Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
File: 68677111-f27d-417a-8b43-a65f84482997.roa (raw, json)
Hash identifier: AOMyI1z1jBQV9eR5lEmu0OJbdZIoSTSVOgBEuj2vW48=
Subject key identifier: 61:40:C7:60:F8:2C:65:77:92:6A:86:D6:25:86:DE:2B:3F:D9:3D:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50176AE1D595046F9A9B789F8AF7BEFA48B74B29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
Signing time: Fri 09 May 2025 16:31:08 +0000
ROA not before: Fri 09 May 2025 16:31:08 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:17:6a:e1:d5:95:04:6f:9a:9b:78:9f:8a:f7:be:fa:48:b7:4b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:31:08 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=c862c013bba304bb9344312c05495cc6b2f005eb8b4ebf11b181d686947ccd19, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8b:57:aa:5f:fe:8b:dc:a5:52:45:c0:64:59:
ea:d9:ba:41:be:4d:1d:0e:be:1b:24:18:c2:b0:b9:
0b:c6:e5:45:7a:e9:9c:9f:50:89:fd:07:b1:f3:88:
a4:cc:2c:a8:d4:7f:2e:c9:55:8e:e5:ab:4c:1f:a2:
25:e7:46:77:2e:0d:9a:c2:73:e7:c0:78:c7:e3:81:
d9:4c:21:f2:a5:a7:0f:22:67:86:e5:86:b4:dd:0e:
fd:8a:7d:e2:54:6f:86:2f:67:81:0c:1b:cf:84:91:
22:31:8d:da:08:6e:a4:fb:b4:19:59:cb:73:f1:51:
81:e4:74:73:e9:81:65:36:b6:4e:39:48:43:19:1a:
08:bf:8b:b5:37:62:46:d3:bb:b2:66:90:2c:f2:f6:
11:e7:6c:a0:b9:8d:d2:51:8b:27:ab:a3:16:13:2a:
9f:93:0c:bb:63:6f:23:bd:8d:01:33:43:e8:92:6c:
bd:fe:d3:fc:fa:cc:3e:a5:8d:c3:09:2e:4e:08:97:
19:86:6c:f9:24:4a:92:96:60:70:d6:08:f7:6d:a9:
e7:ef:fd:e2:08:27:cb:86:45:08:1b:7d:a4:65:ae:
41:3c:17:d6:3c:6f:7d:cc:a4:4e:32:b7:f5:31:5f:
bc:6c:81:8e:ae:3b:a3:4c:0a:38:f5:76:81:9d:e8:
97:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:40:C7:60:F8:2C:65:77:92:6A:86:D6:25:86:DE:2B:3F:D9:3D:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68677111-f27d-417a-8b43-a65f84482997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/19
Signature Algorithm: sha256WithRSAEncryption
1c:a6:fc:d1:03:9d:47:7f:67:0e:ee:8f:4a:22:06:17:a5:c5:
92:cc:ef:83:6c:1f:bb:c6:46:40:20:1f:df:2e:6b:e5:58:45:
bb:00:85:ec:43:e0:74:69:ad:bc:8e:c4:a8:c2:6a:94:9c:21:
a1:69:ee:60:b3:b2:4d:fa:2c:c7:63:32:b2:4a:f7:86:39:02:
53:ff:aa:5d:1a:46:cc:5d:79:98:31:67:95:45:b3:ca:c2:f0:
8a:09:09:25:2f:cd:df:3b:f7:3c:ec:79:d6:eb:d2:4c:91:8b:
46:4d:9d:76:73:60:fc:03:79:e6:b5:12:72:0e:7d:c8:db:ac:
90:c2:b3:97:5e:97:c6:93:e3:08:c9:38:2b:ef:e6:c1:52:50:
99:b5:0c:f2:de:03:91:09:65:bd:d5:23:00:6b:ee:61:69:69:
49:a7:16:5d:a4:56:f8:65:93:60:3f:64:19:af:be:f9:79:aa:
cf:bd:28:2e:10:89:31:5f:5d:06:51:d8:cd:30:93:ad:4e:be:
fc:6a:0b:40:e2:03:8f:f1:1c:9b:3f:07:7f:20:72:22:e4:bf:
99:ae:3f:61:5e:8a:8d:f7:1d:09:bf:03:e3:83:09:92:f9:59:
e6:8e:26:6c:31:a4:46:8c:86:95:41:78:3a:70:b6:e3:a4:4f:
09:9f:8e:5d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUBdq4dWVBG+am3ifive++ki3SykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMxMDhaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4NjJjMDEzYmJhMzA0YmI5MzQ0MzEyYzA1NDk1Y2M2YjJmMDA1ZWI4YjRl
YmYxMWIxODFkNjg2OTQ3Y2NkMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWLV6pf/ovcpVJFwGRZ6tm6Qb5NHQ6+GyQYwrC5C8blRXrpnJ9Qif0HsfOI
pMwsqNR/LslVjuWrTB+iJedGdy4NmsJz58B4x+OB2Uwh8qWnDyJnhuWGtN0O/Yp9
4lRvhi9ngQwbz4SRIjGN2ghupPu0GVnLc/FRgeR0c+mBZTa2TjlIQxkaCL+LtTdi
RtO7smaQLPL2EedsoLmN0lGLJ6ujFhMqn5MMu2NvI72NATND6JJsvf7T/PrMPqWN
wwkuTgiXGYZs+SRKkpZgcNYI922p5+/94ggny4ZFCBt9pGWuQTwX1jxvfcykTjK3
9TFfvGyBjq47o0wKOPV2gZ3olzUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRhQMdg
+Cxld5JqhtYlht4rP9k90DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NzcxMTEtZjI3ZC00MTdhLThiNDMtYTY1Zjg0NDgyOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAHKb80QOdR39nDu6PSiIGF6XFkszvg2wfu8ZGQCAf
3y5r5VhFuwCF7EPgdGmtvI7EqMJqlJwhoWnuYLOyTfosx2Myskr3hjkCU/+qXRpG
zF15mDFnlUWzysLwigkJJS/N3zv3POx51uvSTJGLRk2ddnNg/AN55rUScg59yNus
kMKzl16XxpPjCMk4K+/mwVJQmbUM8t4DkQllvdUjAGvuYWlpSacWXaRW+GWTYD9k
Ga+++Xmqz70oLhCJMV9dBlHYzTCTrU6+/GoLQOIDj/Ecmz8HfyByIuS/ma4/YV6K
jfcdCb8D44MJkvlZ5o4mbDGkRoyGlUF4OnC246RPCZ+OXQ==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:29:07 2025 by rpki-client