Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
File: bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa (raw, json)
Hash identifier: Tsn2ZrRu5M2czg0GVENPIVXJnAsXb6HI/8SsoYym/jw=
Subject key identifier: 9F:E6:00:A7:F7:65:F1:64:98:99:7E:C1:47:08:85:87:FF:D5:73:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7F9EF6739098DEE7B6266A0EDFC322A2EF82CBCE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
Signing time: Fri 09 May 2025 16:30:57 +0000
ROA not before: Fri 09 May 2025 16:30:57 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:9e:f6:73:90:98:de:e7:b6:26:6a:0e:df:c3:22:a2:ef:82:cb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:57 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=b7bbd3f112f57c539bba48c762bed29b48ff342b48b090bbcc2c452d0d57ebb0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0b:6a:05:61:07:30:74:6e:1e:3a:51:c3:71:
9b:cb:ad:43:3b:26:12:29:3f:de:b3:c5:80:58:88:
1a:55:b6:af:6c:0d:aa:8e:a7:4d:e6:19:2c:5b:7e:
60:1d:41:9b:4c:7d:b7:65:26:c8:60:e6:99:3d:a6:
25:0b:de:d8:54:02:b8:54:73:7f:26:5b:26:1a:c1:
cd:41:70:a0:52:62:a7:0d:31:01:7a:b4:5c:65:56:
3f:fe:57:a9:67:6f:21:00:20:04:14:a9:58:f2:57:
21:44:09:d2:9e:ca:e5:38:e6:90:a8:c7:a1:6f:03:
7d:9f:a4:13:23:de:9c:13:77:10:35:a1:00:82:75:
1d:75:1d:a7:fa:67:8e:32:cb:44:57:d2:45:d8:46:
66:99:5a:4f:4c:19:0f:ff:c1:35:d1:e6:f8:f9:8c:
cf:37:74:98:93:b3:9b:c3:8f:3f:f6:82:0c:6f:e9:
5c:98:6f:ca:99:0d:3e:2e:2f:0c:c2:e0:0c:dd:9e:
22:e0:db:55:78:1c:02:07:aa:21:ae:bd:d9:a0:65:
67:b1:e4:a3:0a:ec:af:61:17:ae:d6:fb:ec:67:42:
f4:94:a4:8d:1d:6b:24:e9:c2:f0:36:e6:55:f8:4f:
05:75:46:a0:23:02:ab:cb:a6:59:e2:d6:fa:4b:3a:
b4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E6:00:A7:F7:65:F1:64:98:99:7E:C1:47:08:85:87:FF:D5:73:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bddd5d52-f097-4aa0-9a71-aa7b6752dcaa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:4d:98:cf:0b:09:56:9e:a8:37:23:4e:ae:ab:9f:7a:41:c5:
f4:65:56:04:28:ad:96:be:a5:b9:90:3c:aa:37:cb:db:87:3b:
da:ce:88:4e:7a:ba:f0:66:97:76:da:5f:5f:e8:bf:06:5b:aa:
bb:cc:bb:41:1a:de:cd:6a:83:46:67:88:97:75:9d:b3:2a:1b:
bd:95:d0:a3:a7:42:00:60:ec:0d:d2:a4:ac:4a:6f:8b:4f:13:
72:8a:b0:53:0b:61:5c:53:10:23:76:3b:db:35:c2:14:8c:08:
dd:3d:54:d2:f8:29:02:4e:9e:49:26:57:9d:34:14:a9:21:2c:
e3:80:91:db:bb:c4:da:82:9a:01:4b:06:f4:db:c2:ed:0e:a2:
4e:99:56:47:37:13:32:f9:09:15:97:27:26:b2:aa:e8:82:25:
68:19:9b:7f:f3:65:97:74:7c:c6:3f:11:33:ff:83:80:a2:d5:
b5:63:91:82:c1:a4:5a:ae:b1:59:7b:30:11:83:c3:f3:77:84:
26:8f:d5:e4:f7:ec:62:fd:dc:d8:33:f4:6b:6c:70:59:52:f4:
66:72:48:3a:b3:69:2c:e8:a8:5e:b6:c7:b1:3f:a8:70:9f:a3:
7a:a2:20:9c:ea:d5:73:ba:88:f2:fa:27:25:31:ad:c7:5a:bc:
f3:0e:be:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf572c5CY3ue2JmoO38Miou+Cy84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwNTdaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3YmJkM2YxMTJmNTdjNTM5YmJhNDhjNzYyYmVkMjliNDhmZjM0MmI0OGIw
OTBiYmNjMmM0NTJkMGQ1N2ViYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOELagVhBzB0bh46UcNxm8utQzsmEik/3rPFgFiIGlW2r2wNqo6nTeYZLFt+
YB1Bm0x9t2UmyGDmmT2mJQve2FQCuFRzfyZbJhrBzUFwoFJipw0xAXq0XGVWP/5X
qWdvIQAgBBSpWPJXIUQJ0p7K5TjmkKjHoW8DfZ+kEyPenBN3EDWhAIJ1HXUdp/pn
jjLLRFfSRdhGZplaT0wZD//BNdHm+PmMzzd0mJOzm8OPP/aCDG/pXJhvypkNPi4v
DMLgDN2eIuDbVXgcAgeqIa692aBlZ7Hkowrsr2EXrtb77GdC9JSkjR1rJOnC8Dbm
VfhPBXVGoCMCq8umWeLW+ks6tFsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSf5gCn
92XxZJiZfsFHCIWH/9VzDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkZDVkNTItZjA5Ny00YWEwLTlhNzEtYWE3YjY3NTJkY2FhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAC6JMA0G
CSqGSIb3DQEBCwUAA4IBAQALTZjPCwlWnqg3I06uq596QcX0ZVYEKK2WvqW5kDyq
N8vbhzvazohOerrwZpd22l9f6L8GW6q7zLtBGt7NaoNGZ4iXdZ2zKhu9ldCjp0IA
YOwN0qSsSm+LTxNyirBTC2FcUxAjdjvbNcIUjAjdPVTS+CkCTp5JJledNBSpISzj
gJHbu8TagpoBSwb028LtDqJOmVZHNxMy+QkVlycmsqrogiVoGZt/82WXdHzGPxEz
/4OAotW1Y5GCwaRarrFZezARg8Pzd4Qmj9Xk9+xi/dzYM/RrbHBZUvRmckg6s2ks
6KhetsexP6hwn6N6oiCc6tVzuojy+iclMa3HWrzzDr4S
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:27:03 2025 by rpki-client