Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
File: b1697edb-eb6c-486d-a5cc-c22724b14f96.roa (raw, json)
Hash identifier: BqXvLWw96lYCEMpVh0zFWLsYYQ209Ei2CdFvqcJhLqM=
Subject key identifier: 3F:89:0B:F9:06:94:C3:F2:74:65:FF:8D:D4:E4:71:95:16:43:76:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5574D698E5038E29666B2441BAA42BF6EF6A1E8F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
Signing time: Mon 30 Jun 2025 17:50:06 +0000
ROA not before: Mon 30 Jun 2025 17:50:06 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:74:d6:98:e5:03:8e:29:66:6b:24:41:ba:a4:2b:f6:ef:6a:1e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 17:50:06 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=dccca95c7feff3cdba451e3f8a0716af7cd1986fe75122ad494689037c8de8f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1b:8a:ba:49:0b:6b:b4:cd:6f:82:a9:f8:e0:
80:53:52:27:fc:c4:57:aa:78:22:ad:bc:12:50:b3:
a4:41:3b:71:04:32:bc:3c:8a:ae:43:1b:cb:1a:76:
ca:91:a9:58:b8:15:5b:af:ee:ae:e9:a0:a6:f8:00:
c9:69:eb:2c:2e:29:87:60:e3:a4:83:aa:43:94:86:
9b:ce:a1:84:b9:0c:46:ff:9c:0a:66:5e:44:d1:2c:
95:e8:37:e3:98:f9:82:8e:14:78:87:87:65:68:33:
59:fc:29:65:ea:da:26:ce:79:bf:bf:e8:24:93:2d:
38:6e:33:7b:c6:10:61:65:23:c6:bb:01:00:bb:dd:
d5:d2:6f:8e:72:42:b3:44:c0:1a:18:39:0e:2f:f1:
4a:71:ac:3f:22:56:8b:74:f2:15:89:31:7c:33:0c:
88:ef:10:90:07:32:19:12:cc:3e:f7:ed:91:f8:58:
d7:7f:5d:e3:2c:86:b0:b2:53:ab:b6:76:49:d4:87:
58:51:fc:54:27:fc:76:27:df:9c:48:3b:b5:82:e8:
14:c3:83:aa:0c:d1:83:ab:d2:76:07:1e:98:8a:8f:
03:0e:ac:c7:37:da:4d:a3:83:88:ff:52:16:40:e5:
c3:eb:af:e6:98:85:e5:a5:af:09:57:e8:11:95:fb:
cb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:89:0B:F9:06:94:C3:F2:74:65:FF:8D:D4:E4:71:95:16:43:76:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1697edb-eb6c-486d-a5cc-c22724b14f96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:f9:b6:d9:05:fe:56:f3:e4:00:f8:8b:7b:42:b5:45:64:d8:
68:46:15:09:61:da:93:0c:02:88:d6:97:8b:6e:9a:4a:dd:22:
15:81:66:a7:e0:57:4c:51:60:bc:5a:b0:31:17:4f:15:6b:98:
89:41:27:e0:44:c2:29:e2:d7:c3:83:3b:0f:fa:5d:43:65:45:
47:18:14:ca:74:b5:60:ef:c3:ba:64:b4:9a:b2:22:48:3f:90:
0d:66:11:fa:0a:e0:f7:55:6b:b3:58:19:5f:94:3a:f3:68:d6:
5f:5e:35:6a:7c:94:62:6b:53:c4:22:98:dd:1b:29:3f:b8:dd:
ef:24:1d:14:39:06:99:81:35:52:91:2c:34:36:7d:f8:51:56:
bc:bc:5b:aa:45:4c:71:8b:48:60:08:7b:b0:64:69:48:96:83:
33:90:f0:10:64:35:44:76:83:ff:73:5c:69:60:08:35:d8:6d:
96:54:b1:83:f8:bc:49:37:a7:ae:21:1b:f7:03:14:84:16:68:
22:09:2f:bc:e8:bc:ae:97:11:0a:fe:bd:98:8c:2f:1e:98:49:
ff:75:a5:3c:1d:eb:c6:b9:7d:5e:90:1f:aa:04:52:f8:06:81:
68:c1:eb:7b:01:f3:8b:24:97:9f:f0:c7:2c:5f:a9:d3:47:d7:
a3:7e:be:20
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVXTWmOUDjilmayRBuqQr9u9qHo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxNzUwMDZaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjY2NhOTVjN2ZlZmYzY2RiYTQ1MWUzZjhhMDcxNmFmN2NkMTk4NmZlNzUx
MjJhZDQ5NDY4OTAzN2M4ZGU4ZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUbirpJC2u0zW+CqfjggFNSJ/zEV6p4Iq28ElCzpEE7cQQyvDyKrkMbyxp2
ypGpWLgVW6/urumgpvgAyWnrLC4ph2DjpIOqQ5SGm86hhLkMRv+cCmZeRNEsleg3
45j5go4UeIeHZWgzWfwpZeraJs55v7/oJJMtOG4ze8YQYWUjxrsBALvd1dJvjnJC
s0TAGhg5Di/xSnGsPyJWi3TyFYkxfDMMiO8QkAcyGRLMPvftkfhY139d4yyGsLJT
q7Z2SdSHWFH8VCf8diffnEg7tYLoFMODqgzRg6vSdgcemIqPAw6sxzfaTaODiP9S
FkDlw+uv5piF5aWvCVfoEZX7yysCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ/iQv5
BpTD8nRl/43U5HGVFkN2wDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE2OTdlZGItZWI2Yy00ODZkLWE1Y2MtYzIyNzI0YjE0Zjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6JqjAN
BgkqhkiG9w0BAQsFAAOCAQEADPm22QX+VvPkAPiLe0K1RWTYaEYVCWHakwwCiNaX
i26aSt0iFYFmp+BXTFFgvFqwMRdPFWuYiUEn4ETCKeLXw4M7D/pdQ2VFRxgUynS1
YO/DumS0mrIiSD+QDWYR+grg91Vrs1gZX5Q682jWX141anyUYmtTxCKY3RspP7jd
7yQdFDkGmYE1UpEsNDZ9+FFWvLxbqkVMcYtIYAh7sGRpSJaDM5DwEGQ1RHaD/3Nc
aWAINdhtllSxg/i8STenriEb9wMUhBZoIgkvvOi8rpcRCv69mIwvHphJ/3WlPB3r
xrl9XpAfqgRS+AaBaMHrewHziySXn/DHLF+p00fXo36+IA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:34:18 2025 by rpki-client