Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
File: 062e9317-b5ab-4d01-a462-4dc8d164e17c.roa (raw, json)
Hash identifier: 4L8CgldiFXd99GdDWB8BwiETqlhf+XK3dDnX14FaSp0=
Subject key identifier: A4:65:77:DF:FB:16:A8:1C:84:7E:C7:54:F5:99:4B:D1:09:FF:AC:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39696DE4BF35996FF20CAA46F0C71C2E93A27CB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
Signing time: Mon 14 Apr 2025 17:30:13 +0000
ROA not before: Mon 14 Apr 2025 17:30:13 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:69:6d:e4:bf:35:99:6f:f2:0c:aa:46:f0:c7:1c:2e:93:a2:7c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:13 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=f77251b5e214c93041ee79a89aad431b1005c7af3c43e22fb62bad3891c5c157, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ce:ef:21:7a:79:ef:89:33:96:5c:cf:8b:a3:
c5:7a:14:53:4f:18:16:bc:46:bf:86:f6:31:dd:9b:
43:85:6e:bf:5d:0f:11:0a:c8:98:da:11:50:48:8a:
c5:61:8d:85:75:49:60:3e:26:e3:72:b8:26:4c:61:
f0:05:52:eb:04:24:72:52:72:7f:9f:2e:52:52:97:
9d:b9:61:0e:e5:42:2f:5f:99:4e:4e:86:e5:72:33:
7f:3c:50:e8:0c:cd:cf:d8:e5:32:be:cb:08:ed:ef:
e4:3a:60:70:05:7a:e5:d1:98:f4:17:d5:29:80:53:
45:d9:7f:1a:ab:a8:7f:ba:87:14:09:e0:82:ff:a8:
a1:87:83:dc:1b:5f:0e:b5:4d:cd:49:2d:11:04:bd:
c5:28:d4:5d:7e:8c:7c:19:ce:cb:bf:62:97:cf:36:
de:7d:96:4c:10:db:f0:66:b6:ca:e6:29:30:0e:94:
b4:7b:b5:77:04:fb:59:e7:01:76:92:b3:14:91:43:
e0:74:1e:6c:57:73:25:86:af:14:75:ff:79:00:3c:
b5:0a:c6:51:ec:fc:6f:20:c9:9b:f8:9a:79:95:e5:
12:3e:e2:1e:4d:16:e0:b1:3d:32:28:e7:77:ef:e6:
80:de:93:84:4d:62:e0:51:4e:1b:70:4f:12:58:d0:
98:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:65:77:DF:FB:16:A8:1C:84:7E:C7:54:F5:99:4B:D1:09:FF:AC:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/062e9317-b5ab-4d01-a462-4dc8d164e17c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.172.0/22
Signature Algorithm: sha256WithRSAEncryption
95:4e:ae:a5:a0:d6:f7:89:02:5a:c6:24:4c:8c:01:63:08:bb:
1d:26:99:af:b1:e6:96:d9:e8:af:1c:26:c3:23:a4:92:ea:6e:
a0:80:77:30:7f:0f:97:60:0c:65:e7:a1:ce:06:d0:75:69:72:
c2:25:68:b7:36:df:b4:57:8d:6f:51:e8:75:d9:58:fa:58:b3:
96:d2:3f:d6:28:8d:b4:62:c1:c9:96:ed:f0:f1:30:97:97:20:
b9:69:7c:61:e3:f8:2c:0e:2c:fc:74:90:cb:58:07:29:98:74:
11:0b:ac:82:7a:32:75:f5:de:4c:46:d6:55:01:b8:0d:65:63:
08:ae:e7:d0:aa:71:a5:cc:ba:ba:d0:95:d7:67:6a:28:2f:f5:
59:ab:ee:c4:34:ac:75:2f:20:79:96:f4:af:93:01:4e:d6:68:
a0:f4:01:43:03:2b:51:46:1b:ec:ca:cc:5d:fb:b1:8c:4a:cd:
2b:d2:d3:f9:14:ac:44:e2:fa:7c:f5:dc:3a:6c:6a:be:f5:86:
c3:a2:40:de:55:45:fc:ff:df:89:ad:bb:d9:2c:8e:58:3e:07:
8d:ea:bf:cf:ab:71:6c:7f:be:e3:a9:a4:37:85:ab:15:8a:7e:
e4:39:f4:f4:ce:47:ae:13:8a:6f:35:18:65:f7:0e:e6:8c:51:
b0:ab:50:2c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOWlt5L81mW/yDKpG8MccLpOifLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTNaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3NzI1MWI1ZTIxNGM5MzA0MWVlNzlhODlhYWQ0MzFiMTAwNWM3YWYzYzQz
ZTIyZmI2MmJhZDM4OTFjNWMxNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvO7yF6ee+JM5Zcz4ujxXoUU08YFrxGv4b2Md2bQ4Vuv10PEQrImNoRUEiK
xWGNhXVJYD4m43K4Jkxh8AVS6wQkclJyf58uUlKXnblhDuVCL1+ZTk6G5XIzfzxQ
6AzNz9jlMr7LCO3v5DpgcAV65dGY9BfVKYBTRdl/Gquof7qHFAnggv+ooYeD3Btf
DrVNzUktEQS9xSjUXX6MfBnOy79il8823n2WTBDb8Ga2yuYpMA6UtHu1dwT7WecB
dpKzFJFD4HQebFdzJYavFHX/eQA8tQrGUez8byDJm/iaeZXlEj7iHk0W4LE9Mijn
d+/mgN6ThE1i4FFOG3BPEljQmKcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSkZXff
+xaoHIR+x1T1mUvRCf+seTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDYyZTkzMTctYjVhYi00ZDAxLWE0NjItNGRjOGQxNjRlMTdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JrDAN
BgkqhkiG9w0BAQsFAAOCAQEAlU6upaDW94kCWsYkTIwBYwi7HSaZr7Hmltnorxwm
wyOkkupuoIB3MH8Pl2AMZeehzgbQdWlywiVotzbftFeNb1HoddlY+lizltI/1iiN
tGLByZbt8PEwl5cguWl8YeP4LA4s/HSQy1gHKZh0EQusgnoydfXeTEbWVQG4DWVj
CK7n0Kpxpcy6utCV12dqKC/1WavuxDSsdS8geZb0r5MBTtZooPQBQwMrUUYb7MrM
XfuxjErNK9LT+RSsROL6fPXcOmxqvvWGw6JA3lVF/P/fia272SyOWD4Hjeq/z6tx
bH++46mkN4WrFYp+5Dn09M5HrhOKbzUYZfcO5oxRsKtQLA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:17 2025 by rpki-client