Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
File: 842bd74b-e507-47ea-bb4e-32057136b2bd.roa (raw, json)
Hash identifier: lrh8YYfLZGtQf9ECpmobt4iQCKsTctoa5zRDIYO/uLk=
Subject key identifier: 7F:D2:74:5E:2D:CF:CE:FC:FD:99:46:61:AF:10:1E:6B:D4:A5:13:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 039E8F54CA58BED9CC834A8904BF1738856E19E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
Signing time: Fri 09 May 2025 16:31:10 +0000
ROA not before: Fri 09 May 2025 16:31:10 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:9e:8f:54:ca:58:be:d9:cc:83:4a:89:04:bf:17:38:85:6e:19:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:31:10 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=e3021028cbfb3f1df861881cd261559ba47693b2fbfab28aedff8384c0885276, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d9:32:a9:c1:30:3d:e0:1c:38:be:44:46:9c:
02:77:11:50:0c:90:27:b3:42:ef:1b:e7:2a:b7:82:
97:95:e9:22:33:f8:dd:8b:8b:48:a1:06:f2:4a:fb:
41:67:3f:a6:c1:63:fc:71:f9:6e:6b:60:10:22:d9:
ca:33:a3:e7:33:a6:d4:24:d6:2b:89:7c:25:33:14:
03:88:40:0d:a7:8b:83:57:bf:46:8f:77:bf:af:87:
b9:0f:b6:94:9f:e6:6b:b6:99:1f:6a:49:c8:ce:2f:
1f:85:b9:27:d7:8d:a0:c5:8e:b7:ef:18:c8:bc:25:
e2:12:8d:43:63:a1:d1:29:87:e3:f1:ce:06:2f:e6:
30:67:b8:4d:d1:38:ca:98:c4:0b:28:04:af:23:69:
71:04:c6:1a:33:68:dd:1f:32:dd:be:28:90:23:e8:
2a:dd:a9:84:18:9b:68:69:11:a3:be:88:a6:17:6e:
d0:88:50:1c:97:9c:5b:6e:20:94:ac:2e:15:08:a2:
78:11:7e:c2:61:8c:47:82:0d:2e:83:4f:21:92:79:
a7:e2:09:8f:ef:22:ef:1a:18:41:11:e6:df:ae:a1:
12:f0:fd:98:67:e1:96:4e:1a:a7:9e:ef:91:ae:44:
62:71:1f:a5:ea:81:ca:66:e1:ff:d0:18:ed:55:76:
8f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D2:74:5E:2D:CF:CE:FC:FD:99:46:61:AF:10:1E:6B:D4:A5:13:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/842bd74b-e507-47ea-bb4e-32057136b2bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:d3:bc:e5:c1:79:f2:cf:2c:cd:cb:bb:3f:df:29:46:d4:0a:
c1:7d:fb:46:e7:5a:30:0a:a8:1b:8d:68:16:99:59:3b:56:68:
11:2b:6d:89:81:7d:a6:3c:45:f7:2e:b6:41:fd:17:bb:5c:66:
b9:e7:0e:a8:98:db:db:ea:b3:53:95:c9:5a:1c:f7:5b:c3:ef:
4b:27:b4:3a:6b:8a:3e:88:c5:4a:b7:48:bf:ae:29:cd:74:8e:
ae:5d:96:41:d6:34:6f:c2:fe:38:7b:80:31:b3:09:d6:e8:d4:
16:10:31:1f:d0:f8:a2:0c:23:42:cd:40:66:a6:ba:0d:38:57:
ca:8a:4c:d4:1a:01:6c:8c:a3:72:50:d2:ea:a9:bc:79:0e:fe:
36:43:13:9f:1c:74:6c:92:22:16:33:7c:c4:56:92:61:92:0a:
4d:fc:7a:60:e5:6a:51:7a:82:c6:fc:d9:74:bc:4c:96:f1:eb:
fb:c5:8a:a4:b8:d6:10:2c:90:8d:4d:9b:04:fd:09:d4:cf:82:
df:53:23:06:d5:e5:41:be:82:b1:2a:4f:22:e7:68:12:8c:f9:
33:5c:e7:02:c5:b0:7d:7d:ad:59:65:eb:12:f8:3f:d4:50:e0:
1d:fe:ff:4a:69:d1:26:53:8c:4a:51:66:1b:d5:80:79:cf:e9:
9d:10:ef:d6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA56PVMpYvtnMg0qJBL8XOIVuGekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMxMTBaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMDIxMDI4Y2JmYjNmMWRmODYxODgxY2QyNjE1NTliYTQ3NjkzYjJmYmZh
YjI4YWVkZmY4Mzg0YzA4ODUyNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDZMqnBMD3gHDi+REacAncRUAyQJ7NC7xvnKreCl5XpIjP43YuLSKEG8kr7
QWc/psFj/HH5bmtgECLZyjOj5zOm1CTWK4l8JTMUA4hADaeLg1e/Ro93v6+HuQ+2
lJ/ma7aZH2pJyM4vH4W5J9eNoMWOt+8YyLwl4hKNQ2Oh0SmH4/HOBi/mMGe4TdE4
ypjECygEryNpcQTGGjNo3R8y3b4okCPoKt2phBibaGkRo76Iphdu0IhQHJecW24g
lKwuFQiieBF+wmGMR4INLoNPIZJ5p+IJj+8i7xoYQRHm366hEvD9mGfhlk4ap57v
ka5EYnEfpeqBymbh/9AY7VV2j2UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR/0nRe
Lc/O/P2ZRmGvEB5r1KUTuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQyYmQ3NGItZTUwNy00N2VhLWJiNGUtMzIwNTcxMzZiMmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JADAN
BgkqhkiG9w0BAQsFAAOCAQEAStO85cF58s8szcu7P98pRtQKwX37RudaMAqoG41o
FplZO1ZoESttiYF9pjxF9y62Qf0Xu1xmuecOqJjb2+qzU5XJWhz3W8PvSye0OmuK
PojFSrdIv64pzXSOrl2WQdY0b8L+OHuAMbMJ1ujUFhAxH9D4ogwjQs1AZqa6DThX
yopM1BoBbIyjclDS6qm8eQ7+NkMTnxx0bJIiFjN8xFaSYZIKTfx6YOVqUXqCxvzZ
dLxMlvHr+8WKpLjWECyQjU2bBP0J1M+C31MjBtXlQb6CsSpPIudoEoz5M1znAsWw
fX2tWWXrEvg/1FDgHf7/SmnRJlOMSlFmG9WAec/pnRDv1g==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:31 2025 by rpki-client