Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
File: be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa (raw, json)
Hash identifier: 3+o86+oaofpdh6BSrkYl8ixPtsZTykVGz8oCx6g/kkE=
Subject key identifier: 74:21:7E:E6:A9:65:BF:5C:99:EE:46:AA:4E:7F:07:5E:F7:30:99:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7291E8353D15B36D0BA07C9C8F77CBE0DE59A270
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
Signing time: Mon 30 Jun 2025 18:00:15 +0000
ROA not before: Mon 30 Jun 2025 18:00:15 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:91:e8:35:3d:15:b3:6d:0b:a0:7c:9c:8f:77:cb:e0:de:59:a2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:15 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=14ecc7fa12091780c59e0eb94eea051d726e06a550e886c2498e06f24cc2340c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a4:45:84:14:e1:9c:3a:f4:ef:27:82:7e:df:
70:48:78:e0:c2:a2:d2:49:bf:1f:ca:02:f4:a2:19:
15:ce:f3:af:d1:14:93:75:b6:36:8c:7e:89:54:0b:
2e:0f:9b:a9:d4:c0:1b:5c:48:6c:eb:72:a5:d5:e9:
e0:83:82:4a:ad:8a:36:38:1d:63:eb:fe:e1:45:69:
92:60:29:32:56:6f:9f:55:29:95:87:c1:16:ee:00:
0c:61:c8:74:b8:c6:7b:e2:df:d1:24:4d:0c:f0:94:
ee:a5:11:b2:21:dd:2c:8d:2c:27:bd:17:49:68:24:
ab:16:2f:69:93:18:82:40:66:b1:dc:2e:14:a9:06:
86:b3:c5:b1:21:33:9a:0a:c9:2b:f8:8b:ab:cb:8f:
58:c1:d1:b2:23:c8:c7:b4:cc:c4:d3:c2:71:94:f4:
7f:48:ba:16:b4:2b:45:25:00:69:3d:85:4e:67:92:
bf:3a:ee:d9:b9:db:79:8c:e7:da:45:78:c4:3c:5d:
a4:65:cc:22:31:34:16:5b:5e:ca:37:70:2f:17:a2:
4b:d5:04:ff:08:c2:3c:86:48:ff:b1:a0:25:d2:84:
ed:4f:6e:ae:1c:53:b6:af:6a:e6:cb:a5:50:3e:dd:
4d:6b:ee:e8:17:df:65:d6:59:23:82:70:82:ea:8e:
3f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:21:7E:E6:A9:65:BF:5C:99:EE:46:AA:4E:7F:07:5E:F7:30:99:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.96.0/19
Signature Algorithm: sha256WithRSAEncryption
17:82:ba:00:c4:ba:52:6e:96:92:e9:c6:8d:cd:a0:81:5a:4f:
fe:e2:3f:31:f1:d1:e9:bd:5d:23:d9:6d:c1:14:18:d5:7c:6b:
4c:94:15:62:ef:3a:2e:80:25:e6:8f:dd:5c:c4:d1:04:fd:08:
37:f8:e9:f5:3e:0b:9a:9c:cd:a8:34:70:75:90:28:41:41:b6:
c4:e3:64:65:62:06:57:b7:ed:7f:ec:38:f8:ba:f5:8f:f1:f3:
3a:11:65:ec:f2:41:b2:ee:ef:c9:31:13:6c:52:0d:8d:de:6b:
06:1f:bc:26:13:21:aa:e5:9e:29:d0:be:c1:e1:16:4a:b4:8d:
4f:88:7f:af:6d:4f:18:78:ee:fe:83:ef:4e:ac:81:f4:ec:d6:
73:7c:b9:ad:51:23:96:9a:d2:c5:f8:5d:73:b7:d1:49:5c:41:
f0:f4:23:43:88:45:7b:20:57:37:bf:81:b0:f2:61:64:7f:9a:
8a:dc:58:8f:e8:ee:90:45:89:16:ec:7e:6b:75:a5:bc:3c:ab:
b8:10:ba:8c:43:b0:07:af:c8:78:41:2b:8a:c2:95:18:75:ca:
09:3e:5d:34:eb:ca:c5:b0:99:20:13:aa:bc:d5:64:e8:b6:05:
a1:f1:ab:d5:ca:9d:2f:90:d5:33:0b:b7:ab:e3:b2:9b:00:43:
1c:3f:d5:b1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcpHoNT0Vs20LoHycj3fL4N5ZonAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMTVaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ZWNjN2ZhMTIwOTE3ODBjNTllMGViOTRlZWEwNTFkNzI2ZTA2YTU1MGU4
ODZjMjQ5OGUwNmYyNGNjMjM0MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2kRYQU4Zw69O8ngn7fcEh44MKi0km/H8oC9KIZFc7zr9EUk3W2Nox+iVQL
Lg+bqdTAG1xIbOtypdXp4IOCSq2KNjgdY+v+4UVpkmApMlZvn1UplYfBFu4ADGHI
dLjGe+Lf0SRNDPCU7qURsiHdLI0sJ70XSWgkqxYvaZMYgkBmsdwuFKkGhrPFsSEz
mgrJK/iLq8uPWMHRsiPIx7TMxNPCcZT0f0i6FrQrRSUAaT2FTmeSvzru2bnbeYzn
2kV4xDxdpGXMIjE0FlteyjdwLxeiS9UE/wjCPIZI/7GgJdKE7U9urhxTtq9q5sul
UD7dTWvu6BffZdZZI4JwguqOPz8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR0IX7m
qWW/XJnuRqpOfwde9zCZ+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2YjdjYjAtM2M1NS00YTY1LWIwMGEtNDViYzEzMTA4NjhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JYDAN
BgkqhkiG9w0BAQsFAAOCAQEAF4K6AMS6Um6WkunGjc2ggVpP/uI/MfHR6b1dI9lt
wRQY1XxrTJQVYu86LoAl5o/dXMTRBP0IN/jp9T4LmpzNqDRwdZAoQUG2xONkZWIG
V7ftf+w4+Lr1j/HzOhFl7PJBsu7vyTETbFINjd5rBh+8JhMhquWeKdC+weEWSrSN
T4h/r21PGHju/oPvTqyB9OzWc3y5rVEjlprSxfhdc7fRSVxB8PQjQ4hFeyBXN7+B
sPJhZH+aitxYj+jukEWJFux+a3WlvDyruBC6jEOwB6/IeEErisKVGHXKCT5dNOvK
xbCZIBOqvNVk6LYFofGr1cqdL5DVMwu3q+OymwBDHD/VsQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:55 2025 by rpki-client