Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
File: 8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa (raw, json)
Hash identifier: CeXaPzN3eXHd4v48r18hv0pm62JxHl9IEjTWFMYWPIk=
Subject key identifier: 87:3C:D2:DC:1B:08:EB:9B:43:6A:ED:80:58:B5:0D:11:01:BE:46:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A2A8DDB40CC93228F0EC46F0AA018CF86313211
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
Signing time: Mon 14 Apr 2025 17:30:35 +0000
ROA not before: Mon 14 Apr 2025 17:30:35 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:2a:8d:db:40:cc:93:22:8f:0e:c4:6f:0a:a0:18:cf:86:31:32:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:35 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=f1efa5205b22fef01ad6cfe22a0b939c23e84764ebcd0a6591be05ef8328d69a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:16:d7:8e:99:48:76:c3:28:f4:41:74:6d:8f:
dd:0c:65:4d:80:8d:5e:2d:2a:e8:fb:b0:3f:89:61:
cd:f6:88:a0:b3:f4:fa:7b:58:6a:a5:33:22:c4:0a:
3e:b0:ba:b5:12:5b:b3:b4:46:a7:05:c6:04:31:6d:
1f:c0:01:4d:da:bc:15:af:a1:fa:eb:86:1a:da:fc:
5f:05:d8:32:9e:d2:eb:42:fd:35:e5:b1:6d:82:4e:
c2:a2:21:e4:3c:15:a4:b7:25:b5:99:af:a0:76:a8:
fd:9a:b1:88:53:a2:52:fb:0e:00:4e:f2:e0:39:a5:
2b:41:46:09:77:06:e8:d8:ed:2b:49:ad:89:61:1f:
7e:25:99:3d:14:03:63:28:63:e3:88:6f:b2:5c:0f:
16:a4:55:e3:76:fb:9e:41:98:f5:ee:bc:20:c0:bf:
a4:5d:4b:62:9e:31:64:b3:b2:5e:e3:4d:5c:fc:ed:
34:7f:36:f8:ee:af:ad:96:ee:77:1c:1b:82:24:93:
00:52:c8:a8:a8:83:c9:a9:02:b5:3a:0e:1b:66:61:
ee:b2:d7:b8:b8:f9:7f:36:f6:21:61:90:0d:12:e9:
69:9a:8c:76:23:06:b1:ad:6b:c1:ee:9c:ef:39:45:
b9:d8:08:a1:8d:40:c6:21:62:60:1d:17:21:29:eb:
a0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3C:D2:DC:1B:08:EB:9B:43:6A:ED:80:58:B5:0D:11:01:BE:46:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ab93083-00f7-4841-8cef-6b5926b6e3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.192.0/20
Signature Algorithm: sha256WithRSAEncryption
20:0b:3d:23:96:45:c9:1c:ad:63:72:51:60:a9:09:aa:e6:69:
52:81:91:df:f3:90:9a:75:9a:33:d6:21:4c:71:72:e2:46:51:
15:c4:bf:29:1a:17:34:2a:ba:b8:40:c6:6c:46:77:c3:e5:43:
06:8d:b3:58:21:ee:b9:51:ad:88:4b:4d:3c:30:0a:08:ef:31:
d7:5d:cc:f5:36:10:d8:1b:b6:3e:76:62:01:03:3b:7f:6c:69:
0a:d3:9d:fa:86:7c:a6:36:6d:b5:b1:9a:a2:b6:df:28:bf:91:
dc:ec:9e:f9:f5:46:87:08:8c:8b:eb:1a:9b:5d:70:47:9f:50:
6b:93:bb:97:f1:7b:56:dd:f4:7a:e1:d6:77:f3:69:49:9a:1d:
a3:28:81:9f:6d:d5:6f:26:ce:73:e3:ab:d4:66:a0:ea:bb:fc:
22:4a:1e:ca:34:d1:07:96:34:fa:70:ad:e1:28:09:43:fa:55:
f6:1b:42:ae:38:10:82:d2:b9:9a:e9:3e:cb:17:30:0b:98:c6:
65:0b:a0:07:50:34:c0:a0:16:75:a8:53:2b:8d:bd:92:f8:f7:
ea:a0:df:10:f7:b2:53:48:22:2d:c2:65:da:82:31:a2:ae:6c:
71:f9:6a:f8:f9:df:bb:4b:bb:9b:07:e6:29:df:33:7c:82:87:
3e:e9:c7:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCiqN20DMkyKPDsRvCqAYz4YxMhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMzVaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxZWZhNTIwNWIyMmZlZjAxYWQ2Y2ZlMjJhMGI5MzljMjNlODQ3NjRlYmNk
MGE2NTkxYmUwNWVmODMyOGQ2OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgW146ZSHbDKPRBdG2P3QxlTYCNXi0q6PuwP4lhzfaIoLP0+ntYaqUzIsQK
PrC6tRJbs7RGpwXGBDFtH8ABTdq8Fa+h+uuGGtr8XwXYMp7S60L9NeWxbYJOwqIh
5DwVpLcltZmvoHao/ZqxiFOiUvsOAE7y4DmlK0FGCXcG6NjtK0mtiWEffiWZPRQD
Yyhj44hvslwPFqRV43b7nkGY9e68IMC/pF1LYp4xZLOyXuNNXPztNH82+O6vrZbu
dxwbgiSTAFLIqKiDyakCtToOG2Zh7rLXuLj5fzb2IWGQDRLpaZqMdiMGsa1rwe6c
7zlFudgIoY1AxiFiYB0XISnroI0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSHPNLc
Gwjrm0Nq7YBYtQ0RAb5GdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFiOTMwODMtMDBmNy00ODQxLThjZWYtNmI1OTI2YjZlM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAIAs9I5ZFyRytY3JRYKkJquZpUoGR3/OQmnWaM9Yh
THFy4kZRFcS/KRoXNCq6uEDGbEZ3w+VDBo2zWCHuuVGtiEtNPDAKCO8x113M9TYQ
2Bu2PnZiAQM7f2xpCtOd+oZ8pjZttbGaorbfKL+R3Oye+fVGhwiMi+sam11wR59Q
a5O7l/F7Vt30euHWd/NpSZodoyiBn23VbybOc+Or1Gag6rv8IkoeyjTRB5Y0+nCt
4SgJQ/pV9htCrjgQgtK5muk+yxcwC5jGZQugB1A0wKAWdahTK429kvj36qDfEPey
U0giLcJl2oIxoq5scflq+Pnfu0u7mwfmKd8zfIKHPunHhw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:03 2025 by rpki-client