Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
File: df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa (raw, json)
Hash identifier: VeySyjTfzPhmaKduvgQGxc0CNG8MxcKuFwK74QnHUVA=
Subject key identifier: AA:AB:EB:0A:70:88:7A:AC:9A:75:49:8D:1E:C3:26:23:BE:A8:63:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 532184999DBCE831046FCE4691F5372AB2025AE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
Signing time: Mon 30 Jun 2025 17:50:14 +0000
ROA not before: Mon 30 Jun 2025 17:50:14 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:21:84:99:9d:bc:e8:31:04:6f:ce:46:91:f5:37:2a:b2:02:5a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 17:50:14 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=5d4124661b13fa20b403e9c0e3f00d3ff179378d34f58c75c88e6a6fe57d2fd0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cf:4e:f8:be:1b:04:a3:b6:17:d4:f4:21:32:
16:03:62:15:69:b4:8d:49:e7:82:59:a5:a8:af:27:
5d:9c:99:8e:d5:73:4d:ef:9f:7d:76:c0:ca:52:03:
1c:8a:21:19:2d:88:44:2c:77:63:96:25:1f:30:d2:
f5:10:5d:c8:7b:67:1f:74:ea:4f:74:d2:6d:a6:08:
1d:f4:d4:97:a7:2c:8d:42:7f:bf:60:30:8d:13:70:
bb:64:ee:16:c5:0d:2c:bd:41:35:be:b1:dc:13:c9:
e5:fb:a9:4f:05:3b:ec:cf:ef:18:fc:6b:e4:d8:6b:
c7:de:2c:c2:b0:5d:05:4e:7a:0d:60:fe:5d:b3:9a:
78:8e:3a:1f:11:05:17:4d:f4:62:c2:b3:55:09:89:
d9:6a:b9:ed:4b:4f:a6:23:24:6f:c8:ba:26:23:03:
82:de:b3:38:ea:f4:46:7e:80:04:7b:4a:26:f3:0d:
9b:c0:90:29:18:96:e2:8e:cd:df:41:96:2e:fd:94:
9e:9b:c6:7b:a1:f1:ba:6b:6d:d8:21:60:9e:d6:b2:
e6:6f:a9:14:90:b4:d9:92:c0:69:cf:92:8f:30:93:
9e:15:ba:42:f8:de:b3:3b:a8:c0:fc:92:79:18:dd:
a2:9c:03:01:ca:e6:e0:6a:97:e6:b9:16:5a:b8:b7:
3f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AB:EB:0A:70:88:7A:AC:9A:75:49:8D:1E:C3:26:23:BE:A8:63:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
69:81:1d:b4:47:8b:78:28:1e:95:73:c9:74:c0:f9:8f:fe:bb:
b6:b0:98:94:83:2c:e6:20:a3:95:55:7e:88:3b:9f:49:8d:68:
81:31:15:7c:2d:8e:97:c0:53:83:1e:f8:63:37:d4:c4:06:7a:
18:ab:29:b1:57:7c:4a:5c:90:c0:73:ed:fb:0a:67:57:0b:25:
50:14:f1:69:03:19:b2:e1:ce:e1:84:70:f1:22:62:58:c6:45:
a6:77:6c:5a:7b:32:da:25:a1:10:31:63:df:0e:a3:c1:fb:07:
6c:45:00:40:e4:bf:cd:39:aa:fb:ba:53:aa:d9:46:d1:0f:9d:
9e:07:b5:c5:7e:c8:9a:93:71:1e:31:60:d6:cb:f0:d5:cf:06:
33:20:8f:64:f3:6d:f3:48:e2:89:03:57:0e:cf:27:b3:87:1e:
6f:09:99:b4:10:fb:71:2b:39:9b:6b:5b:a5:b5:13:b2:36:2b:
c9:7e:0a:2f:51:9c:87:bc:14:27:a8:9c:0b:1b:29:a3:20:99:
41:da:ce:3b:bc:98:1b:69:46:3d:a2:0b:67:45:40:07:b2:c4:
60:4b:aa:d6:dd:72:7d:ba:f3:98:d8:05:58:5d:22:98:24:4c:
6e:b5:ed:bd:2c:89:4f:dd:18:bc:b1:8b:76:70:1a:cd:73:8f:
17:d7:99:09
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUyGEmZ286DEEb85GkfU3KrICWukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxNzUwMTRaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkNDEyNDY2MWIxM2ZhMjBiNDAzZTljMGUzZjAwZDNmZjE3OTM3OGQzNGY1
OGM3NWM4OGU2YTZmZTU3ZDJmZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjPTvi+GwSjthfU9CEyFgNiFWm0jUnnglmlqK8nXZyZjtVzTe+ffXbAylID
HIohGS2IRCx3Y5YlHzDS9RBdyHtnH3TqT3TSbaYIHfTUl6csjUJ/v2AwjRNwu2Tu
FsUNLL1BNb6x3BPJ5fupTwU77M/vGPxr5Nhrx94swrBdBU56DWD+XbOaeI46HxEF
F030YsKzVQmJ2Wq57UtPpiMkb8i6JiMDgt6zOOr0Rn6ABHtKJvMNm8CQKRiW4o7N
30GWLv2UnpvGe6Hxumtt2CFgntay5m+pFJC02ZLAac+SjzCTnhW6QvjeszuowPyS
eRjdopwDAcrm4GqX5rkWWri3P+cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSqq+sK
cIh6rJp1SY0ewyYjvqhjrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGY3NDBlMmYtOGNlNS00YjFiLWE5NWUtNjA0ODdkOTM4OGE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JyDAN
BgkqhkiG9w0BAQsFAAOCAQEAaYEdtEeLeCgelXPJdMD5j/67trCYlIMs5iCjlVV+
iDufSY1ogTEVfC2Ol8BTgx74YzfUxAZ6GKspsVd8SlyQwHPt+wpnVwslUBTxaQMZ
suHO4YRw8SJiWMZFpndsWnsy2iWhEDFj3w6jwfsHbEUAQOS/zTmq+7pTqtlG0Q+d
nge1xX7ImpNxHjFg1svw1c8GMyCPZPNt80jiiQNXDs8ns4cebwmZtBD7cSs5m2tb
pbUTsjYryX4KL1Gch7wUJ6icCxspoyCZQdrOO7yYG2lGPaILZ0VAB7LEYEuq1t1y
fbrzmNgFWF0imCRMbrXtvSyJT90YvLGLdnAazXOPF9eZCQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:33:05 2025 by rpki-client