Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
File: 46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa (raw, json)
Hash identifier: 5O80fWl1Rb5sEDjkCIv23KNeulPbfO2ous4NK4TKw7k=
Subject key identifier: 14:DB:38:4A:89:9F:57:A2:2B:EA:AE:B9:B4:71:35:BC:32:97:E3:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77A26BC73F32AD2773F494531774B0A393F00E52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
Signing time: Mon 14 Apr 2025 17:30:50 +0000
ROA not before: Mon 14 Apr 2025 17:30:50 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a2:6b:c7:3f:32:ad:27:73:f4:94:53:17:74:b0:a3:93:f0:0e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:50 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=b4c97369d16f41949d18a9e5be5a2a32b9f34b732c76a26048323f737c6f52fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:19:90:7a:1b:88:00:18:b2:84:db:14:7b:ad:
4f:47:35:32:03:83:c1:9c:20:a3:2d:c7:4b:39:36:
bd:65:a0:44:cb:06:94:37:39:aa:27:e2:33:88:f9:
cc:ca:75:1c:db:08:6b:95:80:68:9a:4b:71:4e:94:
b1:0d:8d:62:2c:98:ef:9b:8a:50:a4:9b:c9:32:53:
87:70:76:76:54:25:08:e9:71:5d:ce:8d:0b:64:8c:
75:d8:7a:18:02:ce:28:a5:79:fc:10:db:25:5d:11:
69:f2:5f:08:c2:1d:30:14:79:8d:0d:14:d2:61:23:
13:ad:93:70:eb:93:65:62:91:d4:d5:d7:25:ed:ca:
86:00:3e:1b:2a:ac:32:2b:36:92:1a:6c:7b:5e:e6:
4e:24:67:47:d9:a7:83:e5:a9:88:91:97:93:88:75:
b9:0c:bf:2f:4c:0e:0e:b3:a8:2d:4d:95:d8:f2:53:
45:6c:c6:e4:3b:f3:b3:af:89:cb:4a:80:df:11:78:
44:39:7d:27:aa:33:d5:36:58:8f:79:f3:47:ab:a6:
c2:2a:fe:36:8b:bd:bb:45:0f:4f:d6:54:1d:ae:5e:
40:a3:c1:bf:2c:86:b8:31:82:27:68:6c:c4:1f:c3:
12:26:97:6b:60:11:64:19:08:17:6f:72:b6:f5:aa:
42:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DB:38:4A:89:9F:57:A2:2B:EA:AE:B9:B4:71:35:BC:32:97:E3:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/46a21ff8-4dea-4da4-a276-6b424d4e3bed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.224.0/19
Signature Algorithm: sha256WithRSAEncryption
20:e7:e8:61:27:34:71:52:a6:4b:29:11:cc:e1:e3:5b:a7:4e:
98:8e:b3:fb:bc:12:a2:9a:df:e4:6c:54:62:a8:58:f0:dd:3c:
23:ed:a1:75:cc:10:ed:76:87:3f:27:c1:18:eb:0f:3a:17:29:
83:8d:53:0d:11:a9:11:38:b2:36:7b:b1:a7:49:bc:f4:cd:7b:
eb:e3:cc:d7:64:a1:2a:e4:c9:6d:69:19:49:4e:b5:61:7b:58:
39:49:d0:50:1b:51:c1:97:4b:32:4d:38:9e:7a:95:db:cb:79:
11:57:53:a3:35:ea:95:93:54:05:81:6a:55:4e:0e:38:a3:c3:
86:57:60:23:af:87:b5:7f:21:47:2a:6f:55:37:70:cd:6f:80:
e5:33:88:5b:24:45:f7:b7:4b:46:ac:fc:73:a6:1a:49:e9:60:
ff:98:69:ac:60:46:f7:a6:cf:1b:73:68:e9:59:b4:7f:63:29:
2a:4a:2c:6b:57:43:83:62:12:d9:86:77:03:fb:77:c0:ee:a7:
72:21:52:bb:46:7c:2e:ca:b4:ba:25:5f:7f:bd:4e:a9:92:5b:
3c:34:3c:4f:6a:6a:ae:2f:72:8b:52:04:4f:41:ba:3d:22:d8:
3c:9f:e6:df:af:33:22:cc:5a:15:2e:4d:e8:4b:d5:8f:e5:12:
09:83:ca:89
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUd6Jrxz8yrSdz9JRTF3Swo5PwDlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNTBaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0Yzk3MzY5ZDE2ZjQxOTQ5ZDE4YTllNWJlNWEyYTMyYjlmMzRiNzMyYzc2
YTI2MDQ4MzIzZjczN2M2ZjUyZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIZkHobiAAYsoTbFHutT0c1MgODwZwgoy3HSzk2vWWgRMsGlDc5qifiM4j5
zMp1HNsIa5WAaJpLcU6UsQ2NYiyY75uKUKSbyTJTh3B2dlQlCOlxXc6NC2SMddh6
GALOKKV5/BDbJV0RafJfCMIdMBR5jQ0U0mEjE62TcOuTZWKR1NXXJe3KhgA+Gyqs
Mis2khpse17mTiRnR9mng+WpiJGXk4h1uQy/L0wODrOoLU2V2PJTRWzG5Dvzs6+J
y0qA3xF4RDl9J6oz1TZYj3nzR6umwir+Nou9u0UPT9ZUHa5eQKPBvyyGuDGCJ2hs
xB/DEiaXa2ARZBkIF29ytvWqQjECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQU2zhK
iZ9Xoivqrrm0cTW8MpfjIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDZhMjFmZjgtNGRlYS00ZGE0LWEyNzYtNmI0MjRkNGUzYmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6J4DAN
BgkqhkiG9w0BAQsFAAOCAQEAIOfoYSc0cVKmSykRzOHjW6dOmI6z+7wSoprf5GxU
YqhY8N08I+2hdcwQ7XaHPyfBGOsPOhcpg41TDRGpETiyNnuxp0m89M176+PM12Sh
KuTJbWkZSU61YXtYOUnQUBtRwZdLMk04nnqV28t5EVdTozXqlZNUBYFqVU4OOKPD
hldgI6+HtX8hRypvVTdwzW+A5TOIWyRF97dLRqz8c6YaSelg/5hprGBG96bPG3No
6Vm0f2MpKkosa1dDg2IS2YZ3A/t3wO6nciFSu0Z8Lsq0uiVff71OqZJbPDQ8T2pq
ri9yi1IET0G6PSLYPJ/m368zIsxaFS5N6EvVj+USCYPKiQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:28 2025 by rpki-client