Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
File: 968c7897-1d8d-4c3a-b38e-6602ae947f34.roa (raw, json)
Hash identifier: hOHFlM0Ysvqe8M1GJRC3nDTXxm5vYzhjsdHVkKz57BY=
Subject key identifier: 6D:19:7D:09:91:FD:6B:95:F8:E9:3C:E4:4E:4F:09:E4:0D:4B:8E:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 491E1BE1A3ACB071DD8F00761D5FB6827D6C3C34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
Signing time: Mon 14 Apr 2025 17:30:19 +0000
ROA not before: Mon 14 Apr 2025 17:30:19 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:1e:1b:e1:a3:ac:b0:71:dd:8f:00:76:1d:5f:b6:82:7d:6c:3c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:19 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=85af9d9249d9f9d411fccd8ccbb686cc8b2ffd0348b9647794bfcf41355a9680, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6d:9f:f5:fd:d0:eb:53:30:79:97:e6:9c:7e:
65:73:0c:cf:f3:89:13:a6:16:97:37:6b:86:e6:0d:
48:eb:5a:32:dd:29:5f:83:b1:0a:50:0f:36:d8:85:
6e:96:eb:69:9d:86:e7:a0:22:ab:4e:e7:f0:c7:5d:
5d:17:db:7c:c8:ab:6a:f4:9f:ee:0c:00:94:a3:f5:
d1:8e:47:b3:a9:7c:b3:83:f1:df:11:2f:da:4c:7c:
5c:8e:3d:43:71:51:0b:e7:54:c0:fa:48:33:47:02:
32:9c:84:cd:b1:bd:55:21:9d:ce:95:d0:58:67:13:
8c:0e:c0:5b:95:8a:65:04:c2:44:49:03:4e:ae:15:
d3:06:3e:c7:cf:c0:19:2f:1d:61:d5:80:5b:e9:a4:
80:81:aa:c1:28:2f:78:39:0f:3b:3e:72:f3:0b:97:
a7:a8:5d:fe:97:9a:9a:f7:77:59:d6:02:15:6a:aa:
ff:b7:cd:5b:6e:75:af:e0:08:59:18:4a:79:b0:3d:
b4:bc:eb:02:d4:87:e4:f9:56:ba:a4:d5:db:eb:09:
01:98:f8:0a:64:09:90:c6:79:9e:02:95:d9:93:3c:
f8:b5:24:05:88:92:74:36:55:f1:35:40:89:98:5b:
0c:70:bd:41:8b:ad:e8:be:75:ea:34:3a:e3:6f:e7:
3e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:19:7D:09:91:FD:6B:95:F8:E9:3C:E4:4E:4F:09:E4:0D:4B:8E:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/968c7897-1d8d-4c3a-b38e-6602ae947f34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.208.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:ea:a7:68:2f:e2:d9:32:c9:61:08:90:3e:91:9d:f6:7c:a8:
83:bf:dc:ea:54:0e:bd:9c:b2:61:da:dd:c7:c2:1b:1a:89:85:
7a:82:ea:f3:69:c3:3d:64:93:9a:e0:ec:32:0d:99:43:a4:23:
ee:c5:60:0d:1e:92:e9:71:99:e7:30:bd:12:7a:1e:64:b1:9c:
de:f1:8c:f1:e8:45:01:56:19:3c:69:51:a4:33:87:a5:c6:b2:
26:3d:ae:6a:6d:bf:5f:24:a1:45:d7:3c:ec:13:21:98:2e:e1:
7e:62:dd:72:16:4b:1a:84:1d:c4:19:cd:1e:39:db:74:a2:50:
a2:25:a0:a3:de:73:86:bd:bf:2b:07:9d:4d:50:fc:34:7b:b8:
47:ff:2b:63:e7:29:81:27:83:0c:c9:69:58:55:d8:f1:ee:74:
bd:6e:6d:26:32:08:54:30:55:82:bc:0e:7d:1c:c2:bc:6a:35:
87:2a:d3:2f:d0:2d:ee:04:50:82:c9:8e:a9:82:3e:38:27:3c:
93:90:b8:8f:58:49:c7:a5:df:07:b8:05:5a:9d:76:5c:87:7d:
4e:c5:19:40:58:28:65:5b:e9:d5:aa:30:0f:aa:98:c8:12:62:
8d:0a:53:b3:3b:8e:08:0b:72:23:77:72:c7:35:7d:71:3f:a2:
c0:45:ce:34
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSR4b4aOssHHdjwB2HV+2gn1sPDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTlaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1YWY5ZDkyNDlkOWY5ZDQxMWZjY2Q4Y2NiYjY4NmNjOGIyZmZkMDM0OGI5
NjQ3Nzk0YmZjZjQxMzU1YTk2ODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVtn/X90OtTMHmX5px+ZXMMz/OJE6YWlzdrhuYNSOtaMt0pX4OxClAPNtiF
bpbraZ2G56Aiq07n8MddXRfbfMiravSf7gwAlKP10Y5Hs6l8s4Px3xEv2kx8XI49
Q3FRC+dUwPpIM0cCMpyEzbG9VSGdzpXQWGcTjA7AW5WKZQTCREkDTq4V0wY+x8/A
GS8dYdWAW+mkgIGqwSgveDkPOz5y8wuXp6hd/peamvd3WdYCFWqq/7fNW251r+AI
WRhKebA9tLzrAtSH5PlWuqTV2+sJAZj4CmQJkMZ5ngKV2ZM8+LUkBYiSdDZV8TVA
iZhbDHC9QYut6L516jQ642/nPgECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRtGX0J
kf1rlfjpPOROTwnkDUuOHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY4Yzc4OTctMWQ4ZC00YzNhLWIzOGUtNjYwMmFlOTQ3ZjM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6J0DAN
BgkqhkiG9w0BAQsFAAOCAQEALeqnaC/i2TLJYQiQPpGd9nyog7/c6lQOvZyyYdrd
x8IbGomFeoLq82nDPWSTmuDsMg2ZQ6Qj7sVgDR6S6XGZ5zC9EnoeZLGc3vGM8ehF
AVYZPGlRpDOHpcayJj2uam2/XyShRdc87BMhmC7hfmLdchZLGoQdxBnNHjnbdKJQ
oiWgo95zhr2/KwedTVD8NHu4R/8rY+cpgSeDDMlpWFXY8e50vW5tJjIIVDBVgrwO
fRzCvGo1hyrTL9At7gRQgsmOqYI+OCc8k5C4j1hJx6XfB7gFWp12XId9TsUZQFgo
ZVvp1aowD6qYyBJijQpTszuOCAtyI3dyxzV9cT+iwEXONA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:42 2025 by rpki-client