Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
File: 216f72e9-3c9a-414e-a688-ee99e3f2e840.roa (raw, json)
Hash identifier: N6+pZowSaUybo+G8CXeMxAQqVMGadJBPyNVJHnpGfrI=
Subject key identifier: D1:5B:73:E4:02:6C:67:41:11:E4:D2:7B:E4:60:AD:46:12:F2:32:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B9C624B730EA6B65A61FA258BB07373D79D30B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
Signing time: Mon 14 Apr 2025 17:30:09 +0000
ROA not before: Mon 14 Apr 2025 17:30:09 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.220.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:9c:62:4b:73:0e:a6:b6:5a:61:fa:25:8b:b0:73:73:d7:9d:30:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:09 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=59fc303fdb2849eb370c678544af4f87496370f2cf5e90d27c1f326eca4bf9da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:46:7a:61:76:bd:20:ab:4a:7a:c3:42:87:13:
e9:fd:e8:55:37:33:d9:ea:6f:e5:e8:f6:83:29:3c:
31:64:65:69:68:a0:2b:44:f8:62:66:59:28:82:ca:
91:f4:6e:bb:1b:35:19:c2:99:f6:ec:5c:24:73:bf:
5f:bb:05:0b:9e:85:7c:d3:be:f8:43:09:ca:34:c0:
c0:58:fb:42:ba:c5:95:dc:a7:70:71:c1:b5:f3:b6:
1b:aa:b1:a0:c5:9f:fc:cc:d6:1c:33:6d:55:e7:20:
fb:f4:02:64:a7:65:7a:d2:31:b2:51:80:fd:91:3c:
b0:84:81:b8:29:dc:13:f1:ef:9b:9f:8b:89:bd:fe:
59:37:f2:e5:65:69:6f:63:79:8b:07:4e:df:96:70:
bc:19:77:1d:ce:a5:c4:8d:f6:60:84:f5:14:16:ff:
1a:49:18:c4:b2:48:f0:56:93:cc:85:2e:70:fb:69:
ee:54:b3:b9:9b:64:df:a7:bb:00:f0:9e:6a:d5:d9:
35:5e:8f:a7:2d:3e:f5:c0:6b:74:da:45:38:84:9d:
d9:b6:e3:64:4f:ab:25:54:58:d7:ef:eb:50:15:fd:
84:a5:08:39:4a:be:da:0b:c4:3d:17:57:bc:53:48:
01:33:7a:49:4c:b3:49:4b:60:90:66:27:91:44:90:
2f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:5B:73:E4:02:6C:67:41:11:E4:D2:7B:E4:60:AD:46:12:F2:32:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/216f72e9-3c9a-414e-a688-ee99e3f2e840.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.220.0/23
Signature Algorithm: sha256WithRSAEncryption
51:53:78:ba:6a:cb:1c:e6:68:58:6f:37:21:b9:06:22:67:a8:
fa:db:8f:c1:1c:60:19:82:e4:03:ca:cc:0c:f4:d6:d7:81:cc:
1f:a0:dc:ab:61:67:8d:84:a8:2d:39:3b:2e:8e:0a:79:84:f0:
5b:01:e8:ce:58:52:0a:73:7d:72:8c:a9:34:ba:4e:b1:b2:a2:
92:c5:fe:4a:59:d8:52:90:c9:0f:b0:e4:dd:54:e1:78:e3:ba:
63:47:9b:4c:f7:ef:be:f1:5a:1d:a1:1c:7b:c0:d8:34:2e:1f:
00:40:62:c6:94:03:e2:b0:fc:d3:d5:e5:19:f5:9f:70:da:ee:
82:f0:91:c9:fc:01:b3:43:f1:94:74:73:8f:4d:3f:82:0d:3d:
8a:ba:c7:8b:98:2c:47:ba:f8:06:d9:36:a2:65:30:21:63:f5:
fb:87:1d:29:67:01:cd:72:4a:7c:18:a6:6f:bd:07:f2:dc:92:
5d:ec:33:fd:9e:c6:4d:83:c6:99:12:91:8c:c4:7f:21:bf:ed:
fa:e6:61:0c:9c:81:23:b2:7b:df:48:52:dd:a0:fb:89:e4:a3:
a8:8a:cd:a5:b3:21:3d:89:76:6e:6b:c6:2d:ed:b3:4d:ee:ce:
c1:0e:33:1e:d0:83:d8:05:6e:36:0e:b6:4e:0b:00:09:c1:61:
0a:61:a3:88
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO5xiS3MOprZaYfoli7Bzc9edMLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMDlaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ZmMzMDNmZGIyODQ5ZWIzNzBjNjc4NTQ0YWY0Zjg3NDk2MzcwZjJjZjVl
OTBkMjdjMWYzMjZlY2E0YmY5ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtGemF2vSCrSnrDQocT6f3oVTcz2epv5ej2gyk8MWRlaWigK0T4YmZZKILK
kfRuuxs1GcKZ9uxcJHO/X7sFC56FfNO++EMJyjTAwFj7QrrFldyncHHBtfO2G6qx
oMWf/MzWHDNtVecg+/QCZKdletIxslGA/ZE8sISBuCncE/Hvm5+Lib3+WTfy5WVp
b2N5iwdO35ZwvBl3Hc6lxI32YIT1FBb/GkkYxLJI8FaTzIUucPtp7lSzuZtk36e7
APCeatXZNV6Ppy0+9cBrdNpFOISd2bbjZE+rJVRY1+/rUBX9hKUIOUq+2gvEPRdX
vFNIATN6SUyzSUtgkGYnkUSQL6cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTRW3Pk
AmxnQRHk0nvkYK1GEvIyGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE2ZjcyZTktM2M5YS00MTRlLWE2ODgtZWU5OWUzZjJlODQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6J3DAN
BgkqhkiG9w0BAQsFAAOCAQEAUVN4umrLHOZoWG83IbkGImeo+tuPwRxgGYLkA8rM
DPTW14HMH6Dcq2FnjYSoLTk7Lo4KeYTwWwHozlhSCnN9coypNLpOsbKiksX+SlnY
UpDJD7Dk3VTheOO6Y0ebTPfvvvFaHaEce8DYNC4fAEBixpQD4rD809XlGfWfcNru
gvCRyfwBs0PxlHRzj00/gg09irrHi5gsR7r4Btk2omUwIWP1+4cdKWcBzXJKfBim
b70H8tySXewz/Z7GTYPGmRKRjMR/Ib/t+uZhDJyBI7J730hS3aD7ieSjqIrNpbMh
PYl2bmvGLe2zTe7OwQ4zHtCD2AVuNg62TgsACcFhCmGjiA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:27 2025 by rpki-client