Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
File: 19bd833c-9eac-4b19-b264-a191d9c1b939.roa (raw, json)
Hash identifier: 6k8i6J+TjccDOAPjKNJW0cj7iP20RihDZWFuVt9ynMA=
Subject key identifier: 0F:67:C1:44:A6:3F:4D:5F:F1:A6:7F:6A:BC:22:A7:42:33:94:41:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24770733D08FF7A1A6068009439700D45704B8E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
Signing time: Tue 19 Aug 2025 17:00:17 +0000
ROA not before: Tue 19 Aug 2025 17:00:17 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:77:07:33:d0:8f:f7:a1:a6:06:80:09:43:97:00:d4:57:04:b8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 17:00:17 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=27a9a8f0a657e61a5b14c419067b66f4963da184ec515eff7e77353ed87415cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:33:98:40:d3:f0:a2:44:89:d9:28:75:fb:4c:
fd:8d:31:01:7b:4a:7c:15:9a:28:10:b8:f2:49:18:
48:f9:f8:1b:96:48:da:a5:38:f4:85:bf:9d:de:96:
5f:5b:99:21:db:71:30:ad:6f:03:eb:f4:ac:8f:2e:
af:99:a4:0a:a9:cd:16:23:7d:1e:b9:62:5e:b0:d7:
74:99:31:37:bd:f4:82:8c:49:07:6e:a6:ee:08:4f:
f9:f5:40:34:f5:32:04:b5:ad:64:2c:6e:84:4a:9e:
bc:29:f5:66:62:8d:30:37:98:3e:ca:e0:ef:df:29:
ee:17:90:ec:02:14:b6:4c:e9:17:47:30:3f:08:61:
a4:2b:94:ba:11:32:57:14:d6:c1:b2:05:b9:56:c7:
6b:f9:0d:e2:30:ed:d8:c5:79:db:52:69:29:15:d6:
bb:c7:01:33:66:99:93:f1:c0:13:1e:f1:73:3f:ac:
3a:2c:83:32:09:a2:9a:f4:9a:9f:5d:9e:15:45:41:
72:ba:9e:a7:b1:62:19:eb:ec:b0:bc:13:61:23:cd:
c6:13:db:da:02:b0:4e:f2:6c:53:c8:c8:a4:ce:d0:
06:13:f3:7a:37:34:22:2d:5f:db:4c:b1:17:85:c1:
1b:20:db:b1:db:6e:e9:40:7c:a7:49:5c:6a:bb:31:
63:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:67:C1:44:A6:3F:4D:5F:F1:A6:7F:6A:BC:22:A7:42:33:94:41:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
c5:04:eb:f0:15:a4:9b:42:c2:42:fa:dd:70:1a:d3:2e:4c:88:
e2:a9:f4:fb:dd:55:1e:e6:d3:16:73:19:6e:aa:15:d4:a6:e7:
7d:93:ec:5d:c7:75:bb:85:38:b2:d5:d1:5f:b3:2c:2b:24:5f:
db:0e:c1:ed:a8:e0:ca:3d:34:b4:dc:69:70:58:4f:57:7b:95:
69:fa:af:f7:1d:ff:fb:48:57:1d:9a:3b:e8:41:e4:d0:90:47:
c3:f1:d6:6e:86:a3:11:b7:3c:04:24:9a:91:86:de:0d:da:0b:
e9:07:61:5c:91:49:44:dd:00:4a:13:7e:d6:b7:55:23:c8:81:
13:0a:1d:8b:7d:51:5c:28:4d:8d:13:4a:76:d3:25:4e:3c:9d:
f4:20:16:39:dd:9a:05:c5:90:c3:cb:93:64:d4:be:18:e8:df:
7b:28:14:bc:36:a4:9e:c4:d9:8f:2c:0b:7d:3f:82:4c:77:8d:
29:9c:69:b3:3c:c1:6c:a0:22:1f:b9:28:18:a7:2e:70:f3:37:
59:d2:29:02:d5:c3:ab:d2:b4:7b:83:c0:5f:77:86:93:c9:7b:
18:ed:5e:c7:54:da:ec:b0:a4:f8:73:66:e1:2e:e7:15:8b:3a:
10:d9:8c:82:6e:b0:17:64:bf:9a:16:78:56:34:85:96:38:23:
3c:db:7c:a8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJHcHM9CP96GmBoAJQ5cA1FcEuOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNzAwMTdaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3YTlhOGYwYTY1N2U2MWE1YjE0YzQxOTA2N2I2NmY0OTYzZGExODRlYzUx
NWVmZjdlNzczNTNlZDg3NDE1Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQzmEDT8KJEidkodftM/Y0xAXtKfBWaKBC48kkYSPn4G5ZI2qU49IW/nd6W
X1uZIdtxMK1vA+v0rI8ur5mkCqnNFiN9HrliXrDXdJkxN730goxJB26m7ghP+fVA
NPUyBLWtZCxuhEqevCn1ZmKNMDeYPsrg798p7heQ7AIUtkzpF0cwPwhhpCuUuhEy
VxTWwbIFuVbHa/kN4jDt2MV521JpKRXWu8cBM2aZk/HAEx7xcz+sOiyDMgmimvSa
n12eFUVBcrqep7FiGevssLwTYSPNxhPb2gKwTvJsU8jIpM7QBhPzejc0Ii1f20yx
F4XBGyDbsdtu6UB8p0lcarsxY/UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPZ8FE
pj9NX/Gmf2q8IqdCM5RBLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTliZDgzM2MtOWVhYy00YjE5LWIyNjQtYTE5MWQ5YzFiOTM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEAxQTr8BWkm0LCQvrdcBrTLkyI4qn0+91VHubTFnMZ
bqoV1KbnfZPsXcd1u4U4stXRX7MsKyRf2w7B7ajgyj00tNxpcFhPV3uVafqv9x3/
+0hXHZo76EHk0JBHw/HWboajEbc8BCSakYbeDdoL6QdhXJFJRN0AShN+1rdVI8iB
Ewodi31RXChNjRNKdtMlTjyd9CAWOd2aBcWQw8uTZNS+GOjfeygUvDaknsTZjywL
fT+CTHeNKZxpszzBbKAiH7koGKcucPM3WdIpAtXDq9K0e4PAX3eGk8l7GO1ex1Ta
7LCk+HNm4S7nFYs6ENmMgm6wF2S/mhZ4VjSFljgjPNt8qA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:07 2025 by rpki-client