Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: LodpLhwTlsT7tYFCAKiM5j4XCIzqsmj+l2VMVcV3ZdA=
Subject key identifier: 35:66:36:BC:B5:F9:FF:3C:F6:FC:11:55:BE:B0:6A:69:E7:08:46:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1805904B2FAEF293DCD70A4970A64B994CAE980F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Fri 09 May 2025 16:30:16 +0000
ROA not before: Fri 09 May 2025 16:30:16 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:05:90:4b:2f:ae:f2:93:dc:d7:0a:49:70:a6:4b:99:4c:ae:98:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:16 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=6870c9a647185718fcda9e53c6a36522775bcdb1d6275b9f66c6a5c14fe522e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ff:75:23:d3:8b:3c:3a:7d:a4:c0:d9:19:b5:
97:e5:3d:06:98:14:5a:05:82:02:80:82:ad:42:07:
46:31:e6:7a:81:40:b0:d8:f0:df:64:9a:c0:0c:42:
9f:b4:3b:21:87:a3:3d:0b:8b:79:b9:37:06:54:b7:
09:11:cb:34:34:7f:39:ef:87:43:9f:21:c9:36:38:
bb:5e:e4:95:28:43:30:66:52:31:bd:ce:8d:ae:85:
e9:bc:e2:6d:11:a4:94:cb:d1:32:44:1c:a0:7f:bd:
50:52:14:b5:17:09:5c:d3:56:dd:5f:8f:31:23:5e:
48:06:77:90:4a:69:dd:87:25:00:f4:58:53:3b:21:
d5:4c:40:8e:8d:15:94:86:f3:1f:d1:4d:13:93:1d:
8f:71:66:98:dd:55:39:ba:6b:71:83:ae:7e:35:e9:
c2:e3:b3:f0:5c:a1:88:c9:f6:8f:03:65:4e:b8:00:
5d:40:65:70:02:77:1f:24:72:8b:1f:7f:80:c2:63:
fa:f1:11:9c:c7:80:6d:c4:3c:df:74:7d:59:26:9e:
84:88:2e:30:a5:31:71:05:99:33:f0:4c:47:30:1c:
0c:88:69:52:ef:43:81:f7:7d:5e:37:ec:88:9e:5a:
f3:0a:7d:0d:45:6f:0e:49:66:48:cb:a4:1e:4a:fa:
32:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:66:36:BC:B5:F9:FF:3C:F6:FC:11:55:BE:B0:6A:69:E7:08:46:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
00:1b:3b:a9:7a:54:7e:3f:85:e7:96:6f:4f:2a:72:41:59:11:
b0:00:88:ed:57:21:45:61:ea:f2:3e:cc:18:cc:3b:a2:bf:38:
33:20:ff:0c:79:b2:8d:44:1b:18:8c:3c:b3:12:08:96:45:a1:
c0:53:a5:54:a3:54:71:4b:b0:53:d3:4d:23:58:55:07:4e:13:
94:ea:2c:69:47:57:0d:e1:63:21:e2:e0:fd:51:96:3a:b5:12:
31:a1:06:13:05:ff:91:3d:2d:1c:d8:47:9e:09:21:32:1f:5b:
3f:d1:68:c2:cb:44:53:a8:0d:0d:7b:82:76:9f:da:e7:53:7c:
3d:9d:71:4a:3a:21:db:68:80:01:9b:59:40:b8:60:64:bf:71:
40:fb:ca:f6:f7:79:47:94:b9:1d:99:3e:31:66:04:25:40:ee:
39:af:cc:c4:59:80:30:b0:57:d4:08:8f:54:42:eb:8b:38:da:
3f:05:4b:9a:01:d7:68:cc:f7:34:77:56:89:d7:ae:07:1e:0d:
c1:ee:df:43:58:7b:69:2a:f3:bc:1c:ef:f7:a4:d0:6f:51:5e:
44:b4:58:9a:05:19:be:a6:36:cb:f3:ec:d9:26:2e:cc:d5:5d:
b8:6c:18:d3:00:8b:06:60:bc:c6:1b:28:64:ae:e6:08:ba:7a:
d2:3b:ea:32
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGAWQSy+u8pPc1wpJcKZLmUyumA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwMTZaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4NzBjOWE2NDcxODU3MThmY2RhOWU1M2M2YTM2NTIyNzc1YmNkYjFkNjI3
NWI5ZjY2YzZhNWMxNGZlNTIyZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM//dSPTizw6faTA2Rm1l+U9BpgUWgWCAoCCrUIHRjHmeoFAsNjw32SawAxC
n7Q7IYejPQuLebk3BlS3CRHLNDR/Oe+HQ58hyTY4u17klShDMGZSMb3Oja6F6bzi
bRGklMvRMkQcoH+9UFIUtRcJXNNW3V+PMSNeSAZ3kEpp3YclAPRYUzsh1UxAjo0V
lIbzH9FNE5Mdj3FmmN1VObprcYOufjXpwuOz8FyhiMn2jwNlTrgAXUBlcAJ3HyRy
ix9/gMJj+vERnMeAbcQ833R9WSaehIguMKUxcQWZM/BMRzAcDIhpUu9Dgfd9Xjfs
iJ5a8wp9DUVvDklmSMukHkr6MoUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1Zja8
tfn/PPb8EVW+sGpp5whGJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEAABs7qXpUfj+F55ZvTypyQVkRsACI7VchRWHq8j7M
GMw7or84MyD/DHmyjUQbGIw8sxIIlkWhwFOlVKNUcUuwU9NNI1hVB04TlOosaUdX
DeFjIeLg/VGWOrUSMaEGEwX/kT0tHNhHngkhMh9bP9FowstEU6gNDXuCdp/a51N8
PZ1xSjoh22iAAZtZQLhgZL9xQPvK9vd5R5S5HZk+MWYEJUDuOa/MxFmAMLBX1AiP
VELrizjaPwVLmgHXaMz3NHdWideuBx4Nwe7fQ1h7aSrzvBzv96TQb1FeRLRYmgUZ
vqY2y/Ps2SYuzNVduGwY0wCLBmC8xhsoZK7mCLp60jvqMg==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:08 2025 by rpki-client