Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
File: 6e1e6e69-6595-40ff-9430-d53f22670630.roa (raw, json)
Hash identifier: Iitqxo3yjlEXRK8pX5s4jRO9sEUjNc2iyW7NQpnLnBI=
Subject key identifier: BB:37:9B:52:12:18:88:AB:FD:5C:7F:43:0F:F4:0A:00:33:E4:51:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AE04D7701C069E80ED6D98ED55A270C7DC2EEC3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
Signing time: Mon 14 Apr 2025 17:30:17 +0000
ROA not before: Mon 14 Apr 2025 17:30:17 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:e0:4d:77:01:c0:69:e8:0e:d6:d9:8e:d5:5a:27:0c:7d:c2:ee:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:17 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=fcf22fa27b5ed4ceee6430dcd5931c833577cf4522482c9063db6062e9e93562, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:70:36:76:49:82:4c:9f:d6:dd:33:e9:e7:52:
0e:99:1c:5b:9b:f5:fb:ce:37:aa:94:18:0e:40:c8:
b7:db:18:42:0f:cb:47:85:86:e9:7d:b5:b6:74:ff:
e9:7a:8e:4b:26:03:22:33:44:c0:6f:49:9b:89:5a:
6c:dc:0b:1e:34:1c:29:d8:af:3e:67:ee:b3:be:c7:
85:50:6b:85:f9:ac:24:8f:1b:8c:db:81:02:0b:88:
22:90:2e:7d:36:40:aa:33:13:e9:1a:fa:6b:8a:7a:
73:e3:8b:33:61:cf:c0:e8:71:73:39:dd:fa:60:b3:
46:c9:19:23:76:c3:11:47:35:8b:c0:26:a8:c3:91:
05:10:0d:93:fe:b4:1a:03:f9:29:8b:1a:be:78:37:
12:bc:fd:b4:c3:78:3e:3b:4d:7d:ef:ec:a1:dd:39:
89:a1:b6:7f:63:95:e0:42:57:c0:d2:70:04:3b:65:
82:98:e9:b3:98:fb:3e:74:68:33:36:8c:a9:84:23:
b6:d0:8d:f3:11:1c:4e:56:e1:1c:d3:3c:4e:45:da:
a6:fb:3f:33:d1:ff:ed:dc:35:6f:bb:52:e3:cf:b1:
cb:e1:95:4d:29:5c:c2:09:db:02:61:21:03:76:f4:
77:00:41:c6:0c:52:8a:a1:3e:f0:d7:f5:da:a1:14:
12:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:37:9B:52:12:18:88:AB:FD:5C:7F:43:0F:F4:0A:00:33:E4:51:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e1e6e69-6595-40ff-9430-d53f22670630.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.72.0/21
Signature Algorithm: sha256WithRSAEncryption
18:35:ad:aa:98:ae:54:ea:4b:8c:52:b8:53:1d:5d:3d:34:cd:
c4:14:81:f9:2b:0c:66:57:57:12:fd:0e:3d:30:e2:e5:26:55:
30:88:a6:48:0d:b1:8b:70:4e:b4:f2:af:53:12:93:11:31:d5:
2f:74:b5:20:6c:4a:d1:75:6f:32:17:36:01:5c:49:de:26:42:
9e:84:0c:33:2f:00:87:14:55:0b:e5:76:9d:bf:74:e2:e8:20:
23:fb:07:db:9d:9e:44:5a:22:ea:be:c5:45:92:8a:ce:95:be:
73:68:cc:43:90:f3:c6:91:48:18:18:d4:02:4d:f1:33:f2:13:
e1:22:c6:c0:8d:82:72:7c:8d:ea:93:03:67:3f:8a:51:01:3c:
b1:7a:4c:c6:ef:b0:be:83:af:da:10:8c:87:e7:49:4c:f8:e6:
9f:dc:b7:1f:36:f5:68:11:58:4f:48:5e:02:f7:5f:15:66:cd:
88:2a:fe:13:3e:a4:1c:aa:cf:b4:ca:67:d9:b0:70:c4:de:60:
6e:06:e3:f3:24:b1:c7:e6:60:34:2b:e8:a8:0d:e3:f9:29:d2:
6e:1e:9b:d4:e1:90:c9:db:27:4b:f3:dc:5e:d5:91:83:67:87:
29:31:61:eb:a2:e9:de:b0:9d:c6:42:b5:db:a0:b8:24:3c:6a:
94:90:b9:49
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKuBNdwHAaegO1tmO1VonDH3C7sMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTdaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjZjIyZmEyN2I1ZWQ0Y2VlZTY0MzBkY2Q1OTMxYzgzMzU3N2NmNDUyMjQ4
MmM5MDYzZGI2MDYyZTllOTM1NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVwNnZJgkyf1t0z6edSDpkcW5v1+843qpQYDkDIt9sYQg/LR4WG6X21tnT/
6XqOSyYDIjNEwG9Jm4labNwLHjQcKdivPmfus77HhVBrhfmsJI8bjNuBAguIIpAu
fTZAqjMT6Rr6a4p6c+OLM2HPwOhxcznd+mCzRskZI3bDEUc1i8AmqMORBRANk/60
GgP5KYsavng3Erz9tMN4PjtNfe/sod05iaG2f2OV4EJXwNJwBDtlgpjps5j7PnRo
MzaMqYQjttCN8xEcTlbhHNM8TkXapvs/M9H/7dw1b7tS48+xy+GVTSlcwgnbAmEh
A3b0dwBBxgxSiqE+8Nf12qEUEocCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS7N5tS
EhiIq/1cf0MP9AoAM+RRnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxZTZlNjktNjU5NS00MGZmLTk0MzAtZDUzZjIyNjcwNjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JSDAN
BgkqhkiG9w0BAQsFAAOCAQEAGDWtqpiuVOpLjFK4Ux1dPTTNxBSB+SsMZldXEv0O
PTDi5SZVMIimSA2xi3BOtPKvUxKTETHVL3S1IGxK0XVvMhc2AVxJ3iZCnoQMMy8A
hxRVC+V2nb904uggI/sH252eRFoi6r7FRZKKzpW+c2jMQ5DzxpFIGBjUAk3xM/IT
4SLGwI2CcnyN6pMDZz+KUQE8sXpMxu+wvoOv2hCMh+dJTPjmn9y3Hzb1aBFYT0he
AvdfFWbNiCr+Ez6kHKrPtMpn2bBwxN5gbgbj8ySxx+ZgNCvoqA3j+SnSbh6b1OGQ
ydsnS/PcXtWRg2eHKTFh66Lp3rCdxkK126C4JDxqlJC5SQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:19 2025 by rpki-client