Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
File: 9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa (raw, json)
Hash identifier: VNAbMpa9+GAnUndEkgS0oJzQv8Ti0ijzy2gO/AJ7yo8=
Subject key identifier: FD:52:1A:1C:13:FD:66:18:03:63:3F:B1:DC:E8:D1:AF:76:47:C1:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 15C8E60396309E1D42BE3A3B912ED9F290EFBDDF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
Signing time: Mon 14 Apr 2025 17:30:15 +0000
ROA not before: Mon 14 Apr 2025 17:30:15 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:c8:e6:03:96:30:9e:1d:42:be:3a:3b:91:2e:d9:f2:90:ef:bd:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:15 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=e0babd68dd518974058f867854a6ba2a9ef5de86a9d3752e1db6acf545281d35, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:3e:0b:51:af:97:67:47:10:c7:9c:ea:6f:
45:0b:fd:da:75:92:a4:3f:36:63:bb:fe:d9:84:f3:
b2:f6:ac:46:a2:41:a9:a4:e6:96:9f:d5:bd:57:7d:
47:61:5e:85:b0:fd:e2:01:d8:ba:e6:19:5e:c9:45:
69:6c:0b:4e:58:ce:2b:2c:ba:44:fb:ce:0e:09:4a:
4e:f0:ab:72:4f:bd:3c:d6:75:6d:21:92:25:93:ac:
3b:5a:32:99:27:4b:46:5b:7f:b9:a2:40:20:94:b7:
81:2b:f5:19:4c:9d:14:f5:7f:3c:5e:a9:ea:0f:05:
53:03:5d:7c:5b:2e:b5:09:57:f0:f3:67:a9:53:7a:
fd:ce:1c:85:d9:d6:87:40:30:f6:eb:64:f9:fe:ab:
bf:ab:f4:0c:a3:47:26:f9:ce:0b:3b:5a:a1:0f:83:
bc:6f:27:3e:c0:0f:c3:80:81:44:35:95:6b:e1:df:
b8:cf:54:2a:e8:57:c5:2e:a2:37:81:53:52:08:0b:
4d:de:70:b3:5d:0e:a3:fa:99:17:55:fe:3d:bd:67:
65:0a:ba:d1:93:dc:4e:33:6f:92:86:17:3d:27:73:
32:f6:d2:d0:91:b0:a3:73:00:7f:a1:c5:70:26:c8:
fc:52:e3:3e:2a:13:06:a1:e4:99:d7:50:9d:93:49:
67:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:52:1A:1C:13:FD:66:18:03:63:3F:B1:DC:E8:D1:AF:76:47:C1:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9834a12a-a5d9-4caa-ae09-b1e3323596bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:40:1f:3b:05:c0:c4:72:1b:67:d0:ab:95:fa:27:dc:78:03:
f2:07:6a:41:a6:d3:f5:aa:fe:b9:52:75:62:c7:5f:81:39:c0:
ad:bc:c9:6f:1d:20:15:a6:1a:59:98:49:ad:6b:56:fb:24:c1:
1a:db:7b:39:60:0a:9d:a6:19:62:64:35:32:ad:21:2d:66:b9:
e4:53:97:ee:d1:36:a0:51:78:02:61:86:51:84:d8:25:fd:28:
5e:ab:e9:3b:85:c1:72:df:42:ce:9f:37:9a:96:c1:ad:cb:27:
e9:30:45:e4:1b:11:7e:f6:e1:db:bc:5f:6e:95:f3:18:9c:31:
f4:c1:e9:19:21:16:76:09:b7:f0:97:60:c3:f5:f5:e3:58:ac:
25:81:a8:6e:cd:f5:57:d5:67:00:04:54:e8:15:46:5f:e8:b0:
75:f0:d5:81:12:6d:a6:b5:01:4f:da:8a:a5:98:c9:67:e2:c4:
7e:e3:69:db:4b:f7:a0:9a:ee:c1:1d:9f:63:bb:f5:d7:ab:0f:
f2:a3:4b:f9:54:67:01:c9:0c:20:c5:cf:6f:93:b3:4f:3b:3e:
9e:28:65:07:68:45:98:d0:0d:af:9d:e5:da:2d:be:f9:1a:ce:
a8:13:67:b4:32:c9:13:05:e4:51:33:9e:71:22:26:43:5f:33:
f0:74:cd:19
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFcjmA5Ywnh1Cvjo7kS7Z8pDvvd8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTVaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwYmFiZDY4ZGQ1MTg5NzQwNThmODY3ODU0YTZiYTJhOWVmNWRlODZhOWQz
NzUyZTFkYjZhY2Y1NDUyODFkMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYePgtRr5dnRxDHnOpvRQv92nWSpD82Y7v+2YTzsvasRqJBqaTmlp/VvVd9
R2FehbD94gHYuuYZXslFaWwLTljOKyy6RPvODglKTvCrck+9PNZ1bSGSJZOsO1oy
mSdLRlt/uaJAIJS3gSv1GUydFPV/PF6p6g8FUwNdfFsutQlX8PNnqVN6/c4chdnW
h0Aw9utk+f6rv6v0DKNHJvnOCztaoQ+DvG8nPsAPw4CBRDWVa+HfuM9UKuhXxS6i
N4FTUggLTd5ws10Oo/qZF1X+Pb1nZQq60ZPcTjNvkoYXPSdzMvbS0JGwo3MAf6HF
cCbI/FLjPioTBqHkmddQnZNJZ1sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT9Uhoc
E/1mGANjP7Hc6NGvdkfB6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTgzNGExMmEtYTVkOS00Y2FhLWFlMDktYjFlMzMyMzU5NmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JwDAN
BgkqhkiG9w0BAQsFAAOCAQEALUAfOwXAxHIbZ9Crlfon3HgD8gdqQabT9ar+uVJ1
YsdfgTnArbzJbx0gFaYaWZhJrWtW+yTBGtt7OWAKnaYZYmQ1Mq0hLWa55FOX7tE2
oFF4AmGGUYTYJf0oXqvpO4XBct9Czp83mpbBrcsn6TBF5BsRfvbh27xfbpXzGJwx
9MHpGSEWdgm38Jdgw/X141isJYGobs31V9VnAARU6BVGX+iwdfDVgRJtprUBT9qK
pZjJZ+LEfuNp20v3oJruwR2fY7v116sP8qNL+VRnAckMIMXPb5OzTzs+nihlB2hF
mNANr53l2i2++RrOqBNntDLJEwXkUTOecSImQ18z8HTNGQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:37 2025 by rpki-client