Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
File: 9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa (raw, json)
Hash identifier: hlzbsPf4p/9dPSNEez398VDTV49nHqUbv06xL/d3BzA=
Subject key identifier: 68:F8:53:2C:0B:30:2A:6C:F8:2E:51:0F:9F:05:BE:79:58:48:86:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DA709BE08F33B12EAFC0A0148F7EB507C950B81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
Signing time: Mon 30 Jun 2025 17:50:12 +0000
ROA not before: Mon 30 Jun 2025 17:50:12 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:a7:09:be:08:f3:3b:12:ea:fc:0a:01:48:f7:eb:50:7c:95:0b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 17:50:12 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=9d28ac80532f63261d7f1c6bdebcae064a66935b1272bb7ee31e20d59f381714, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:86:45:c1:84:88:3f:8f:7c:4c:b5:0f:26:
49:ae:96:37:df:84:0a:b6:d1:e9:24:2a:c0:32:fb:
c6:27:12:b4:5d:a9:f2:2f:63:71:f5:03:5a:5b:13:
6b:a6:19:ae:b2:28:a6:83:15:18:ba:f7:c0:bf:2c:
09:43:c3:64:69:11:f6:81:68:eb:dc:ca:e6:19:0b:
c4:f9:3f:1d:59:3b:67:e0:59:fc:ea:99:15:94:33:
d7:ae:ee:0c:86:ac:72:68:79:14:54:14:e5:a0:2d:
23:08:3d:71:ad:03:6e:fc:ae:92:f7:37:60:5a:58:
b3:3c:d3:e9:35:17:b1:46:d9:2a:c6:37:4a:37:96:
5a:1c:27:d8:99:36:1d:e0:1f:62:cd:8d:42:cd:35:
98:83:35:03:9f:3e:17:9d:a8:6e:08:71:b5:ec:cc:
5b:01:18:b3:ed:f9:71:07:5c:e1:bd:12:98:a4:e9:
f6:81:a4:5e:cd:fa:de:6f:83:35:63:a9:2a:d1:49:
90:40:33:88:7f:90:58:65:9e:b9:5a:9a:24:56:7b:
53:6d:ad:b3:1a:e1:85:27:95:92:bc:cb:75:f0:da:
c3:86:86:7e:49:5b:35:ba:f8:62:8f:28:27:54:5a:
ac:bb:d6:1f:11:88:89:83:f8:50:bf:5c:1f:c8:1f:
b7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F8:53:2C:0B:30:2A:6C:F8:2E:51:0F:9F:05:BE:79:58:48:86:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.216.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:08:1e:64:73:a4:05:fc:6a:20:9f:8a:75:f4:c4:7e:59:b6:
52:06:e7:06:64:d7:2e:2a:41:13:09:1f:2f:1b:cc:35:d7:e4:
fc:0c:24:d8:4e:47:d4:28:ee:09:f1:d1:e4:a4:3c:07:21:6a:
26:6d:7d:81:fd:75:29:b3:d8:37:4b:49:b2:a7:6e:1b:82:82:
4c:e3:57:b4:15:f5:ec:52:3d:97:90:2c:08:83:f6:63:27:e4:
f4:1e:8f:20:79:1f:cf:99:03:87:04:60:98:1f:db:a7:d7:4b:
52:ea:03:be:43:74:1f:bc:28:25:a2:16:cb:9b:b1:ec:cb:e1:
21:05:d4:b2:c5:7a:29:4e:c6:1b:76:5c:90:f7:64:fe:78:d0:
00:81:5a:b6:76:aa:03:31:06:09:fe:3e:8c:68:4b:2e:ae:82:
df:17:9e:95:f8:ff:4c:56:35:79:d1:e6:fc:cc:0a:1e:22:80:
05:af:34:01:78:f4:71:5a:75:2b:e7:38:f1:89:55:6d:db:83:
a3:44:32:87:5d:40:78:bc:b7:b5:30:d1:1a:ac:7f:7d:40:eb:
38:2e:48:e2:b3:82:e1:15:53:ce:b7:d0:f1:ed:3a:c3:08:8e:
ac:7f:7f:24:3d:04:02:84:48:ee:2b:9b:63:a8:d1:f4:ac:98:
00:ba:1d:0c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTacJvgjzOxLq/AoBSPfrUHyVC4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxNzUwMTJaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkMjhhYzgwNTMyZjYzMjYxZDdmMWM2YmRlYmNhZTA2NGE2NjkzNWIxMjcy
YmI3ZWUzMWUyMGQ1OWYzODE3MTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXYhkXBhIg/j3xMtQ8mSa6WN9+ECrbR6SQqwDL7xicStF2p8i9jcfUDWlsT
a6YZrrIopoMVGLr3wL8sCUPDZGkR9oFo69zK5hkLxPk/HVk7Z+BZ/OqZFZQz167u
DIascmh5FFQU5aAtIwg9ca0Dbvyukvc3YFpYszzT6TUXsUbZKsY3SjeWWhwn2Jk2
HeAfYs2NQs01mIM1A58+F52obghxtezMWwEYs+35cQdc4b0SmKTp9oGkXs363m+D
NWOpKtFJkEAziH+QWGWeuVqaJFZ7U22tsxrhhSeVkrzLdfDaw4aGfklbNbr4Yo8o
J1RarLvWHxGIiYP4UL9cH8gft60CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRo+FMs
CzAqbPguUQ+fBb55WEiGXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI2ZWEyYzMtYzI1Yi00OTJjLTk1NDctN2M1ZGRiNzVkMTVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6J2DAN
BgkqhkiG9w0BAQsFAAOCAQEALggeZHOkBfxqIJ+KdfTEflm2UgbnBmTXLipBEwkf
LxvMNdfk/Awk2E5H1CjuCfHR5KQ8ByFqJm19gf11KbPYN0tJsqduG4KCTONXtBX1
7FI9l5AsCIP2Yyfk9B6PIHkfz5kDhwRgmB/bp9dLUuoDvkN0H7woJaIWy5ux7Mvh
IQXUssV6KU7GG3ZckPdk/njQAIFatnaqAzEGCf4+jGhLLq6C3xeelfj/TFY1edHm
/MwKHiKABa80AXj0cVp1K+c48YlVbduDo0Qyh11AeLy3tTDRGqx/fUDrOC5I4rOC
4RVTzrfQ8e06wwiOrH9/JD0EAoRI7iubY6jR9KyYALodDA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:59 2025 by rpki-client