Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
File: 6e1e6e69-6595-40ff-9430-d53f22670630.roa (raw, json)
Hash identifier: xj2yMwCbnwTuU/xZvD9xNAoChPSWTvLNf3G/vVQTAYE=
Subject key identifier: E3:24:8D:E1:7B:EA:ED:74:0D:E1:8E:1A:15:CA:2B:F2:74:15:8E:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EBEBF7D732FCDE4BF1165D4DEE8B2F75FF71C8B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
Signing time: Fri 09 May 2025 16:30:20 +0000
ROA not before: Fri 09 May 2025 16:30:20 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:be:bf:7d:73:2f:cd:e4:bf:11:65:d4:de:e8:b2:f7:5f:f7:1c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:20 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=a76cd6838f1092cb7797d8537362ec07acb2edabfb08ee9cb2c87bd3a13a11f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:65:f1:32:cf:af:6d:ae:01:48:90:03:14:
00:a9:3d:b3:3f:dc:0a:26:bb:36:e6:3a:8b:a7:4f:
9f:d1:fc:99:59:1d:36:4e:56:f0:1e:54:62:18:8c:
c8:36:e4:e4:34:be:31:45:d6:18:21:a7:7a:b3:be:
16:82:a3:1e:50:0f:9d:34:16:e7:5f:7a:d1:cc:f3:
09:4d:fb:ac:e8:dd:37:a5:bf:30:e0:fb:b0:31:59:
28:7f:1d:6f:b8:90:9b:f8:7b:34:b8:6a:0e:52:7a:
c4:65:59:84:51:cf:43:08:d5:de:8e:42:d6:41:cc:
79:72:3b:f7:fc:92:fc:62:a3:c0:ce:53:d0:2d:e0:
28:12:c6:12:f8:d3:18:b2:8e:f8:96:ce:18:6f:ba:
6e:97:95:e9:70:2b:b6:ac:e7:7e:48:8a:05:9e:31:
35:de:e7:70:57:b6:52:e0:80:ef:44:7b:07:96:4a:
a0:8d:e6:63:6e:13:ce:92:6d:e0:33:9c:e8:d9:15:
88:e3:c5:ef:2f:7e:73:c5:cc:bd:03:63:26:34:02:
2e:e6:7b:16:4f:58:83:02:e3:8f:3a:be:62:b9:3d:
a1:98:be:f3:04:fc:99:18:14:92:79:5a:3c:8d:ed:
9c:d7:c7:93:00:04:50:89:01:80:52:c8:26:54:60:
18:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:24:8D:E1:7B:EA:ED:74:0D:E1:8E:1A:15:CA:2B:F2:74:15:8E:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.72.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:cf:2b:22:8a:41:aa:52:22:7b:e4:60:bd:2c:85:4f:1e:c3:
92:14:5f:64:71:36:d6:3c:c1:1d:f3:0b:03:3e:9f:bf:ab:bd:
b5:7e:9d:6f:25:97:08:76:fa:b4:7c:f0:6f:7f:c3:ac:2f:04:
ea:a1:ee:bf:aa:81:19:33:9f:c7:36:7b:83:f2:67:3e:7d:ea:
bb:6a:a6:1e:cb:e5:ad:80:04:f8:dc:85:05:fa:10:c2:b2:29:
b3:69:7a:52:f2:10:57:80:e3:83:75:f9:e0:07:07:ac:f1:86:
12:29:df:5d:91:42:a4:48:ce:fc:81:a5:d5:c4:a3:81:8d:7e:
fd:fd:fb:48:16:bd:cb:e4:6d:b6:e1:3c:ea:56:9e:af:f5:21:
9e:af:31:09:56:5a:a1:63:9f:90:1b:07:fe:1a:07:54:b6:f3:
d5:04:b2:bb:1a:7d:e7:4f:fd:4f:9a:d7:c0:a4:fe:d9:1a:64:
a5:a5:84:e0:d1:54:f4:63:b0:78:6b:c2:1d:8c:2b:55:4a:1c:
e6:e1:8f:63:65:5b:d1:fd:12:ad:eb:5e:ae:6a:a3:06:3d:b0:
cd:2a:84:2e:5b:e2:33:49:66:97:8e:92:a0:ef:5d:b7:f7:9b:
74:f5:d4:fc:91:0e:e2:71:a8:64:7b:f8:39:bc:89:f2:06:15:
28:a7:70:98
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPr6/fXMvzeS/EWXU3uiy91/3HIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwMjBaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NmNkNjgzOGYxMDkyY2I3Nzk3ZDg1MzczNjJlYzA3YWNiMmVkYWJmYjA4
ZWU5Y2IyYzg3YmQzYTEzYTExZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7NZfEyz69trgFIkAMUAKk9sz/cCia7NuY6i6dPn9H8mVkdNk5W8B5UYhiM
yDbk5DS+MUXWGCGnerO+FoKjHlAPnTQW51960czzCU37rOjdN6W/MOD7sDFZKH8d
b7iQm/h7NLhqDlJ6xGVZhFHPQwjV3o5C1kHMeXI79/yS/GKjwM5T0C3gKBLGEvjT
GLKO+JbOGG+6bpeV6XArtqznfkiKBZ4xNd7ncFe2UuCA70R7B5ZKoI3mY24TzpJt
4DOc6NkViOPF7y9+c8XMvQNjJjQCLuZ7Fk9YgwLjjzq+Yrk9oZi+8wT8mRgUknla
PI3tnNfHkwAEUIkBgFLIJlRgGDECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTjJI3h
e+rtdA3hjhoVyivydBWOXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxZTZlNjktNjU5NS00MGZmLTk0MzAtZDUzZjIyNjcwNjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JSDAN
BgkqhkiG9w0BAQsFAAOCAQEAnM8rIopBqlIie+RgvSyFTx7DkhRfZHE21jzBHfML
Az6fv6u9tX6dbyWXCHb6tHzwb3/DrC8E6qHuv6qBGTOfxzZ7g/JnPn3qu2qmHsvl
rYAE+NyFBfoQwrIps2l6UvIQV4Djg3X54AcHrPGGEinfXZFCpEjO/IGl1cSjgY1+
/f37SBa9y+RttuE86laer/Uhnq8xCVZaoWOfkBsH/hoHVLbz1QSyuxp950/9T5rX
wKT+2RpkpaWE4NFU9GOweGvCHYwrVUoc5uGPY2Vb0f0SretermqjBj2wzSqELlvi
M0lml46SoO9dt/ebdPXU/JEO4nGoZHv4ObyJ8gYVKKdwmA==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:40 2025 by rpki-client