Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: fawOJi3NwDuYIfcDNfTm8yQip986hzzjtLXrkgTivgY=
Subject key identifier: C7:A1:81:EB:2B:C7:34:E6:B2:86:7D:4F:96:1B:2D:2E:EA:05:0E:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B3522053CB9DF276700367C4A4A5DFBC54204BC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Fri 09 May 2025 16:31:12 +0000
ROA not before: Fri 09 May 2025 16:31:12 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:35:22:05:3c:b9:df:27:67:00:36:7c:4a:4a:5d:fb:c5:42:04:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:31:12 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=997f7b9b6432084cc2a3de499f1b87c8671291560aee29498afa8c996c9f10da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:da:3c:30:9e:d9:8e:f4:e9:c5:30:3b:7d:b3:
f6:9f:58:11:f4:00:f5:d6:c4:da:94:d6:e8:fd:90:
9d:fc:83:ef:ed:16:15:11:31:ec:55:c3:e3:af:0b:
b3:2f:fd:e8:cf:4c:30:5e:d2:b3:2c:4b:19:23:c9:
69:6a:fe:20:a3:84:7e:93:88:20:ad:f2:07:95:5d:
a9:c5:48:2e:72:1c:35:3f:40:51:13:2b:e1:df:cb:
3b:87:dc:86:88:fb:a9:7f:93:cd:62:84:ba:4c:6f:
b1:e7:75:4c:68:06:ab:54:53:2b:2d:7b:8e:3f:90:
27:1d:2a:96:44:80:db:12:b2:c7:54:ce:83:30:d2:
bd:a3:f2:44:e1:db:86:4f:92:26:54:f5:54:ff:55:
e5:41:23:25:f8:1d:5e:69:21:cf:41:59:a8:fe:ad:
42:89:15:ac:9c:5c:9b:d2:72:76:91:51:e9:d6:2f:
41:69:b3:7f:59:ee:b5:57:82:4c:73:da:4e:aa:f6:
64:7b:7a:ea:56:f8:a6:57:32:d8:83:54:06:d0:8a:
40:d9:64:f6:47:84:bc:77:77:4a:3e:61:c5:68:b1:
bf:22:e4:60:78:15:56:c1:4e:ba:32:64:65:de:c5:
fe:15:42:26:ef:aa:53:20:81:a1:3f:b5:11:82:d8:
5f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:A1:81:EB:2B:C7:34:E6:B2:86:7D:4F:96:1B:2D:2E:EA:05:0E:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:ba:ce:b5:54:d0:4d:99:64:37:88:40:cb:e6:04:a3:a0:d0:
a6:3d:68:63:65:51:e3:c5:bb:d2:6c:9a:33:45:f9:59:1c:0f:
b2:3f:88:8f:5d:c7:1a:37:1e:0e:b6:a1:a6:86:00:44:dc:f9:
9f:31:5d:d3:de:8f:19:c5:a2:ba:e8:92:68:4e:35:7a:5d:dc:
6e:4e:a0:28:11:9e:a9:90:50:7f:a2:50:57:93:9e:56:3a:48:
64:12:7f:56:d6:46:3d:0e:05:71:b5:ec:f5:de:cf:7e:1e:0a:
ae:58:62:c3:1c:d6:80:e0:dd:34:91:d7:f0:94:8d:45:49:12:
ae:f3:d6:b4:13:43:cf:4f:17:4e:f6:10:8b:57:8e:86:be:bb:
62:6e:3c:05:10:43:7d:3b:1b:7d:22:88:9f:67:de:ae:11:5e:
e8:b0:cc:ab:a3:f6:bb:05:9e:33:8c:6e:a7:16:02:11:77:dd:
dd:e0:05:ff:e1:46:8c:50:b4:92:65:a4:39:b5:4a:4f:b9:91:
02:8d:71:ca:d8:0c:5b:5a:3d:5e:e7:82:2d:2a:d3:ae:52:b4:
9d:91:f0:66:9d:a9:5d:dd:e7:50:d1:92:a3:d5:59:4c:f9:3f:
81:09:34:80:70:81:b9:c9:28:6a:4c:6e:93:4a:8f:a8:e5:e8:
3e:1e:36:f0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSzUiBTy53ydnADZ8Skpd+8VCBLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMxMTJaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5N2Y3YjliNjQzMjA4NGNjMmEzZGU0OTlmMWI4N2M4NjcxMjkxNTYwYWVl
Mjk0OThhZmE4Yzk5NmM5ZjEwZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzaPDCe2Y706cUwO32z9p9YEfQA9dbE2pTW6P2QnfyD7+0WFREx7FXD468L
sy/96M9MMF7SsyxLGSPJaWr+IKOEfpOIIK3yB5VdqcVILnIcNT9AURMr4d/LO4fc
hoj7qX+TzWKEukxvsed1TGgGq1RTKy17jj+QJx0qlkSA2xKyx1TOgzDSvaPyROHb
hk+SJlT1VP9V5UEjJfgdXmkhz0FZqP6tQokVrJxcm9JydpFR6dYvQWmzf1nutVeC
THPaTqr2ZHt66lb4plcy2INUBtCKQNlk9keEvHd3Sj5hxWixvyLkYHgVVsFOujJk
Zd7F/hVCJu+qUyCBoT+1EYLYX8sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHoYHr
K8c05rKGfU+WGy0u6gUOYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAs7rOtVTQTZlkN4hAy+YEo6DQpj1oY2VR48W70mya
M0X5WRwPsj+Ij13HGjceDrahpoYARNz5nzFd096PGcWiuuiSaE41el3cbk6gKBGe
qZBQf6JQV5OeVjpIZBJ/VtZGPQ4FcbXs9d7Pfh4KrlhiwxzWgODdNJHX8JSNRUkS
rvPWtBNDz08XTvYQi1eOhr67Ym48BRBDfTsbfSKIn2ferhFe6LDMq6P2uwWeM4xu
pxYCEXfd3eAF/+FGjFC0kmWkObVKT7mRAo1xytgMW1o9XueCLSrTrlK0nZHwZp2p
Xd3nUNGSo9VZTPk/gQk0gHCBuckoakxuk0qPqOXoPh428A==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:25:27 2025 by rpki-client