Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
File: 842bd74b-e507-47ea-bb4e-32057136b2bd.roa (raw, json)
Hash identifier: eelLsE2IDXa+xaWG/OKz3NlzRg4uDH4Q18lemyNbDHQ=
Subject key identifier: FA:5C:41:EC:6C:3D:B1:BB:7E:08:DE:5F:96:63:47:15:A9:B8:07:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 365F5DA4B753B3A223EA7C3C6489CDFAC657089A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
Signing time: Mon 30 Jun 2025 18:00:16 +0000
ROA not before: Mon 30 Jun 2025 18:00:16 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:5f:5d:a4:b7:53:b3:a2:23:ea:7c:3c:64:89:cd:fa:c6:57:08:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:16 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=4b23830cef1ebc7144bcd91fcf3e1fced2907274e4e110d51b201596a61567e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b5:41:bd:9b:a1:05:cd:e4:58:66:9b:4e:de:
ba:aa:94:4b:86:ca:05:a0:e0:d2:b7:38:c9:e5:bf:
ee:56:e8:e5:6e:b1:b0:2e:f3:67:01:88:df:37:0f:
1e:e2:7f:93:0b:12:18:23:af:0b:01:e5:c9:0d:f5:
c5:d7:e5:57:02:dd:9d:32:8b:1b:8d:fd:ce:25:21:
c0:8b:23:6c:c4:a1:d3:70:5d:42:53:f9:49:6b:c6:
24:b8:ac:22:2c:bb:e8:40:22:4f:7c:3c:55:31:7a:
23:45:c0:d1:1a:62:bf:9c:3f:e7:a3:a0:c5:13:94:
aa:1d:a1:5d:93:5b:39:6b:28:7d:49:1f:ce:0e:14:
f1:e9:c1:6d:18:83:46:f0:d5:61:7e:1e:80:1e:75:
31:e6:97:af:63:9a:85:d2:ce:f8:95:f6:a2:32:c1:
8b:a2:f1:12:33:18:18:c1:f4:08:da:e0:97:51:49:
a5:39:8a:ec:f0:71:fd:56:9c:b3:54:f2:dd:a2:99:
4c:d4:84:07:3e:53:0d:fb:fe:17:30:f8:79:46:f6:
03:49:22:67:cd:0d:57:8a:d5:e5:0d:3e:a0:f9:c8:
dd:25:18:d6:86:3b:a7:96:9c:39:a2:af:2f:b9:36:
3e:0f:57:ef:98:52:db:7f:47:78:bf:97:c9:2d:0e:
14:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5C:41:EC:6C:3D:B1:BB:7E:08:DE:5F:96:63:47:15:A9:B8:07:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/18
Signature Algorithm: sha256WithRSAEncryption
34:36:84:94:b1:4e:7d:fd:03:ed:73:4f:90:bb:7e:9d:0b:7e:
a7:9e:d7:8b:1c:92:9e:40:2b:f1:25:fe:13:32:3c:f3:cd:f0:
cf:72:3d:5f:5e:52:26:1d:e7:3d:2f:17:e0:8e:27:69:3f:a6:
58:11:8d:c1:fe:7e:9c:44:2e:c1:ca:2f:f8:23:cc:86:aa:06:
cd:85:0b:71:c0:eb:55:92:32:6b:e5:77:42:40:7b:23:0b:74:
ae:b8:2f:51:ce:39:20:75:78:d1:d9:1b:d2:04:01:04:13:05:
11:ca:a8:08:e9:d5:20:29:ba:d2:3d:ea:39:35:59:1f:e6:10:
74:78:c7:a6:37:1e:ca:e1:43:47:ca:8c:37:cc:40:39:16:16:
54:39:9d:d9:7e:6e:fb:50:5b:46:07:d1:d6:6f:4d:a3:fa:73:
8a:72:d9:9d:e2:3a:57:53:07:e7:27:f3:cd:da:27:46:43:ac:
f1:28:3c:2a:0b:1c:90:77:8f:f1:8f:da:01:99:38:5d:f6:f1:
0d:ef:40:01:ab:00:07:18:5e:ab:ec:c9:b4:a4:6f:f2:33:77:
89:d9:94:2f:d9:08:ad:9c:29:62:04:20:08:fe:ba:d1:5e:1e:
b9:80:27:b3:c9:be:d9:30:83:07:c3:e3:3d:32:b2:1f:60:88:
e2:2f:43:1c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNl9dpLdTs6Ij6nw8ZInN+sZXCJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMTZaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiMjM4MzBjZWYxZWJjNzE0NGJjZDkxZmNmM2UxZmNlZDI5MDcyNzRlNGUx
MTBkNTFiMjAxNTk2YTYxNTY3ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+1Qb2boQXN5Fhmm07euqqUS4bKBaDg0rc4yeW/7lbo5W6xsC7zZwGI3zcP
HuJ/kwsSGCOvCwHlyQ31xdflVwLdnTKLG439ziUhwIsjbMSh03BdQlP5SWvGJLis
Iiy76EAiT3w8VTF6I0XA0Rpiv5w/56OgxROUqh2hXZNbOWsofUkfzg4U8enBbRiD
RvDVYX4egB51MeaXr2OahdLO+JX2ojLBi6LxEjMYGMH0CNrgl1FJpTmK7PBx/Vac
s1Ty3aKZTNSEBz5TDfv+FzD4eUb2A0kiZ80NV4rV5Q0+oPnI3SUY1oY7p5acOaKv
L7k2Pg9X75hS239HeL+XyS0OFF0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT6XEHs
bD2xu34I3l+WY0cVqbgHZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQyYmQ3NGItZTUwNy00N2VhLWJiNGUtMzIwNTcxMzZiMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JADAN
BgkqhkiG9w0BAQsFAAOCAQEANDaElLFOff0D7XNPkLt+nQt+p57XixySnkAr8SX+
EzI8883wz3I9X15SJh3nPS8X4I4naT+mWBGNwf5+nEQuwcov+CPMhqoGzYULccDr
VZIya+V3QkB7Iwt0rrgvUc45IHV40dkb0gQBBBMFEcqoCOnVICm60j3qOTVZH+YQ
dHjHpjceyuFDR8qMN8xAORYWVDmd2X5u+1BbRgfR1m9No/pzinLZneI6V1MH5yfz
zdonRkOs8Sg8KgsckHeP8Y/aAZk4XfbxDe9AAasABxheq+zJtKRv8jN3idmUL9kI
rZwpYgQgCP660V4euYAns8m+2TCDB8PjPTKyH2CI4i9DHA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:49 2025 by rpki-client