Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
File: 2c6881bd-10fc-4994-83fe-43244d2b078a.roa (raw, json)
Hash identifier: BREhCvYYEsEfOCL+ClIJ6yPFdp7d3bIppbumJfB5NT8=
Subject key identifier: 22:3F:49:E1:53:4C:7B:03:1B:62:6C:E3:0A:95:F7:90:16:81:C2:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EA1C28CB3F828566EC5C171CC8266B4EE1B7508
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
Signing time: Mon 14 Apr 2025 17:30:54 +0000
ROA not before: Mon 14 Apr 2025 17:30:54 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.80.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:a1:c2:8c:b3:f8:28:56:6e:c5:c1:71:cc:82:66:b4:ee:1b:75:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:54 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=15a063535c5a576bca21eae5bd25cc0843c0fd9e9fd696394a05ff2fcf027167, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:38:90:bd:41:cc:b8:22:68:c6:68:cd:1d:65:
5c:57:42:fe:52:49:3b:91:45:43:17:bf:50:90:aa:
4d:a5:d0:92:4f:5f:e2:62:df:2a:c6:90:dc:48:0e:
8e:c1:33:e4:0b:61:42:35:ae:86:dd:83:d6:0e:15:
e7:04:e1:59:76:21:94:90:e3:97:99:12:1b:28:c6:
1e:68:4a:08:43:5a:69:fe:68:e7:fa:52:ce:db:df:
f2:34:21:14:d9:8c:14:06:bd:a4:c3:4f:e1:20:3e:
22:cb:d0:89:9c:d9:89:1c:84:b9:b6:f1:94:ba:57:
87:08:13:44:e7:54:fd:05:61:ae:62:ed:73:d6:b9:
70:28:ea:2d:e4:c8:8e:c7:5a:82:80:90:44:3d:bb:
69:93:c5:8d:a5:b7:db:13:c8:ee:c7:e2:30:e0:f5:
bd:9e:f2:ce:f3:c9:b4:4b:d3:a7:ab:58:4e:0d:50:
b4:28:6a:3e:e6:d2:86:b8:cd:84:f3:a6:19:ce:73:
2c:0c:5d:52:78:51:dc:39:bc:23:6b:71:84:b4:d6:
a7:da:3c:cf:99:1b:7c:ad:24:7d:5f:6d:33:ab:ac:
4b:eb:6d:53:6c:fb:e8:1f:7c:ae:3e:6d:bc:fb:52:
ae:af:3d:cf:ca:94:26:70:f1:97:9b:12:ea:e7:f0:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3F:49:E1:53:4C:7B:03:1B:62:6C:E3:0A:95:F7:90:16:81:C2:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c6881bd-10fc-4994-83fe-43244d2b078a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.80.0/20
Signature Algorithm: sha256WithRSAEncryption
b4:df:a2:66:5e:d9:40:c7:35:2f:80:23:fc:8a:e7:a7:e6:6a:
00:6c:13:32:8d:30:f6:82:f2:d5:e5:e1:2c:d5:76:5b:3f:8f:
39:d1:a9:58:cb:63:8d:89:59:62:4a:6e:71:55:ff:ff:10:c8:
ca:b4:e8:07:f2:6d:99:7f:d0:a3:0a:7a:f3:af:87:d1:30:f0:
fe:68:1f:b9:df:e8:4c:ad:0e:3a:fd:c1:1b:30:1e:ec:cf:9c:
9c:51:ae:c2:59:9e:c6:96:56:9b:01:95:b3:ca:e0:0d:7f:95:
c7:c4:81:07:c7:d6:8d:22:48:69:23:43:23:cf:73:12:5e:46:
17:b7:dd:70:0e:62:f9:1a:2f:57:8f:08:02:75:5e:5e:43:41:
0c:bd:9b:6a:c4:1d:6f:0e:66:ca:a4:9c:ea:cb:26:79:a0:3d:
c1:a7:67:7c:13:43:df:c8:2c:6f:e0:49:a2:8b:66:8a:bf:29:
8f:5e:34:56:bd:fa:6c:ae:74:5a:78:ee:06:93:2e:6c:fa:e8:
90:bc:55:bd:97:58:86:5c:81:65:6b:46:c5:e5:f9:8e:ee:57:
d6:69:12:ea:67:2a:76:8d:9a:9f:1d:60:2b:be:ae:bc:38:3b:
dd:0b:79:b6:57:4f:c2:d1:dd:dd:3f:63:f4:7f:61:16:30:2a:
2d:32:5e:7a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULqHCjLP4KFZuxcFxzIJmtO4bdQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNTRaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1YTA2MzUzNWM1YTU3NmJjYTIxZWFlNWJkMjVjYzA4NDNjMGZkOWU5ZmQ2
OTYzOTRhMDVmZjJmY2YwMjcxNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKE4kL1BzLgiaMZozR1lXFdC/lJJO5FFQxe/UJCqTaXQkk9f4mLfKsaQ3EgO
jsEz5AthQjWuht2D1g4V5wThWXYhlJDjl5kSGyjGHmhKCENaaf5o5/pSztvf8jQh
FNmMFAa9pMNP4SA+IsvQiZzZiRyEubbxlLpXhwgTROdU/QVhrmLtc9a5cCjqLeTI
jsdagoCQRD27aZPFjaW32xPI7sfiMOD1vZ7yzvPJtEvTp6tYTg1QtChqPubShrjN
hPOmGc5zLAxdUnhR3Dm8I2txhLTWp9o8z5kbfK0kfV9tM6usS+ttU2z76B98rj5t
vPtSrq89z8qUJnDxl5sS6ufwv9ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQiP0nh
U0x7AxtibOMKlfeQFoHCDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM2ODgxYmQtMTBmYy00OTk0LTgzZmUtNDMyNDRkMmIwNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JUDAN
BgkqhkiG9w0BAQsFAAOCAQEAtN+iZl7ZQMc1L4Aj/Irnp+ZqAGwTMo0w9oLy1eXh
LNV2Wz+POdGpWMtjjYlZYkpucVX//xDIyrToB/JtmX/Qowp686+H0TDw/mgfud/o
TK0OOv3BGzAe7M+cnFGuwlmexpZWmwGVs8rgDX+Vx8SBB8fWjSJIaSNDI89zEl5G
F7fdcA5i+RovV48IAnVeXkNBDL2basQdbw5myqSc6ssmeaA9wadnfBND38gsb+BJ
ootmir8pj140Vr36bK50WnjuBpMubProkLxVvZdYhlyBZWtGxeX5ju5X1mkS6mcq
do2anx1gK76uvDg73Qt5tldPwtHd3T9j9H9hFjAqLTJeeg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:26 2025 by rpki-client