Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
File: 19bd833c-9eac-4b19-b264-a191d9c1b939.roa (raw, json)
Hash identifier: tdj/3u+Na0QEPwiJbRY4TLhHKwdJ/4QNoMjy8EXqgOA=
Subject key identifier: 7B:D7:90:0D:79:EC:86:9A:49:71:A9:22:6D:7A:27:4F:4B:07:1E:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 771DA08DFA81142BE6AF145D1943DBB85F63902C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
Signing time: Fri 09 May 2025 16:31:17 +0000
ROA not before: Fri 09 May 2025 16:31:17 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:1d:a0:8d:fa:81:14:2b:e6:af:14:5d:19:43:db:b8:5f:63:90:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:31:17 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=53b32dd21168bf4f563194691f8587c56383f99b11ad05e693b21e65ff36732c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:75:8c:2e:3e:4b:76:0d:44:f6:77:1e:ef:
4a:6d:31:8f:f0:1e:e3:20:6b:db:82:89:af:31:ef:
15:eb:22:e5:43:28:ad:ea:eb:a8:4e:c7:9a:14:c7:
94:93:b1:5c:f9:1b:56:96:25:c6:eb:0c:c3:ff:21:
c9:92:d1:6e:ee:84:6d:90:31:04:ac:4c:74:d6:eb:
b1:b7:1e:20:39:f2:46:b2:58:39:3c:37:2a:eb:3b:
b7:c9:cb:2d:6f:c0:a0:32:b8:0e:60:20:32:2c:60:
b9:e8:dc:4d:f6:d3:eb:23:06:77:04:a3:8d:96:96:
ab:47:59:70:47:34:cd:4f:b2:10:c1:c4:bf:05:53:
b4:b8:0d:af:d4:16:53:ab:0d:92:51:4c:33:5b:89:
da:b4:a1:26:9f:42:b4:87:82:53:39:e0:8f:8f:df:
59:29:a2:de:0d:2e:ef:68:4e:3c:19:ca:33:bf:4c:
b0:a3:5c:cb:d2:25:f6:8c:b9:c2:c3:ab:03:0d:bb:
96:d8:17:e2:d9:3f:83:92:08:d1:76:2d:0f:c6:c8:
90:23:35:ec:60:15:2d:3e:9a:31:8a:fa:7b:5b:a9:
e3:bc:92:d6:8c:5d:83:27:e3:20:83:3d:37:cd:94:
0d:1c:34:1d:eb:8a:45:7a:93:90:fa:45:16:9f:df:
8c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D7:90:0D:79:EC:86:9A:49:71:A9:22:6D:7A:27:4F:4B:07:1E:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
b0:fb:16:5a:01:82:ca:02:a5:35:1a:36:1b:e8:66:5e:93:af:
b4:f7:9f:01:3a:47:15:e9:19:fc:77:cd:b3:ed:30:3c:12:2e:
d0:e1:a6:87:5d:a8:b7:cb:c6:52:85:91:78:3a:e2:ee:7c:5f:
c8:4d:f4:8e:9d:d1:3d:fc:e9:f1:41:10:f2:65:ef:a0:5a:cb:
9b:20:8a:60:48:2d:98:aa:79:e7:3c:10:aa:7c:00:62:b8:a6:
3b:bf:82:03:25:14:19:12:bc:07:53:24:7b:c4:1a:ea:84:99:
cc:fa:1d:79:6f:cb:81:bb:52:28:62:01:4e:25:d4:fc:56:73:
9c:53:2e:0b:2e:89:a5:00:0a:f6:5a:5c:a4:47:a8:93:75:ed:
36:a3:4c:7b:b3:bd:25:17:89:5d:24:52:b6:8f:02:d9:15:d0:
da:af:ea:91:2f:b9:3a:ad:c7:5c:89:6c:29:87:80:a1:52:3c:
22:4d:18:7d:55:73:0b:e6:96:1a:d8:66:e5:6e:22:ac:f7:9f:
52:fb:38:76:66:97:0c:b4:1c:79:c1:be:a9:24:02:77:bb:34:
e0:cb:4c:5d:d9:f3:66:d6:20:79:80:f1:23:db:a9:cf:3f:bc:
4d:ea:89:72:04:01:f0:c0:dd:3f:37:85:df:fc:75:d9:71:34:
43:90:dc:d2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdx2gjfqBFCvmrxRdGUPbuF9jkCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMxMTdaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzYjMyZGQyMTE2OGJmNGY1NjMxOTQ2OTFmODU4N2M1NjM4M2Y5OWIxMWFk
MDVlNjkzYjIxZTY1ZmYzNjczMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7kdYwuPkt2DUT2dx7vSm0xj/Ae4yBr24KJrzHvFesi5UMorerrqE7HmhTH
lJOxXPkbVpYlxusMw/8hyZLRbu6EbZAxBKxMdNbrsbceIDnyRrJYOTw3Kus7t8nL
LW/AoDK4DmAgMixguejcTfbT6yMGdwSjjZaWq0dZcEc0zU+yEMHEvwVTtLgNr9QW
U6sNklFMM1uJ2rShJp9CtIeCUzngj4/fWSmi3g0u72hOPBnKM79MsKNcy9Il9oy5
wsOrAw27ltgX4tk/g5II0XYtD8bIkCM17GAVLT6aMYr6e1up47yS1oxdgyfjIIM9
N82UDRw0HeuKRXqTkPpFFp/fjOMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR715AN
eeyGmklxqSJteidPSwceKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTliZDgzM2MtOWVhYy00YjE5LWIyNjQtYTE5MWQ5YzFiOTM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEAsPsWWgGCygKlNRo2G+hmXpOvtPefATpHFekZ/HfN
s+0wPBIu0OGmh12ot8vGUoWReDri7nxfyE30jp3RPfzp8UEQ8mXvoFrLmyCKYEgt
mKp55zwQqnwAYrimO7+CAyUUGRK8B1Mke8Qa6oSZzPodeW/LgbtSKGIBTiXU/FZz
nFMuCy6JpQAK9lpcpEeok3XtNqNMe7O9JReJXSRSto8C2RXQ2q/qkS+5Oq3HXIls
KYeAoVI8Ik0YfVVzC+aWGthm5W4irPefUvs4dmaXDLQcecG+qSQCd7s04MtMXdnz
ZtYgeYDxI9upzz+8TeqJcgQB8MDdPzeF3/x12XE0Q5Dc0g==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:45 2025 by rpki-client