Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
File: bb73d62f-513c-4673-8547-902e7fa2148b.roa (raw, json)
Hash identifier: pUfivqGKjw6llqRzOe06y/FGz7duwtD+B/GL/RMnePY=
Subject key identifier: 32:BC:BA:89:66:E1:A8:C9:AF:FD:04:BB:FB:48:CD:98:0E:50:1F:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13A8C7B7BB86D55ED066E9EB305842A9B4F80DD4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
Signing time: Mon 30 Jun 2025 18:00:06 +0000
ROA not before: Mon 30 Jun 2025 18:00:06 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:a8:c7:b7:bb:86:d5:5e:d0:66:e9:eb:30:58:42:a9:b4:f8:0d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:06 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=00d29dcf488f2e01f4367d6b66ec5181a27cc5f8356675e4e1f142e366c8b178, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:52:ff:95:91:bb:b3:89:1d:b5:4f:6d:f4:41:
ea:b6:61:12:a0:4c:cd:70:a3:88:b8:ab:9c:b0:04:
f2:bf:1c:2b:52:0d:2d:50:61:20:db:39:28:43:7b:
42:4d:db:38:4a:ed:42:9f:63:54:b5:13:21:ac:fb:
76:87:d3:8c:15:41:4d:d7:10:1d:41:44:a4:ac:5a:
af:0c:12:36:37:b0:f6:49:19:a0:bb:62:5b:00:0c:
a6:c0:bc:46:49:47:cb:72:bd:fb:76:56:a2:3a:18:
a0:25:78:ce:6d:63:e3:43:f6:37:bb:91:d8:b4:19:
dd:e1:f7:6f:c6:02:d7:ef:0b:34:43:d3:f7:e9:14:
3a:f8:c8:ce:c8:d5:46:26:d8:e4:90:14:46:a6:6e:
f2:24:34:60:90:58:ca:47:2c:98:d6:51:9f:91:25:
fb:55:5a:67:ee:bc:b3:58:98:e1:18:61:be:9f:17:
6b:6f:be:5e:8d:bf:f2:b9:8f:4c:80:da:dd:c8:76:
b0:19:e6:89:cf:d2:5c:10:dc:c7:4e:12:46:43:aa:
12:d2:26:23:36:3b:94:e0:e7:61:e7:2d:b3:37:ca:
7c:f4:23:71:13:2b:3f:d6:73:04:96:76:1e:b9:f6:
46:87:ec:5a:76:9b:54:54:6a:58:32:4a:53:c3:5f:
98:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BC:BA:89:66:E1:A8:C9:AF:FD:04:BB:FB:48:CD:98:0E:50:1F:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb73d62f-513c-4673-8547-902e7fa2148b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/17
Signature Algorithm: sha256WithRSAEncryption
2d:0f:53:e7:83:5c:b2:23:5d:9c:e8:c9:4c:eb:9d:4a:3e:c0:
0a:ba:0e:96:78:27:99:50:96:e6:48:b8:aa:6f:f5:81:db:63:
e1:01:3a:f6:8d:7e:ce:6b:d1:ed:32:a3:d0:5b:69:0a:ca:67:
d7:fb:8c:74:da:e0:e2:36:30:2a:a1:94:2e:81:34:f3:b2:ef:
6c:c6:32:03:e8:8c:41:21:02:ec:9f:64:19:b3:7d:98:33:7b:
c5:57:5c:07:d6:64:7c:6c:4c:30:6f:14:0f:ba:b8:cc:76:40:
c5:6f:e5:e9:dd:9f:b7:57:69:29:96:0a:ff:c8:9f:b9:c3:45:
ff:36:c6:88:93:3f:69:c2:73:93:54:26:86:16:b8:78:21:b8:
4c:ff:bb:53:da:41:03:2f:ce:5b:74:db:89:0d:c3:b3:39:68:
b5:7e:6b:d4:75:39:9e:f0:c5:76:e9:35:6c:04:c6:81:d0:54:
5f:29:d6:e6:c7:b5:3c:13:64:91:4e:4d:ff:45:03:be:ae:7c:
1e:d3:e5:93:f3:a2:90:1d:9f:a1:ed:7c:98:81:1d:79:2f:78:
78:66:60:79:15:2d:bf:fc:8a:6d:d1:5a:1e:9c:d6:c1:e4:8d:
e4:4d:54:71:f7:35:02:96:d3:fe:e2:fa:3d:95:89:a8:b1:3c:
aa:b3:64:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUE6jHt7uG1V7QZunrMFhCqbT4DdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMDZaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwZDI5ZGNmNDg4ZjJlMDFmNDM2N2Q2YjY2ZWM1MTgxYTI3Y2M1ZjgzNTY2
NzVlNGUxZjE0MmUzNjZjOGIxNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPJS/5WRu7OJHbVPbfRB6rZhEqBMzXCjiLirnLAE8r8cK1INLVBhINs5KEN7
Qk3bOErtQp9jVLUTIaz7dofTjBVBTdcQHUFEpKxarwwSNjew9kkZoLtiWwAMpsC8
RklHy3K9+3ZWojoYoCV4zm1j40P2N7uR2LQZ3eH3b8YC1+8LNEPT9+kUOvjIzsjV
RibY5JAURqZu8iQ0YJBYykcsmNZRn5El+1VaZ+68s1iY4Rhhvp8Xa2++Xo2/8rmP
TIDa3ch2sBnmic/SXBDcx04SRkOqEtImIzY7lODnYectszfKfPQjcRMrP9ZzBJZ2
Hrn2RofsWnabVFRqWDJKU8NfmFMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQyvLqJ
ZuGoya/9BLv7SM2YDlAfoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmI3M2Q2MmYtNTEzYy00NjczLTg1NDctOTAyZTdmYTIxNDhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy6JADAN
BgkqhkiG9w0BAQsFAAOCAQEALQ9T54NcsiNdnOjJTOudSj7ACroOlngnmVCW5ki4
qm/1gdtj4QE69o1+zmvR7TKj0FtpCspn1/uMdNrg4jYwKqGULoE087LvbMYyA+iM
QSEC7J9kGbN9mDN7xVdcB9ZkfGxMMG8UD7q4zHZAxW/l6d2ft1dpKZYK/8ifucNF
/zbGiJM/acJzk1Qmhha4eCG4TP+7U9pBAy/OW3TbiQ3DszlotX5r1HU5nvDFduk1
bATGgdBUXynW5se1PBNkkU5N/0UDvq58HtPlk/OikB2foe18mIEdeS94eGZgeRUt
v/yKbdFaHpzWweSN5E1Ucfc1ApbT/uL6PZWJqLE8qrNklQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:16 2025 by rpki-client