Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
File: 9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa (raw, json)
Hash identifier: xe77jFk+SREl/2CY/omkqaNk/HxtrwNltOjvE1C9Tfc=
Subject key identifier: 43:46:5C:A7:BF:90:B2:B9:7A:0B:D7:47:C9:2C:41:D3:29:B8:D9:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D105EDEB91A98DF53542FD69F352C8AC1550F53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
Signing time: Mon 14 Apr 2025 17:30:10 +0000
ROA not before: Mon 14 Apr 2025 17:30:10 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:10:5e:de:b9:1a:98:df:53:54:2f:d6:9f:35:2c:8a:c1:55:0f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:10 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=df2a28fc4919265c2a6edf7aa2a25eb8fd9e8d884077fcba6024d04b02ee5035, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4b:7b:c8:ee:e3:90:05:7b:3a:24:2d:3c:f1:
a5:2b:51:ba:48:b2:70:e7:5e:de:00:4d:d3:4d:4f:
c1:3c:58:7c:b8:78:cc:37:9b:4f:9a:4a:6c:ca:56:
8b:26:75:98:c5:35:98:70:72:33:70:2e:7f:56:9b:
ea:3a:34:55:95:7c:08:42:ff:28:e5:71:06:58:86:
03:36:e7:a8:d5:31:51:1e:52:9d:f8:c3:65:db:7f:
3f:c1:f1:79:59:a4:d0:ae:1d:23:2b:cc:db:16:39:
cf:1f:f7:ba:c4:15:f9:8e:a9:f5:be:f3:b6:3a:cd:
ae:e2:31:74:f8:fc:7c:8d:be:c1:91:3a:94:f6:c3:
66:b4:34:89:05:aa:06:fe:63:78:69:78:f7:b4:ca:
49:57:2a:a7:0d:31:f7:4e:7d:62:5d:b6:bc:36:53:
be:ad:d6:2d:f9:e6:d9:be:2f:b1:e9:19:85:f6:71:
b5:78:ec:02:fa:f9:66:3a:33:cc:6d:22:35:3f:e5:
1d:c1:85:cc:4d:a5:15:6a:a6:1c:0c:d9:07:09:9e:
04:f8:fc:77:8d:a9:73:96:4f:1a:1c:4b:6a:55:ca:
8a:e4:5e:d3:fb:5a:52:5b:0c:73:0d:9a:d3:56:01:
d1:7e:5e:86:75:b6:47:36:84:67:ea:f5:90:a8:97:
10:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:46:5C:A7:BF:90:B2:B9:7A:0B:D7:47:C9:2C:41:D3:29:B8:D9:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b6ea2c3-c25b-492c-9547-7c5ddb75d15f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.216.0/22
Signature Algorithm: sha256WithRSAEncryption
53:03:2c:31:6f:d1:cf:0b:5d:35:1d:75:f1:4a:97:9c:d0:24:
c4:59:1f:fd:f4:2d:ef:a0:cc:2d:7a:24:fc:b8:b5:4b:bf:53:
e3:d0:84:e5:83:a4:3f:8d:b7:12:b4:66:6d:39:1d:fd:b2:f9:
d7:78:a7:60:30:c1:2d:c7:f4:c4:9c:5e:d9:56:2b:b6:93:84:
35:b3:2e:b6:d7:88:23:f6:bc:ba:ee:a6:96:a6:14:4d:c7:a8:
a4:11:21:c1:a9:d2:9e:ad:63:47:39:57:ad:e8:37:f4:50:6f:
24:01:6b:ff:00:49:92:89:86:1a:cd:ec:a0:5e:4f:d0:b6:b4:
13:b2:0b:be:f9:0c:d7:e8:f2:72:49:99:09:39:14:6c:9c:d5:
a6:f8:f1:6c:a3:31:42:98:a3:b9:59:d2:a0:94:3f:6c:25:bd:
ab:12:b9:8c:98:90:fa:4a:09:cf:de:3d:b0:1f:bb:10:cc:69:
67:4c:bb:51:36:5d:1e:7c:14:60:9b:bd:97:14:07:b3:23:d9:
be:51:1b:64:48:ce:b4:13:65:ea:8e:3f:1c:e2:57:d8:d6:23:
37:78:7c:2f:0c:8d:9f:56:32:1b:a2:3f:81:04:a0:38:c9:2f:
c9:31:ee:89:46:73:63:2a:1a:e4:5b:44:01:63:9f:2f:82:fb:
38:70:3d:54
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHRBe3rkamN9TVC/WnzUsisFVD1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTBaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmMmEyOGZjNDkxOTI2NWMyYTZlZGY3YWEyYTI1ZWI4ZmQ5ZThkODg0MDc3
ZmNiYTYwMjRkMDRiMDJlZTUwMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFLe8ju45AFezokLTzxpStRukiycOde3gBN001PwTxYfLh4zDebT5pKbMpW
iyZ1mMU1mHByM3Auf1ab6jo0VZV8CEL/KOVxBliGAzbnqNUxUR5SnfjDZdt/P8Hx
eVmk0K4dIyvM2xY5zx/3usQV+Y6p9b7ztjrNruIxdPj8fI2+wZE6lPbDZrQ0iQWq
Bv5jeGl497TKSVcqpw0x9059Yl22vDZTvq3WLfnm2b4vsekZhfZxtXjsAvr5Zjoz
zG0iNT/lHcGFzE2lFWqmHAzZBwmeBPj8d42pc5ZPGhxLalXKiuRe0/taUlsMcw2a
01YB0X5ehnW2RzaEZ+r1kKiXEAMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDRlyn
v5CyuXoL10fJLEHTKbjZYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI2ZWEyYzMtYzI1Yi00OTJjLTk1NDctN2M1ZGRiNzVkMTVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6J2DAN
BgkqhkiG9w0BAQsFAAOCAQEAUwMsMW/RzwtdNR118UqXnNAkxFkf/fQt76DMLXok
/Li1S79T49CE5YOkP423ErRmbTkd/bL513inYDDBLcf0xJxe2VYrtpOENbMutteI
I/a8uu6mlqYUTceopBEhwanSnq1jRzlXreg39FBvJAFr/wBJkomGGs3soF5P0La0
E7ILvvkM1+jyckmZCTkUbJzVpvjxbKMxQpijuVnSoJQ/bCW9qxK5jJiQ+koJz949
sB+7EMxpZ0y7UTZdHnwUYJu9lxQHsyPZvlEbZEjOtBNl6o4/HOJX2NYjN3h8LwyN
n1YyG6I/gQSgOMkvyTHuiUZzYyoa5FtEAWOfL4L7OHA9VA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:25 2025 by rpki-client