Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
File: 216f72e9-3c9a-414e-a688-ee99e3f2e840.roa (raw, json)
Hash identifier: fFhugnCyzkTb0Mn3Ym/W/rWQWmksp2ujWgpuIk/7Mvo=
Subject key identifier: 47:0E:E9:AF:A9:A3:CC:56:8B:B5:5C:D3:75:AF:B7:D6:8D:13:C0:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63CDCE9824F90C1695A57309290BBEB58F876480
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
Signing time: Fri 09 May 2025 16:30:11 +0000
ROA not before: Fri 09 May 2025 16:30:11 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.220.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:cd:ce:98:24:f9:0c:16:95:a5:73:09:29:0b:be:b5:8f:87:64:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:11 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=aed65aa171afd66ec9a0980c1685882adac70316a6d6a64aba4c63a67cdb0bd9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f1:f8:c1:4a:99:99:c4:74:08:ef:b8:dd:f2:
99:aa:ab:bb:78:53:f5:e5:b1:d4:9f:a7:75:90:18:
1b:10:77:2b:2d:d5:85:b2:38:62:f5:4b:01:d2:d1:
7b:d5:a0:2f:27:64:16:b7:ef:02:79:36:2d:1b:d1:
e6:55:4d:c3:a8:0b:03:96:55:5b:a4:ce:5a:2b:53:
98:a2:68:e5:36:5d:8e:a7:6b:80:bf:54:1f:b9:c8:
2a:72:29:9a:07:76:13:40:af:a3:4f:7f:34:b9:f5:
d1:ad:22:ac:fb:02:e7:e2:5a:0b:c2:cd:a7:ce:0d:
84:b3:da:34:1a:eb:69:be:c6:25:fe:0b:40:cc:5d:
8b:0c:e3:ce:bc:de:fa:fe:78:75:02:74:f8:f2:78:
07:9d:2a:35:d7:63:76:04:94:db:ef:97:3c:3f:f2:
d6:20:a7:b3:7e:b5:08:2f:d6:f4:02:74:df:78:91:
42:37:08:5f:1a:70:b6:78:33:21:d1:10:cd:1a:5e:
2c:6a:0a:85:5e:54:96:f5:25:8d:02:c1:60:0a:59:
33:eb:94:4b:42:1a:89:da:fd:77:9a:13:55:f2:87:
9f:a2:8a:c5:43:bb:17:1b:6d:33:b0:b7:51:47:93:
84:f5:28:aa:ed:ff:e7:83:73:4a:34:cf:15:09:5b:
f3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0E:E9:AF:A9:A3:CC:56:8B:B5:5C:D3:75:AF:B7:D6:8D:13:C0:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.220.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:f6:79:d5:3f:2e:f1:1e:49:ea:fc:a4:d5:4c:58:8e:38:c4:
a3:2d:b4:dd:eb:82:e5:bf:33:1b:00:8f:e2:dc:6f:44:3b:03:
4c:f3:71:2c:2f:e1:a9:fc:c0:b7:cf:49:a9:0b:af:df:b2:4d:
a1:a0:80:f2:9c:f1:b6:ae:66:bd:96:f2:05:01:00:29:51:37:
10:2e:f4:15:71:60:dd:4b:b2:92:c0:5c:40:93:93:4b:71:00:
6c:85:03:26:6e:84:3c:3a:62:f0:7f:ea:be:13:c1:1e:fb:06:
e1:3e:24:68:79:fa:d8:92:b7:e6:cd:7e:4b:61:8b:cd:43:40:
02:3f:d0:70:c4:fe:75:53:96:b9:dd:4e:db:05:1e:41:70:c7:
4d:59:4c:80:af:5e:8a:a3:d3:6d:a8:9c:de:da:b1:93:bb:11:
e8:1d:4e:20:f7:c7:d1:7f:d3:d7:c5:e0:e1:ac:6b:10:45:b7:
eb:e7:de:9b:6b:cd:a3:8f:41:c0:56:2c:49:49:90:03:3c:3e:
6a:5e:1e:a5:c3:06:5f:b7:c4:55:2a:f6:20:25:2f:d1:02:4f:
e8:3f:43:b3:75:60:fa:24:ae:c9:52:b5:79:f2:fa:bb:4f:41:
fd:70:0c:1b:85:0e:b3:54:0d:3a:7b:de:21:66:b0:68:18:80:
cb:25:a7:29
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY83OmCT5DBaVpXMJKQu+tY+HZIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwMTFaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZDY1YWExNzFhZmQ2NmVjOWEwOTgwYzE2ODU4ODJhZGFjNzAzMTZhNmQ2
YTY0YWJhNGM2M2E2N2NkYjBiZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjx+MFKmZnEdAjvuN3ymaqru3hT9eWx1J+ndZAYGxB3Ky3VhbI4YvVLAdLR
e9WgLydkFrfvAnk2LRvR5lVNw6gLA5ZVW6TOWitTmKJo5TZdjqdrgL9UH7nIKnIp
mgd2E0Cvo09/NLn10a0irPsC5+JaC8LNp84NhLPaNBrrab7GJf4LQMxdiwzjzrze
+v54dQJ0+PJ4B50qNddjdgSU2++XPD/y1iCns361CC/W9AJ033iRQjcIXxpwtngz
IdEQzRpeLGoKhV5UlvUljQLBYApZM+uUS0Iaidr9d5oTVfKHn6KKxUO7FxttM7C3
UUeThPUoqu3/54NzSjTPFQlb828CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRHDumv
qaPMVou1XNN1r7fWjRPA/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE2ZjcyZTktM2M5YS00MTRlLWE2ODgtZWU5OWUzZjJlODQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6J3DAN
BgkqhkiG9w0BAQsFAAOCAQEAxvZ51T8u8R5J6vyk1UxYjjjEoy203euC5b8zGwCP
4txvRDsDTPNxLC/hqfzAt89JqQuv37JNoaCA8pzxtq5mvZbyBQEAKVE3EC70FXFg
3UuyksBcQJOTS3EAbIUDJm6EPDpi8H/qvhPBHvsG4T4kaHn62JK35s1+S2GLzUNA
Aj/QcMT+dVOWud1O2wUeQXDHTVlMgK9eiqPTbaic3tqxk7sR6B1OIPfH0X/T18Xg
4axrEEW36+fem2vNo49BwFYsSUmQAzw+al4epcMGX7fEVSr2ICUv0QJP6D9Ds3Vg
+iSuyVK1efL6u09B/XAMG4UOs1QNOnveIWawaBiAyyWnKQ==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:03 2025 by rpki-client