Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: qRlH0u7j887iP9zwnxiHab69+HzOlP8fM68OwPiUasU=
Subject key identifier: 10:1C:91:4C:BA:88:50:A7:F7:CE:A4:4A:45:BA:21:06:B6:27:06:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F010B4A0D89E49D2316C1B84FB8D98E6B066ED3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Mon 30 Jun 2025 18:00:18 +0000
ROA not before: Mon 30 Jun 2025 18:00:18 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:01:0b:4a:0d:89:e4:9d:23:16:c1:b8:4f:b8:d9:8e:6b:06:6e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:18 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=e005f9f1d1b450052cc985a74c485f15d0fe89c3e6b4d3ba038256424f7ebd78, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:71:c6:7d:88:6a:17:c4:d8:7e:ec:4f:95:11:
60:bb:2a:db:6b:5a:8e:52:99:9c:52:43:8e:6f:b8:
f9:c4:cc:ec:b4:a8:d3:3d:cc:46:f3:64:25:56:70:
18:08:83:66:22:12:ff:a7:7a:a6:6d:9f:05:12:77:
87:57:87:b7:4e:ff:5f:3b:dd:a0:39:36:67:76:84:
0c:a4:43:f0:79:20:23:99:01:fa:ba:98:7e:16:8e:
af:ba:8e:20:5d:9e:22:a0:fc:ba:4a:af:a6:a3:73:
c2:7a:b5:b6:bd:57:ed:bc:b3:fe:1c:30:c3:b0:e9:
76:6f:e1:52:62:5b:9b:94:1b:c0:d7:58:1d:f9:b8:
9c:6e:4b:b3:80:5a:e3:f3:f3:11:e2:7d:f2:0b:e8:
2c:f6:f8:76:b2:dd:b1:d7:4f:e0:b5:4d:2b:87:2e:
7f:1b:50:2a:80:e7:a4:b6:5c:85:8c:4a:a5:7b:72:
74:14:32:45:02:2a:26:d8:8f:4a:b2:b8:69:f9:a6:
25:14:a0:f3:b7:e4:59:91:36:57:b6:66:5c:77:5e:
f7:08:3c:2f:e3:19:99:30:fe:47:af:6e:8e:4c:36:
a6:a4:99:ca:cf:0b:5a:98:6f:8f:2f:57:de:2c:e1:
21:10:55:a6:91:3f:ba:3a:74:98:cc:1e:be:40:88:
dc:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:1C:91:4C:BA:88:50:A7:F7:CE:A4:4A:45:BA:21:06:B6:27:06:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:42:4d:cd:fe:d9:e5:59:c5:6f:13:f9:2a:47:27:12:e8:2f:
b2:4a:b8:1e:44:dc:c1:5f:5d:d4:fc:ee:bc:e1:14:8a:9c:5d:
db:4e:5e:7e:6b:21:cb:f9:af:2f:82:cf:25:7f:65:e1:ac:1e:
50:a9:28:b8:6d:db:1c:0c:d4:2d:e4:7f:64:f8:58:25:3a:b8:
88:6e:ca:07:c0:40:df:c8:60:28:43:af:f8:10:b9:74:0d:27:
db:52:6b:8c:04:47:a2:8d:3e:68:a2:42:6f:9c:d8:50:04:ec:
5b:d3:8b:8d:92:26:b4:4d:4e:93:83:3b:cb:96:74:9a:0f:78:
4f:95:5a:1d:e7:2d:ae:ce:85:9d:65:8b:b2:c9:f5:64:c2:30:
47:a2:67:28:91:51:62:4b:e1:ad:80:b9:d4:27:10:61:f5:78:
06:1a:85:a0:fa:23:b3:4f:1e:0f:d9:7f:88:54:6c:e9:19:7d:
15:53:ce:b1:46:ff:04:1c:67:98:c9:da:9a:ec:ef:40:3f:89:
be:5e:74:87:bd:dd:ed:54:14:a9:d2:6b:fc:04:5e:0a:09:5c:
dc:f5:1c:2c:e0:70:91:87:19:f1:8c:59:b0:81:12:6e:86:c6:
7d:13:bb:a8:82:ae:65:c0:0d:41:77:81:a1:a7:b2:cf:35:a4:
25:8e:cc:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbwELSg2J5J0jFsG4T7jZjmsGbtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMThaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwMDVmOWYxZDFiNDUwMDUyY2M5ODVhNzRjNDg1ZjE1ZDBmZTg5YzNlNmI0
ZDNiYTAzODI1NjQyNGY3ZWJkNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNxxn2IahfE2H7sT5URYLsq22tajlKZnFJDjm+4+cTM7LSo0z3MRvNkJVZw
GAiDZiIS/6d6pm2fBRJ3h1eHt07/XzvdoDk2Z3aEDKRD8HkgI5kB+rqYfhaOr7qO
IF2eIqD8ukqvpqNzwnq1tr1X7byz/hwww7Dpdm/hUmJbm5QbwNdYHfm4nG5Ls4Ba
4/PzEeJ98gvoLPb4drLdsddP4LVNK4cufxtQKoDnpLZchYxKpXtydBQyRQIqJtiP
SrK4afmmJRSg87fkWZE2V7ZmXHde9wg8L+MZmTD+R69ujkw2pqSZys8LWphvjy9X
3izhIRBVppE/ujp0mMwevkCI3I8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQQHJFM
uohQp/fOpEpFuiEGticGpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEATUJNzf7Z5VnFbxP5KkcnEugvskq4HkTcwV9d1Pzu
vOEUipxd205efmshy/mvL4LPJX9l4aweUKkouG3bHAzULeR/ZPhYJTq4iG7KB8BA
38hgKEOv+BC5dA0n21JrjARHoo0+aKJCb5zYUATsW9OLjZImtE1Ok4M7y5Z0mg94
T5VaHectrs6FnWWLssn1ZMIwR6JnKJFRYkvhrYC51CcQYfV4BhqFoPojs08eD9l/
iFRs6Rl9FVPOsUb/BBxnmMnamuzvQD+Jvl50h73d7VQUqdJr/AReCglc3PUcLOBw
kYcZ8YxZsIESbobGfRO7qIKuZcANQXeBoaeyzzWkJY7M/g==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:14 2025 by rpki-client