Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
File: 4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa (raw, json)
Hash identifier: q3sD9AVs7ycAZZS9TS0d+AEs3/WQ7ip1htlyk+3Oga8=
Subject key identifier: 23:DE:F1:E4:51:00:53:A7:7F:E0:72:D2:A5:B1:4F:2A:28:5D:D0:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 390E09DA51C90514DB84FA926795FBADF2FE7001
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
Signing time: Mon 14 Apr 2025 17:30:47 +0000
ROA not before: Mon 14 Apr 2025 17:30:47 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:0e:09:da:51:c9:05:14:db:84:fa:92:67:95:fb:ad:f2:fe:70:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:47 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=919dcaf0669b200dba8f0a050548604afa4b5af8699b763eaeb716f9006a1e5b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5e:52:90:24:54:b2:76:e1:2a:32:e8:87:2c:
b7:81:05:d1:c4:5d:12:2f:57:ce:93:d4:d6:ba:77:
83:1a:18:25:e6:d3:27:5e:3c:59:24:2f:6a:68:3b:
fb:b5:2c:ef:a4:50:c4:4b:d6:41:ce:f5:a0:e4:a7:
a3:d6:d3:fc:a6:b0:39:9c:a8:a4:d7:b8:ea:6f:e8:
c5:9f:e5:35:db:7d:bb:21:9b:d2:49:53:db:bb:eb:
2d:b0:27:c8:0e:3b:74:01:1b:c4:a0:bc:83:7a:25:
f8:ff:e7:8e:f0:a1:fd:5d:e0:63:b4:7f:b9:db:e3:
5b:2b:13:8c:e6:d3:66:dd:c1:c8:b4:11:1e:d2:76:
6f:99:e5:dc:3d:84:f7:63:6e:cb:14:d2:42:19:6a:
2b:50:06:3e:03:7e:43:24:b8:5b:03:a7:a9:b8:e6:
f2:0e:31:89:06:00:da:f0:85:56:f4:45:1b:be:ef:
7f:d3:29:37:0c:29:00:7d:54:11:8f:b5:44:57:f3:
a5:a8:ef:1c:25:e7:f9:3c:a2:6b:ad:92:49:89:8d:
ea:71:df:51:0f:40:3d:aa:bd:a8:91:4d:44:9a:fa:
b3:0b:a9:0f:bc:74:2f:0f:fa:e8:5b:1e:1e:28:b4:
83:10:bd:9a:f4:45:a1:87:ba:ff:f3:dd:bb:88:af:
0b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:DE:F1:E4:51:00:53:A7:7F:E0:72:D2:A5:B1:4F:2A:28:5D:D0:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd31163-2ad7-49f5-a24d-2ea4170bb05f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.240.0/20
Signature Algorithm: sha256WithRSAEncryption
40:ef:0d:21:8e:ae:94:9b:7a:83:79:dd:51:2f:51:6c:d8:6f:
77:90:79:79:93:2b:dd:fe:ab:d3:b7:63:35:ac:f7:67:20:e4:
7f:fa:47:bc:b4:b9:df:7e:b3:5f:67:19:cc:bb:a7:32:ca:1f:
36:89:a9:83:1f:92:bc:25:71:6b:55:7a:92:d2:f0:2f:23:eb:
2c:af:af:90:12:52:11:0c:55:48:99:70:9b:93:6b:84:03:04:
f9:22:07:fb:03:a5:28:d8:5d:f8:40:90:77:ad:78:50:6f:b6:
25:ba:47:78:32:5e:44:a2:da:fa:0e:60:75:ba:d9:08:d7:68:
43:5b:16:d8:9a:72:0a:75:81:09:35:81:ac:47:76:eb:73:e7:
17:ef:66:89:8d:86:70:54:ea:cf:cf:d4:6d:74:7e:1a:9a:34:
a7:6f:cd:99:f8:e1:57:a1:6f:dc:b4:19:f6:2a:f1:f3:a6:1f:
95:ab:b5:3a:fd:74:b4:b6:a5:ab:f1:b0:14:0d:35:70:27:38:
14:1b:02:d1:42:76:5d:d6:4a:b2:01:cc:d5:34:91:46:6b:a2:
61:5c:9c:02:bd:dd:e4:d7:0e:56:dd:e7:c0:53:b3:95:5c:cf:
1a:19:00:b2:7a:dd:49:5d:72:be:d0:0e:75:2b:c7:2f:15:59:
d0:d5:20:60
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOQ4J2lHJBRTbhPqSZ5X7rfL+cAEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNDdaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxOWRjYWYwNjY5YjIwMGRiYThmMGEwNTA1NDg2MDRhZmE0YjVhZjg2OTli
NzYzZWFlYjcxNmY5MDA2YTFlNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxeUpAkVLJ24Soy6Icst4EF0cRdEi9XzpPU1rp3gxoYJebTJ148WSQvamg7
+7Us76RQxEvWQc71oOSno9bT/KawOZyopNe46m/oxZ/lNdt9uyGb0klT27vrLbAn
yA47dAEbxKC8g3ol+P/njvCh/V3gY7R/udvjWysTjObTZt3ByLQRHtJ2b5nl3D2E
92NuyxTSQhlqK1AGPgN+QyS4WwOnqbjm8g4xiQYA2vCFVvRFG77vf9MpNwwpAH1U
EY+1RFfzpajvHCXn+Tyia62SSYmN6nHfUQ9APaq9qJFNRJr6swupD7x0Lw/66Fse
Hii0gxC9mvRFoYe6//Pdu4ivCxkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQj3vHk
UQBTp3/gctKlsU8qKF3Q6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRkMzExNjMtMmFkNy00OWY1LWEyNGQtMmVhNDE3MGJiMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6J8DAN
BgkqhkiG9w0BAQsFAAOCAQEAQO8NIY6ulJt6g3ndUS9RbNhvd5B5eZMr3f6r07dj
Naz3ZyDkf/pHvLS5336zX2cZzLunMsofNompgx+SvCVxa1V6ktLwLyPrLK+vkBJS
EQxVSJlwm5NrhAME+SIH+wOlKNhd+ECQd614UG+2JbpHeDJeRKLa+g5gdbrZCNdo
Q1sW2JpyCnWBCTWBrEd263PnF+9miY2GcFTqz8/UbXR+Gpo0p2/NmfjhV6Fv3LQZ
9irx86Yflau1Ov10tLalq/GwFA01cCc4FBsC0UJ2XdZKsgHM1TSRRmuiYVycAr3d
5NcOVt3nwFOzlVzPGhkAsnrdSV1yvtAOdSvHLxVZ0NUgYA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:03 2025 by rpki-client