Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
File: 35fbae76-0646-43e5-826f-114b4990545e.roa (raw, json)
Hash identifier: bDAoZCBrrVvPLlZydHLfUefJwidRlB54UDa0x9XmqJo=
Subject key identifier: 0D:39:9D:39:A2:C1:DA:43:BB:C7:35:94:7C:FD:61:B3:CF:BD:68:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70087C6A1CCDF451D524145AAE8E121E30C22E91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
Signing time: Fri 09 May 2025 16:31:14 +0000
ROA not before: Fri 09 May 2025 16:31:14 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:08:7c:6a:1c:cd:f4:51:d5:24:14:5a:ae:8e:12:1e:30:c2:2e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:31:14 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=9fd111da401a2a4b874e9877ed6f8453c526491db33c81c81d414ec459b9f2a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:0c:31:8e:e2:85:bc:10:2a:76:59:78:69:
42:91:3d:24:9d:6c:27:dd:f3:2e:67:45:75:a6:4e:
2f:34:c8:ad:33:2d:c3:c8:0f:e4:fd:2b:ba:2a:15:
28:41:4f:10:d0:ba:d6:97:2c:f5:4f:4c:d2:41:85:
8e:fa:49:f8:88:91:18:49:96:53:fa:98:f9:73:30:
4b:c4:d5:c8:24:17:e3:40:e0:42:72:39:ce:c3:01:
95:88:0f:56:2c:44:ee:83:ae:03:8b:98:eb:24:4f:
ac:72:8a:2f:f8:f5:78:41:d3:96:6b:53:7d:3a:72:
f6:17:ec:0a:70:2a:f0:c7:10:a0:e3:34:43:43:31:
55:50:1b:f5:01:dc:31:6a:f2:cf:f7:ce:ad:69:53:
5a:cf:f4:52:91:75:f4:55:e7:34:a4:90:75:0b:ec:
0e:f7:ef:c3:e5:69:f7:b0:0e:7e:99:9b:af:3f:c5:
6e:d9:ae:a5:20:33:42:dd:c1:ac:89:40:57:d4:d5:
f7:51:2f:bd:0b:0c:dd:bc:ed:5f:a6:4d:eb:78:0f:
41:4c:fe:3e:c0:3b:f1:c1:5a:98:fb:11:2b:89:78:
dc:6a:65:b3:53:78:d7:34:08:74:19:2c:06:f4:0b:
93:0a:c2:86:6d:67:00:96:fd:a8:2c:3d:38:9e:d3:
07:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:39:9D:39:A2:C1:DA:43:BB:C7:35:94:7C:FD:61:B3:CF:BD:68:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35fbae76-0646-43e5-826f-114b4990545e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.168.0/21
Signature Algorithm: sha256WithRSAEncryption
99:16:4b:0e:ea:39:05:51:4e:00:2c:63:f2:4c:74:72:f6:38:
2e:32:24:0d:82:eb:f7:7f:85:72:1b:1c:d9:f8:c7:0f:d2:58:
61:64:7c:56:14:70:c8:8f:0d:4c:9a:87:60:6b:93:3a:9f:53:
34:89:39:38:d0:fc:4d:5c:0d:8c:d2:05:91:3f:e6:8d:25:31:
bf:60:d2:bc:17:b3:70:33:f1:ee:2a:32:46:63:0b:a2:39:97:
22:ee:45:9d:9f:b4:2d:c5:8d:5a:69:60:57:50:0e:54:c9:9f:
bf:a6:cc:3b:f6:de:be:43:10:87:f9:77:ed:14:7b:2e:d8:0d:
c7:35:0c:dc:4a:c6:d1:da:99:ca:4e:ed:e8:77:31:3c:a5:10:
9d:d8:20:a8:0c:b9:0f:17:ee:8e:cd:11:54:4b:42:74:d6:4d:
de:0f:e1:2e:99:47:f0:8b:08:25:e4:2a:c2:4e:54:da:67:ba:
4b:7a:bc:03:cf:08:b6:9e:52:10:d0:f8:e8:96:52:39:a9:8a:
ef:8f:16:85:a6:02:84:a2:cb:61:be:d3:71:ee:d7:9c:a8:9b:
51:7b:54:4f:7d:cf:f5:dc:a0:a5:70:27:dc:ae:3e:58:c3:e0:
91:ab:e5:4e:7d:34:5c:a4:a6:0e:53:28:a2:64:8b:24:e7:07:
b4:d3:6b:7c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcAh8ahzN9FHVJBRaro4SHjDCLpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMxMTRaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZDExMWRhNDAxYTJhNGI4NzRlOTg3N2VkNmY4NDUzYzUyNjQ5MWRiMzNj
ODFjODFkNDE0ZWM0NTliOWYyYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1qDDGO4oW8ECp2WXhpQpE9JJ1sJ93zLmdFdaZOLzTIrTMtw8gP5P0ruioV
KEFPENC61pcs9U9M0kGFjvpJ+IiRGEmWU/qY+XMwS8TVyCQX40DgQnI5zsMBlYgP
VixE7oOuA4uY6yRPrHKKL/j1eEHTlmtTfTpy9hfsCnAq8McQoOM0Q0MxVVAb9QHc
MWryz/fOrWlTWs/0UpF19FXnNKSQdQvsDvfvw+Vp97AOfpmbrz/FbtmupSAzQt3B
rIlAV9TV91EvvQsM3bztX6ZN63gPQUz+PsA78cFamPsRK4l43Gpls1N41zQIdBks
BvQLkwrChm1nAJb9qCw9OJ7TB8sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQNOZ05
osHaQ7vHNZR8/WGzz71ohzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVmYmFlNzYtMDY0Ni00M2U1LTgyNmYtMTE0YjQ5OTA1NDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zqDAN
BgkqhkiG9w0BAQsFAAOCAQEAmRZLDuo5BVFOACxj8kx0cvY4LjIkDYLr93+Fchsc
2fjHD9JYYWR8VhRwyI8NTJqHYGuTOp9TNIk5OND8TVwNjNIFkT/mjSUxv2DSvBez
cDPx7ioyRmMLojmXIu5FnZ+0LcWNWmlgV1AOVMmfv6bMO/bevkMQh/l37RR7LtgN
xzUM3ErG0dqZyk7t6HcxPKUQndggqAy5Dxfujs0RVEtCdNZN3g/hLplH8IsIJeQq
wk5U2me6S3q8A88Itp5SEND46JZSOamK748WhaYChKLLYb7Tce7XnKibUXtUT33P
9dygpXAn3K4+WMPgkavlTn00XKSmDlMoomSLJOcHtNNrfA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:46 2025 by rpki-client