Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
File: 07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa (raw, json)
Hash identifier: 90Ib5KsPvIng30mB248AZNabLSKl1qDipUwaa7Zs6G8=
Subject key identifier: 3D:FB:6A:92:24:17:84:79:A1:24:90:76:EA:99:FD:10:4B:71:E8:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6186D8DEC1F8CE2B9B6795A3FA69652EA89FF2B7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
Signing time: Mon 14 Apr 2025 17:30:51 +0000
ROA not before: Mon 14 Apr 2025 17:30:51 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:86:d8:de:c1:f8:ce:2b:9b:67:95:a3:fa:69:65:2e:a8:9f:f2:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:51 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=f03b5dd1c9545a758ef75da8bc53584d8a1d1748cb583cc5b8f3d4d5882eda0e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:57:b6:7c:3d:6b:58:ef:c7:a5:b4:26:90:b0:
59:f1:ca:82:d5:0b:29:89:2a:1b:8e:38:57:d9:ca:
fb:8f:9e:15:68:f9:1c:23:ec:b1:32:74:9c:c4:e2:
87:b7:f0:bb:8f:ca:ad:20:6c:9e:4e:59:ec:6c:8d:
ac:a2:66:73:5c:bd:c3:0e:cf:e5:55:d1:8a:7a:c5:
dc:51:86:de:f0:36:a7:d3:22:44:89:ad:8b:48:77:
5e:14:e4:cf:fa:af:d0:a3:35:80:cb:15:64:9e:7a:
4c:38:8c:09:d7:5f:50:5e:d3:f5:82:8b:74:f5:62:
a7:29:d6:1e:35:0c:fe:b9:8a:4b:e3:f0:53:e8:95:
35:a4:e8:37:5f:08:4c:64:0a:dc:cf:f3:96:e0:2a:
da:13:77:33:c1:53:43:60:14:b6:1c:77:7e:88:51:
20:ac:62:2c:85:70:f4:ea:e0:52:02:58:66:44:c6:
ae:9b:a7:c1:df:68:1e:11:21:6d:5b:96:04:22:62:
b6:24:43:bc:3e:92:30:44:cd:ae:21:a8:8d:be:47:
ff:a2:ce:a5:b8:d3:ef:ca:26:7a:7b:3a:ed:bc:d9:
b6:88:b6:ca:88:27:14:44:6f:4f:d1:ad:58:11:1d:
99:ea:a1:28:29:e6:93:22:7c:66:38:e7:65:df:67:
11:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:FB:6A:92:24:17:84:79:A1:24:90:76:EA:99:FD:10:4B:71:E8:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07144f38-ed46-40bc-a3ed-30785c0cc3e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
03:15:a9:11:a9:fb:8b:a7:44:c7:30:3e:bb:07:e7:68:d2:7e:
6e:5a:7a:c0:d1:ed:0d:cb:f6:01:83:e4:73:63:07:e8:3f:98:
74:c7:28:9c:01:f7:5a:20:86:18:3d:06:82:7e:e1:41:1a:0d:
c2:0d:d2:c7:6d:28:e9:0c:51:cb:2c:62:7d:bb:44:86:c9:f5:
be:a6:3c:0b:a5:c7:c1:d0:ee:df:c1:f6:59:8f:c5:18:0a:cc:
78:b2:e0:22:8a:d5:01:e7:7f:13:35:25:16:5b:a7:60:ce:59:
95:ed:d7:9d:b4:30:be:35:e7:d3:22:ca:2a:7e:8a:af:7f:aa:
2a:77:51:34:da:02:03:d4:91:0a:c3:4a:9c:9a:0c:2b:43:80:
b8:b7:8b:be:59:57:97:ac:14:e0:90:b2:64:82:2d:ef:ef:74:
92:4e:6c:36:f1:6f:79:0b:5c:c7:42:1b:7a:5e:7b:1a:13:a2:
d7:9f:df:a7:b2:a1:07:9d:db:0c:f9:9e:3a:b8:58:8c:a3:9e:
35:75:11:3c:f9:39:00:a8:10:27:85:29:69:91:69:37:cc:ae:
71:4a:5c:73:ee:f4:af:29:3a:a9:da:5e:c0:48:f4:4b:92:7a:
87:9f:26:46:5b:40:e6:8d:b7:36:0b:58:5f:11:1e:71:a7:7b:
ab:ba:e6:c1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYYbY3sH4ziubZ5Wj+mllLqif8rcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNTFaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwM2I1ZGQxYzk1NDVhNzU4ZWY3NWRhOGJjNTM1ODRkOGExZDE3NDhjYjU4
M2NjNWI4ZjNkNGQ1ODgyZWRhMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFXtnw9a1jvx6W0JpCwWfHKgtULKYkqG444V9nK+4+eFWj5HCPssTJ0nMTi
h7fwu4/KrSBsnk5Z7GyNrKJmc1y9ww7P5VXRinrF3FGG3vA2p9MiRImti0h3XhTk
z/qv0KM1gMsVZJ56TDiMCddfUF7T9YKLdPVipynWHjUM/rmKS+PwU+iVNaToN18I
TGQK3M/zluAq2hN3M8FTQ2AUthx3fohRIKxiLIVw9OrgUgJYZkTGrpunwd9oHhEh
bVuWBCJitiRDvD6SMETNriGojb5H/6LOpbjT78omens67bzZtoi2yognFERvT9Gt
WBEdmeqhKCnmkyJ8ZjjnZd9nEXkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ9+2qS
JBeEeaEkkHbqmf0QS3HocjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDcxNDRmMzgtZWQ0Ni00MGJjLWEzZWQtMzA3ODVjMGNjM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JsDAN
BgkqhkiG9w0BAQsFAAOCAQEAAxWpEan7i6dExzA+uwfnaNJ+blp6wNHtDcv2AYPk
c2MH6D+YdMconAH3WiCGGD0Ggn7hQRoNwg3Sx20o6QxRyyxifbtEhsn1vqY8C6XH
wdDu38H2WY/FGArMeLLgIorVAed/EzUlFlunYM5Zle3XnbQwvjXn0yLKKn6Kr3+q
KndRNNoCA9SRCsNKnJoMK0OAuLeLvllXl6wU4JCyZIIt7+90kk5sNvFveQtcx0Ib
el57GhOi15/fp7KhB53bDPmeOrhYjKOeNXURPPk5AKgQJ4UpaZFpN8yucUpcc+70
ryk6qdpewEj0S5J6h58mRltA5o23NgtYXxEecad7q7rmwQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:14 2025 by rpki-client