Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json)
Hash identifier: VFsOym0rytrQQkJ4V/Eycogv+Hoyx2BeTmIOYK/mvsM=
Subject key identifier: 9D:38:C6:1D:17:84:CD:90:0E:36:2A:6D:DA:AE:C3:DC:33:36:D2:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 363AEE94B180F852300FBFFB0901D64FBC8935FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
Signing time: Fri 09 May 2025 16:30:19 +0000
ROA not before: Fri 09 May 2025 16:30:19 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:3a:ee:94:b1:80:f8:52:30:0f:bf:fb:09:01:d6:4f:bc:89:35:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:19 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=96b5699b32ba1e0ff262d4124c3db0654accc56f2b1fea989176b0d2227e6119, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:39:b0:1d:f6:c9:50:40:c3:64:72:e3:c1:90:
09:59:66:71:f9:1f:19:c5:fd:e7:68:2a:9b:b5:2a:
47:27:71:0b:37:b0:49:52:b6:a7:e1:3a:06:63:18:
27:1e:8f:82:ef:52:73:89:70:07:6c:58:7e:0d:a9:
7c:c3:c5:c0:2e:24:7e:f5:08:e0:4f:00:5c:de:f7:
61:fc:74:96:26:05:e0:f8:6f:c4:d0:61:90:e4:7e:
df:8b:5f:2a:05:8e:f8:e6:71:33:67:bc:43:3e:a0:
01:a0:fe:fb:be:c6:d8:9a:ba:50:63:28:3a:d8:9f:
e9:ee:f8:e7:cc:99:09:29:96:23:2d:6f:ea:31:d7:
7b:d9:f5:63:25:b6:75:8d:55:9c:2c:83:a3:bc:79:
c8:6f:c0:dd:68:cd:56:9e:ef:81:33:93:a6:8b:78:
12:83:fc:d3:d7:28:1a:27:0b:7b:db:e6:ae:d4:67:
f2:31:88:48:10:b1:66:a0:37:51:b7:ed:fb:7d:67:
53:ce:dc:38:7f:07:a2:05:22:68:5f:78:d2:0d:92:
cc:ba:c9:d9:06:78:16:5e:1d:6a:d0:bf:80:69:4f:
2c:e2:99:c1:fb:0a:2b:49:fe:74:e0:a3:13:ef:20:
9a:15:11:dd:d5:87:a5:ce:55:66:d2:60:e9:70:55:
3b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:38:C6:1D:17:84:CD:90:0E:36:2A:6D:DA:AE:C3:DC:33:36:D2:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:b4:36:69:60:c4:d3:d8:d7:0b:ea:b6:c1:14:c9:a3:aa:63:
6f:12:17:72:83:d3:41:de:e3:64:cc:bd:82:df:74:9b:6f:45:
fb:ce:12:6f:35:4f:18:eb:1c:b1:10:52:55:2b:98:b7:44:42:
11:4a:a8:eb:ac:77:3d:38:21:bd:2a:50:2f:41:f4:dc:bd:f8:
2f:f2:7e:ed:23:1f:29:78:96:b4:7d:eb:5a:97:6a:a3:9b:88:
02:8d:08:ff:ec:16:1c:be:be:1c:25:aa:1c:f5:b9:5d:9c:7b:
5b:ae:9d:37:3d:10:8a:5d:e8:25:c0:6d:97:95:cf:f7:1f:bd:
af:c5:89:e9:e7:c3:7c:00:e2:c9:60:62:7e:b4:96:3e:31:ff:
2f:46:2d:f9:8a:12:f2:51:83:5d:c1:21:49:0d:14:76:e9:33:
aa:e9:fa:77:4a:28:50:08:c5:c6:62:6e:01:7c:10:61:95:5d:
9e:62:30:3b:38:1a:91:0a:b8:6d:36:5f:2a:8b:f3:d7:75:40:
d7:9d:3f:f7:86:4a:b2:47:5c:ef:6d:cd:66:2c:80:2b:5b:30:
96:97:17:75:44:37:b5:a3:00:ac:33:ad:99:60:e8:3f:b5:54:
b3:b4:ad:49:f6:63:3a:32:a1:54:62:c2:58:6a:80:68:77:de:
83:9c:b7:ff
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNjrulLGA+FIwD7/7CQHWT7yJNf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwMTlaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2YjU2OTliMzJiYTFlMGZmMjYyZDQxMjRjM2RiMDY1NGFjY2M1NmYyYjFm
ZWE5ODkxNzZiMGQyMjI3ZTYxMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALI5sB32yVBAw2Ry48GQCVlmcfkfGcX952gqm7UqRydxCzewSVK2p+E6BmMY
Jx6Pgu9Sc4lwB2xYfg2pfMPFwC4kfvUI4E8AXN73Yfx0liYF4PhvxNBhkOR+34tf
KgWO+OZxM2e8Qz6gAaD++77G2Jq6UGMoOtif6e7458yZCSmWIy1v6jHXe9n1YyW2
dY1VnCyDo7x5yG/A3WjNVp7vgTOTpot4EoP809coGicLe9vmrtRn8jGISBCxZqA3
Ubft+31nU87cOH8HogUiaF940g2SzLrJ2QZ4Fl4datC/gGlPLOKZwfsKK0n+dOCj
E+8gmhUR3dWHpc5VZtJg6XBVO48CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSdOMYd
F4TNkA42Km3arsPcMzbSHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAWrQ2aWDE09jXC+q2wRTJo6pjbxIXcoPTQd7jZMy9
gt90m29F+84SbzVPGOscsRBSVSuYt0RCEUqo66x3PTghvSpQL0H03L34L/J+7SMf
KXiWtH3rWpdqo5uIAo0I/+wWHL6+HCWqHPW5XZx7W66dNz0Qil3oJcBtl5XP9x+9
r8WJ6efDfADiyWBifrSWPjH/L0Yt+YoS8lGDXcEhSQ0Udukzqun6d0ooUAjFxmJu
AXwQYZVdnmIwOzgakQq4bTZfKovz13VA150/94ZKskdc723NZiyAK1swlpcXdUQ3
taMArDOtmWDoP7VUs7StSfZjOjKhVGLCWGqAaHfeg5y3/w==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:49 2025 by rpki-client