Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/18d47c03-cff3-4fc4-bd85-07c1063f7047.roa
File: 18d47c03-cff3-4fc4-bd85-07c1063f7047.roa (raw, json)
Hash identifier: 5wQEWpl82+t6UdUNneOHb3dZC7RV2WyUAqV+alXkb+8=
Subject key identifier: DE:93:E1:C6:21:EB:57:FB:4A:BA:E7:59:03:50:A3:50:69:87:E1:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11E24A6E46FF1D8EC5318F74B756AA93D9C2C11D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/18d47c03-cff3-4fc4-bd85-07c1063f7047.roa
Signing time: Fri 09 May 2025 16:30:44 +0000
ROA not before: Fri 09 May 2025 16:30:44 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:e2:4a:6e:46:ff:1d:8e:c5:31:8f:74:b7:56:aa:93:d9:c2:c1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:44 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=023959070e0d6c09635a8652807437ba4e5676c7272a90ee93e3b27b9e69e850, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:68:13:52:ad:09:36:b4:a2:22:a5:81:50:84:
ff:c5:c0:08:f2:1e:6a:5f:db:98:49:ac:70:d1:e4:
4d:e8:27:2e:45:db:98:16:91:f6:ab:26:08:bb:bb:
68:0b:31:4a:5b:76:26:83:c7:10:16:d0:68:43:a0:
16:fe:f8:30:1d:2b:55:90:f3:36:34:7d:61:3e:eb:
5d:03:4f:e0:16:bf:da:c1:bc:72:89:8d:e6:32:67:
a6:8e:d1:9c:4d:a5:7c:59:62:7a:c6:f7:ef:25:e1:
5c:16:89:75:2d:43:f6:25:65:3d:4f:a0:db:53:f9:
c6:d6:bd:8a:3f:05:92:c2:92:d8:e1:51:90:fa:c0:
49:11:33:07:78:6f:23:42:49:3f:56:20:47:43:c4:
3d:56:de:d9:cc:ef:21:b7:46:1e:0c:45:a7:5b:ba:
44:c0:4c:ba:1f:25:11:c5:2c:07:17:8e:b8:c9:52:
40:8a:1b:d3:a9:ab:7b:19:2b:6c:07:e4:f0:f3:be:
f1:62:05:d9:16:5c:da:6c:c8:12:df:c3:6c:d7:08:
bb:ec:43:10:3d:a9:60:df:9b:16:6b:e1:69:fa:e0:
7b:46:d6:87:53:7c:a3:ac:58:ab:9e:f5:5f:0d:f4:
cd:47:90:14:f7:98:fd:cf:67:d2:39:1b:d0:1b:15:
8d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:93:E1:C6:21:EB:57:FB:4A:BA:E7:59:03:50:A3:50:69:87:E1:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/18d47c03-cff3-4fc4-bd85-07c1063f7047.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/19
Signature Algorithm: sha256WithRSAEncryption
79:01:e0:e7:a6:3c:33:cb:f9:1d:03:b2:9c:22:47:fe:84:3b:
76:3d:b9:fe:5a:8d:a5:59:82:c5:41:c5:61:bd:f2:bd:ed:9e:
3b:1e:64:32:61:31:f8:f3:7d:33:48:0f:f0:b7:ff:83:48:5d:
97:80:80:59:5f:ad:b7:4d:c6:e5:cf:c3:bd:3c:f4:71:fa:7b:
57:66:8d:c9:0c:f9:cf:fc:14:96:6e:27:90:bd:64:70:d7:4c:
cd:69:04:b7:52:56:03:01:63:cc:fc:cb:33:6e:33:a6:cf:c3:
a2:10:05:b3:a1:b7:49:b7:44:ed:7a:52:a8:b7:9e:4a:27:f4:
14:da:f3:52:c6:a9:2a:9a:f2:1d:70:91:b2:48:58:ae:b4:d5:
27:be:ff:b9:5b:f4:0e:23:f2:46:b4:03:a0:8b:97:dd:c1:17:
60:c0:8c:de:83:78:d4:95:96:88:04:bb:3d:32:9f:78:04:4d:
70:24:c6:b2:6a:cb:8c:5a:f9:91:2d:b1:e6:5d:73:77:02:df:
a1:5d:01:bf:08:d8:46:f4:4d:79:b4:1a:84:e3:40:4b:e9:9c:
9b:fa:fa:cc:78:98:4d:06:cc:5d:ab:9b:cc:fc:8a:17:10:26:
15:94:92:4c:00:64:88:7d:f0:db:48:f1:fd:30:58:bd:8d:6c:
f0:85:b2:48
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEeJKbkb/HY7FMY90t1aqk9nCwR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwNDRaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMzk1OTA3MGUwZDZjMDk2MzVhODY1MjgwNzQzN2JhNGU1Njc2YzcyNzJh
OTBlZTkzZTNiMjdiOWU2OWU4NTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRoE1KtCTa0oiKlgVCE/8XACPIeal/bmEmscNHkTegnLkXbmBaR9qsmCLu7
aAsxSlt2JoPHEBbQaEOgFv74MB0rVZDzNjR9YT7rXQNP4Ba/2sG8comN5jJnpo7R
nE2lfFliesb37yXhXBaJdS1D9iVlPU+g21P5xta9ij8FksKS2OFRkPrASREzB3hv
I0JJP1YgR0PEPVbe2czvIbdGHgxFp1u6RMBMuh8lEcUsBxeOuMlSQIob06mrexkr
bAfk8PO+8WIF2RZc2mzIEt/DbNcIu+xDED2pYN+bFmvhafrge0bWh1N8o6xYq571
Xw30zUeQFPeY/c9n0jkb0BsVjd8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTek+HG
IetX+0q651kDUKNQaYfh7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MThkNDdjMDMtY2ZmMy00ZmM0LWJkODUtMDdjMTA2M2Y3MDQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEAeQHg56Y8M8v5HQOynCJH/oQ7dj25/lqNpVmCxUHF
Yb3yve2eOx5kMmEx+PN9M0gP8Lf/g0hdl4CAWV+tt03G5c/DvTz0cfp7V2aNyQz5
z/wUlm4nkL1kcNdMzWkEt1JWAwFjzPzLM24zps/DohAFs6G3SbdE7XpSqLeeSif0
FNrzUsapKpryHXCRskhYrrTVJ77/uVv0DiPyRrQDoIuX3cEXYMCM3oN41JWWiAS7
PTKfeARNcCTGsmrLjFr5kS2x5l1zdwLfoV0BvwjYRvRNebQahONAS+mcm/r6zHiY
TQbMXaubzPyKFxAmFZSSTABkiH3w20jx/TBYvY1s8IWySA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:10 2025 by rpki-client