Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
File: 27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa (raw, json)
Hash identifier: 0a2ixDxecsz7B0l+r4vJTXDCjSALU8ztwY+pg36C2hQ=
Subject key identifier: 03:CF:18:03:00:FA:C3:62:75:FD:CB:CD:B1:DB:E8:17:8E:2C:E4:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2870594C8AE505671FCE25381A385729ED3705B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
Signing time: Fri 09 May 2025 16:31:19 +0000
ROA not before: Fri 09 May 2025 16:31:19 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:70:59:4c:8a:e5:05:67:1f:ce:25:38:1a:38:57:29:ed:37:05:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:31:19 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=c1937476c703cc2db7f64f71386fd8f5fd608ead38609adbd9d1b50437671a18, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:27:45:40:93:f6:87:7f:a2:19:0a:1c:ea:e1:
b8:d6:f9:e3:e1:3b:71:01:9b:b1:d8:59:27:98:c0:
dd:c0:a9:a2:31:dc:9c:10:ce:b8:fe:11:ea:d4:af:
d0:d6:e4:c7:82:8b:58:d0:c3:40:44:3a:86:d2:26:
9e:00:74:c9:9e:0a:b0:39:10:b0:4d:22:33:6a:d4:
41:b1:90:02:d8:be:79:85:16:a4:b3:03:c5:50:78:
cf:c6:47:ba:95:27:b3:cd:41:00:88:13:7d:6e:71:
0c:f6:44:d6:c2:60:eb:f2:14:78:e3:82:85:f5:ba:
1c:23:cf:dd:dc:f3:a8:cd:1d:d2:51:cb:4a:d9:aa:
fa:12:57:69:6a:18:6c:d1:9a:b1:f2:42:74:2f:ba:
27:4a:7b:5b:c4:04:65:5d:20:45:7c:0c:da:b9:d9:
4c:47:de:ea:a9:d6:df:92:97:4d:16:f7:97:95:ae:
85:48:11:72:f6:ec:2c:5c:14:f3:fa:99:33:ee:97:
07:e4:aa:5b:73:9a:6f:1c:6d:0c:93:84:b4:5c:d4:
58:65:0b:6f:e2:1c:3f:5f:42:df:68:83:42:bd:c2:
7b:06:b8:3f:45:90:a4:4d:ad:4e:09:30:51:13:cc:
c3:03:7a:6b:0f:80:81:8b:8e:1c:67:e4:09:5e:60:
a0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CF:18:03:00:FA:C3:62:75:FD:CB:CD:B1:DB:E8:17:8E:2C:E4:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27d27432-b542-4aad-b3a4-daf2a0a9bb5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.176.0/20
Signature Algorithm: sha256WithRSAEncryption
a1:f0:4a:87:d9:0b:41:09:b8:6b:5f:cd:25:74:78:b9:55:49:
0e:fd:b6:4c:44:59:54:39:9d:31:11:cd:2c:6b:e9:38:7b:11:
ba:a5:f9:49:9b:e4:04:77:05:8b:70:4a:d4:a9:c9:d5:00:43:
b7:6e:79:dc:60:1e:36:0b:f7:ec:8d:1d:a8:b5:43:20:31:ab:
77:51:1e:62:f9:1f:c6:43:60:78:d6:5f:1f:42:97:b7:34:43:
94:67:9f:bd:2e:be:d5:97:c0:2d:ec:20:b3:46:3f:dd:02:b5:
b1:d6:43:8f:81:a3:49:6b:df:e6:df:3e:7c:dd:d8:3b:0f:c1:
f0:64:8c:62:0f:c6:05:67:4c:f6:b7:a3:48:78:15:b7:94:ac:
c5:87:0b:00:78:5e:6d:a8:fe:0a:6f:cc:08:58:55:bf:1b:ea:
87:83:fe:e4:b7:4e:d5:5e:2e:c8:d1:58:30:b2:87:94:af:89:
c8:80:29:62:f7:5c:ac:3a:a3:b0:a0:56:58:20:d2:81:73:11:
70:0f:f2:de:2a:a2:d8:ef:66:e8:ab:9b:c7:a3:a0:9e:dd:6c:
df:48:3d:ca:8f:c2:08:cb:5a:26:c8:3a:24:6e:25:77:4c:77:
9f:3c:b4:10:cd:89:61:9b:27:a0:b1:4c:fb:c6:16:d7:3c:51:
84:8f:a0:84
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKHBZTIrlBWcfziU4GjhXKe03BbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMxMTlaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxOTM3NDc2YzcwM2NjMmRiN2Y2NGY3MTM4NmZkOGY1ZmQ2MDhlYWQzODYw
OWFkYmQ5ZDFiNTA0Mzc2NzFhMTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMInRUCT9od/ohkKHOrhuNb54+E7cQGbsdhZJ5jA3cCpojHcnBDOuP4R6tSv
0Nbkx4KLWNDDQEQ6htImngB0yZ4KsDkQsE0iM2rUQbGQAti+eYUWpLMDxVB4z8ZH
upUns81BAIgTfW5xDPZE1sJg6/IUeOOChfW6HCPP3dzzqM0d0lHLStmq+hJXaWoY
bNGasfJCdC+6J0p7W8QEZV0gRXwM2rnZTEfe6qnW35KXTRb3l5WuhUgRcvbsLFwU
8/qZM+6XB+SqW3OabxxtDJOEtFzUWGULb+IcP19C32iDQr3Cewa4P0WQpE2tTgkw
URPMwwN6aw+AgYuOHGfkCV5goA0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQDzxgD
APrDYnX9y82x2+gXjizkrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjdkMjc0MzItYjU0Mi00YWFkLWIzYTQtZGFmMmEwYTliYjVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zsDAN
BgkqhkiG9w0BAQsFAAOCAQEAofBKh9kLQQm4a1/NJXR4uVVJDv22TERZVDmdMRHN
LGvpOHsRuqX5SZvkBHcFi3BK1KnJ1QBDt2553GAeNgv37I0dqLVDIDGrd1EeYvkf
xkNgeNZfH0KXtzRDlGefvS6+1ZfALewgs0Y/3QK1sdZDj4GjSWvf5t8+fN3YOw/B
8GSMYg/GBWdM9rejSHgVt5SsxYcLAHhebaj+Cm/MCFhVvxvqh4P+5LdO1V4uyNFY
MLKHlK+JyIApYvdcrDqjsKBWWCDSgXMRcA/y3iqi2O9m6Kubx6Ognt1s30g9yo/C
CMtaJsg6JG4ld0x3nzy0EM2JYZsnoLFM+8YW1zxRhI+ghA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:19 2025 by rpki-client