Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
File: fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa (raw, json)
Hash identifier: caORvWJ7w3e819CLfESbUZM+tyZmB9lDig2MiUsFh78=
Subject key identifier: AD:29:DD:2C:D0:1B:68:D4:AF:B9:AB:25:A5:07:2B:B7:62:FE:CD:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 164C3513B2FF54AB29BB6A76EE30D17015E051F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
Signing time: Mon 30 Jun 2025 18:00:14 +0000
ROA not before: Mon 30 Jun 2025 18:00:14 +0000
ROA not after: Mon 04 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:4c:35:13:b2:ff:54:ab:29:bb:6a:76:ee:30:d1:70:15:e0:51:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 30 18:00:14 2025 GMT
Not After : Aug 4 23:59:59 2025 GMT
Subject: serialNumber=484478b9942b5300f5a8972c8bbea16ac790030745487d7bf82cd291b8baaacf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1c:55:0b:61:ab:67:44:cf:37:be:b9:89:4b:
ee:5e:96:48:81:04:38:a1:f5:3e:c8:dd:db:d1:a0:
81:32:66:0d:66:18:40:ea:8c:64:9b:f5:de:fc:46:
88:d8:6b:1a:13:63:40:05:d2:5f:44:c4:28:a6:3b:
90:5d:9f:ab:ac:99:fd:b0:94:ef:06:be:b9:ac:1f:
2a:2c:b6:f2:23:fe:35:4d:0d:be:61:de:8b:8e:b5:
c3:70:cf:00:58:a4:d2:87:23:e1:4b:a0:b2:17:e1:
b0:28:c4:9e:3c:10:92:47:4b:59:70:7e:f3:da:b7:
fa:ef:1c:8f:63:d8:9b:eb:ab:26:9d:6f:55:27:16:
a9:9c:1b:10:e7:a6:ef:59:e5:52:2a:13:aa:d8:f4:
3d:18:74:a9:b4:d5:92:fc:80:02:ae:cf:6e:03:96:
bb:40:a9:19:16:e4:36:ad:aa:80:cd:46:8e:df:d0:
32:ac:7d:28:4a:a5:20:18:43:cf:72:9e:ba:46:31:
11:ff:8b:10:70:f1:52:e9:07:8b:f9:9c:3e:39:15:
68:c6:45:6b:37:92:3a:bc:05:c9:1e:bd:1e:14:6b:
2b:db:ae:fc:ba:93:c3:cb:8f:62:42:9d:29:4e:83:
51:4c:d5:e8:48:e9:31:1b:90:46:48:ea:1b:ae:39:
cb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:29:DD:2C:D0:1B:68:D4:AF:B9:AB:25:A5:07:2B:B7:62:FE:CD:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/20
Signature Algorithm: sha256WithRSAEncryption
04:c2:cf:a5:13:d0:30:86:99:33:62:6e:1c:db:9a:c8:7d:bb:
ef:e2:93:c7:1e:5a:79:0f:b8:8e:e4:e3:2e:56:5f:40:54:15:
f6:ae:d2:39:01:8c:c7:a1:7f:98:d0:69:e5:40:d2:b9:4d:87:
68:ef:11:06:0d:f8:99:87:27:bf:f4:b7:c4:77:30:aa:a5:6e:
55:ea:11:9c:1f:62:04:07:dd:48:7a:33:41:1b:06:fd:ad:82:
38:c0:07:81:38:e3:5e:b8:53:c3:da:ac:09:bb:f1:8a:c7:93:
eb:25:85:9b:3e:40:c3:d9:2f:3b:9f:dd:43:de:e3:b3:1a:1e:
de:79:87:e5:86:45:5e:2b:ac:66:0d:bf:49:1f:75:60:ef:e0:
7d:54:be:bb:ca:9d:31:46:22:9d:85:89:8a:9f:68:d8:39:71:
f3:5a:80:7e:15:90:09:cc:c9:62:08:72:e1:79:30:8b:89:af:
12:77:84:7c:6f:50:16:1e:4c:e8:9c:96:97:1e:7d:fa:cf:b0:
79:e4:80:d9:47:19:c7:d3:ba:d4:01:f6:99:a8:48:1a:96:cf:
11:44:b1:72:aa:8c:3d:80:16:b6:2c:5e:27:72:a8:89:8c:72:
6d:d0:ac:8a:ba:48:0c:ed:6f:ae:9d:49:6b:d0:c0:82:5e:32:
21:bb:b9:c6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFkw1E7L/VKspu2p27jDRcBXgUfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MzAxODAwMTRaFw0yNTA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4NDQ3OGI5OTQyYjUzMDBmNWE4OTcyYzhiYmVhMTZhYzc5MDAzMDc0NTQ4
N2Q3YmY4MmNkMjkxYjhiYWFhY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwcVQthq2dEzze+uYlL7l6WSIEEOKH1Psjd29GggTJmDWYYQOqMZJv13vxG
iNhrGhNjQAXSX0TEKKY7kF2fq6yZ/bCU7wa+uawfKiy28iP+NU0NvmHei461w3DP
AFik0ocj4UugshfhsCjEnjwQkkdLWXB+89q3+u8cj2PYm+urJp1vVScWqZwbEOem
71nlUioTqtj0PRh0qbTVkvyAAq7PbgOWu0CpGRbkNq2qgM1Gjt/QMqx9KEqlIBhD
z3KeukYxEf+LEHDxUukHi/mcPjkVaMZFazeSOrwFyR69HhRrK9uu/LqTw8uPYkKd
KU6DUUzV6EjpMRuQRkjqG645y0ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBStKd0s
0Bto1K+5qyWlByu3Yv7N1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlZTY1Y2EtOWM2Ny00OTI1LWI0NmYtNjBlYzJlZWNiN2EzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEABMLPpRPQMIaZM2JuHNuayH277+KTxx5aeQ+4juTj
LlZfQFQV9q7SOQGMx6F/mNBp5UDSuU2HaO8RBg34mYcnv/S3xHcwqqVuVeoRnB9i
BAfdSHozQRsG/a2COMAHgTjjXrhTw9qsCbvxiseT6yWFmz5Aw9kvO5/dQ97jsxoe
3nmH5YZFXiusZg2/SR91YO/gfVS+u8qdMUYinYWJip9o2Dlx81qAfhWQCczJYghy
4Xkwi4mvEneEfG9QFh5M6JyWlx59+s+weeSA2UcZx9O61AH2mahIGpbPEUSxcqqM
PYAWtixeJ3KoiYxybdCsirpIDO1vrp1Ja9DAgl4yIbu5xg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:37:01 2025 by rpki-client