18:d0:88:e4:1f:49:3e:77:4e:
9a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8E:77:BE:05:8A:4C:7A:79:03:0E:AC:77:0B:EB:91:32:07:8C:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d3290b1-5123-4651-a2b9-bde2c7d0d334.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/18
Signature Algorithm: sha256WithRSAEncryption
7c:4a:25:94:63:18:15:5a:c2:e3:f8:80:aa:a9:91:dd:13:62:
86:a6:0d:58:ee:4d:1c:15:0c:7e:90:69:39:89:13:7d:6c:5e:
e6:9e:9f:7c:9e:70:2f:53:f3:9d:ed:ef:49:48:33:fa:12:0b:
d1:06:e8:1a:ec:69:26:ed:df:38:42:8d:ba:74:9b:23:c3:5c:
fd:55:5d:ec:87:f6:20:5e:1f:8f:36:2c:ff:a6:a9:7f:80:27:
09:68:67:b1:0b:de:64:06:a8:cc:7e:82:b1:48:78:84:49:d2:
50:15:f0:8e:e9:eb:7b:00:b0:bf:ec:e7:a2:2f:94:97:7f:74:
28:7b:ed:b6:cd:22:aa:b9:93:1b:16:30:60:2e:5f:e9:7f:d4:
dc:7f:a3:90:6c:80:86:74:78:a2:5d:52:7f:8c:51:04:f5:0e:
00:f3:56:4f:c5:38:fe:26:d5:18:c4:25:62:e2:c2:5b:39:09:
eb:16:3e:9a:5f:af:37:b3:7c:76:42:0a:99:dd:30:d6:72:00:
e1:0d:d2:b4:59:14:d8:49:18:33:19:8d:44:56:01:f5:b2:92:
24:37:72:80:83:30:cb:0a:9c:49:96:91:ae:7f:f2:48:9f:cb:
6f:16:bb:99:f8:cd:b2:1a:8f:df:86:ab:82:cc:66:d4:06:59:
c4:d2:68:42
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYw61mPp8dMwtU7MwWftNw+/+ETgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMzZaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZjFjMzY2ODU2OTQxMzk4NzY4NjVjMDY3ZmRhZjdkNmM2NmU4ZDI3YmI0
OTMzMDk0OTcyOTAxYmZlYTM5ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs9kVsVoj+yb6RO3fCMGoaCL50uN3fNscQd+XDCTED0A/arcvgsCecTdrS1
hP5jNU09XzfIrWn2ma+e42XauQx2cGClxjgEsrz8D0iNekktFNisCHwSJLq2l6cT
VP5Qp59Ruf9EMY2a/os89rDbQRj1qAQ0gWZ9Lw/1JBL3eN/crySP8BsiEFiMg7Wv
8R5KLupN/qb6FEAsTxgeVVNgmdmITY8kzucf47eo9u3RLVIrDopNnw7tChWuBhgK
wAbEB9lFdluZgJvJoco2VqphfuzV0MHkEiHMjohP+mSLvf1pXb/9pLoICP4uoKaE
TeLp301yrMNTGNCI5B9JPndOmvUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTrjne+
BYpMenkDDqx3C+uRMgeMdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2QzMjkwYjEtNTEyMy00NjUxLWEyYjktYmRlMmM3ZDBkMzM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEAfEollGMYFVrC4/iAqqmR3RNihqYNWO5NHBUMfpBp
OYkTfWxe5p6ffJ5wL1Pzne3vSUgz+hIL0QboGuxpJu3fOEKNunSbI8Nc/VVd7If2
IF4fjzYs/6apf4AnCWhnsQveZAaozH6CsUh4hEnSUBXwjunrewCwv+znoi+Ul390
KHvtts0iqrmTGxYwYC5f6X/U3H+jkGyAhnR4ol1Sf4xRBPUOAPNWT8U4/ibVGMQl
YuLCWzkJ6xY+ml+vN7N8dkIKmd0w1nIA4Q3StFkU2EkYMxmNRFYB9bKSJDdygIMw
ywqcSZaRrn/ySJ/Lbxa7mfjNshqP34argsxm1AZZxNJoQg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:46:31 2025 by rpki-client