Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
File: b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa (raw, json)
Hash identifier: FRp9uB2NFeGKqlanTB79P3SIHfmBMfYVWMhKN7gwoF4=
Subject key identifier: DF:6E:EA:F2:F3:C0:E2:69:B1:99:E5:95:68:BC:9A:B5:A7:13:DD:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3462F14B783EEE6AD99F635D101FB596D66BEA95
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
Signing time: Fri 09 May 2025 16:30:15 +0000
ROA not before: Fri 09 May 2025 16:30:15 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:62:f1:4b:78:3e:ee:6a:d9:9f:63:5d:10:1f:b5:96:d6:6b:ea:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:15 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=e47323de83f11d26d0dbf825ad8dfd7212403c369a6ae60f5f366932a7640074, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:91:74:b7:57:0a:fa:2d:49:42:7c:29:38:31:
c4:36:7e:97:44:8e:d1:a4:38:81:93:fb:b7:ad:74:
ca:d2:44:1a:a4:1b:df:71:a7:d4:82:df:6b:b2:b9:
07:ad:98:4b:34:b3:36:78:d6:74:3f:71:05:04:09:
ff:ec:b5:4c:9f:a9:3e:15:a9:3e:41:e4:52:ad:88:
3d:b7:7e:77:eb:97:58:6e:24:83:9b:55:69:47:a5:
b8:80:46:21:9a:92:5a:d3:54:6f:f0:a4:67:2b:26:
c0:9c:ba:4b:9a:27:dc:21:5e:ab:ed:8f:3f:ff:89:
01:88:c4:13:86:b1:82:34:35:ab:24:ad:a1:e2:0c:
f4:89:e2:a4:03:13:ce:59:9b:79:14:68:65:96:e2:
af:ea:60:32:0a:9f:40:1d:67:cb:4e:67:d3:ba:b6:
be:a2:c3:dd:d8:e5:88:2a:3f:be:a1:82:7b:41:e1:
7f:68:38:a5:4f:11:76:4e:40:56:77:f7:d1:97:7c:
9d:19:04:36:e1:94:80:f4:c7:28:4a:b3:83:c7:14:
26:cd:c8:56:9b:e4:ae:90:46:cc:93:7f:66:d3:0d:
1d:7f:04:cc:01:d1:75:20:e4:5e:b8:9e:f3:9b:9e:
f1:3b:d2:73:4c:05:09:59:99:a5:19:3b:4c:b6:fc:
be:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6E:EA:F2:F3:C0:E2:69:B1:99:E5:95:68:BC:9A:B5:A7:13:DD:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.156.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:a9:dc:e1:6d:e9:fc:47:49:48:57:1d:1d:f9:18:7c:3d:87:
b0:07:0d:01:dd:4e:bd:62:c1:f6:30:41:e2:ed:45:f3:79:ac:
86:88:c4:7d:f5:fb:b4:08:2d:e4:c3:5a:e1:2a:d4:84:58:12:
01:ff:90:f3:16:fa:e2:50:34:8b:1f:96:f2:56:29:ef:39:23:
0f:1e:cc:65:bf:6b:4e:34:3d:73:c3:e7:c2:6a:b4:7b:00:33:
28:f4:d1:a9:0f:c1:b6:10:65:17:6f:2b:ba:36:dd:8d:03:e3:
e2:d6:f5:23:03:52:e3:4a:9f:47:ec:b2:6b:b7:69:d3:e3:ef:
24:02:37:03:89:e0:b7:f5:b9:7d:b8:7c:b1:b0:7d:f9:0f:6b:
b2:ca:e9:86:21:40:13:35:39:88:e7:65:5b:ac:d3:65:87:e4:
ed:94:96:b6:35:53:9a:f6:fa:42:49:1a:36:bd:2d:7d:84:25:
d3:bb:94:76:91:54:a9:22:8d:81:bf:44:87:a7:c4:79:46:05:
36:e2:bc:36:02:40:47:00:5d:41:e4:8d:a7:3a:e1:91:42:12:
55:e4:76:d0:aa:86:71:11:5b:8d:cf:e7:8a:05:c1:99:5b:57:
bc:cb:8c:07:96:0b:23:7f:d3:fa:4f:e0:ec:1e:33:f0:e2:a0:
54:81:b0:6d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNGLxS3g+7mrZn2NdEB+1ltZr6pUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwMTVaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NzMyM2RlODNmMTFkMjZkMGRiZjgyNWFkOGRmZDcyMTI0MDNjMzY5YTZh
ZTYwZjVmMzY2OTMyYTc2NDAwNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOGRdLdXCvotSUJ8KTgxxDZ+l0SO0aQ4gZP7t610ytJEGqQb33Gn1ILfa7K5
B62YSzSzNnjWdD9xBQQJ/+y1TJ+pPhWpPkHkUq2IPbd+d+uXWG4kg5tVaUeluIBG
IZqSWtNUb/CkZysmwJy6S5on3CFeq+2PP/+JAYjEE4axgjQ1qyStoeIM9InipAMT
zlmbeRRoZZbir+pgMgqfQB1ny05n07q2vqLD3djliCo/vqGCe0Hhf2g4pU8Rdk5A
Vnf30Zd8nRkENuGUgPTHKEqzg8cUJs3IVpvkrpBGzJN/ZtMNHX8EzAHRdSDkXrie
85ue8TvSc0wFCVmZpRk7TLb8vosCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTfbury
88DiabGZ5ZVovJq1pxPdfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllODUxNzQtMmZmZC00YjkzLTgzNTctMWUyYmE4NTQ0OWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JnDAN
BgkqhkiG9w0BAQsFAAOCAQEAfanc4W3p/EdJSFcdHfkYfD2HsAcNAd1OvWLB9jBB
4u1F83mshojEffX7tAgt5MNa4SrUhFgSAf+Q8xb64lA0ix+W8lYp7zkjDx7MZb9r
TjQ9c8Pnwmq0ewAzKPTRqQ/BthBlF28rujbdjQPj4tb1IwNS40qfR+yya7dp0+Pv
JAI3A4ngt/W5fbh8sbB9+Q9rssrphiFAEzU5iOdlW6zTZYfk7ZSWtjVTmvb6Qkka
Nr0tfYQl07uUdpFUqSKNgb9Eh6fEeUYFNuK8NgJARwBdQeSNpzrhkUISVeR20KqG
cRFbjc/nigXBmVtXvMuMB5YLI3/T+k/g7B4z8OKgVIGwbQ==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:39 2025 by rpki-client