Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
File: 9c3be55c-de0f-4901-938e-229a296fa31f.roa (raw, json)
Hash identifier: mD0wsgVKcKGiq/3cIktos7rvbDGyiS5Re5e4J+aJ/nw=
Subject key identifier: 79:D2:0D:DD:40:FA:B0:D7:66:96:78:7C:BB:87:88:DA:E0:F3:4E:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C0532E5AA5AF14258AB28E13F047C28EC38997D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
Signing time: Mon 14 Apr 2025 17:30:08 +0000
ROA not before: Mon 14 Apr 2025 17:30:08 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:05:32:e5:aa:5a:f1:42:58:ab:28:e1:3f:04:7c:28:ec:38:99:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:08 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=d28e1f750f4c6ff2d4a4a4f34b9a3b3398d8032ead6fa9bdadd9dd64bebf1a12, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:51:1b:ad:ae:52:da:01:c6:37:6b:00:fd:ea:
34:38:5b:9b:7f:97:66:1f:a4:39:b1:06:77:50:8d:
8e:f4:23:98:12:83:81:38:2c:d1:9f:0a:b4:fb:0b:
92:03:23:b3:c7:97:9b:27:15:26:44:4f:aa:b8:cb:
f9:ef:0b:92:2b:25:55:c1:b4:40:32:3e:82:b8:b0:
77:60:33:b4:33:7b:72:92:2e:bd:28:14:0a:5d:53:
f0:95:7d:cc:f8:01:b3:b0:f2:27:f7:3e:83:af:19:
fd:54:85:94:fa:e4:97:85:0d:d2:1e:e4:e3:f2:35:
5b:4a:24:bc:16:96:04:7a:2e:85:70:03:4f:c0:38:
b1:54:f7:3d:3a:dc:47:a9:d8:f3:38:06:54:c1:b9:
72:d4:cb:07:55:75:e9:94:d3:8a:33:56:c0:a1:6d:
34:d5:a6:fa:66:d1:2a:ad:14:71:36:f1:fc:91:11:
ef:ad:75:4a:50:c4:cc:7b:56:4d:b9:ab:de:dd:26:
f3:37:da:1a:61:a9:9e:ae:a8:7d:50:24:a9:be:fa:
65:ed:a0:54:94:63:03:c0:bd:52:f5:e9:8c:33:d9:
b2:74:2f:2e:27:af:95:8e:42:ac:1e:e9:bd:40:ee:
cf:f8:67:15:1f:0d:17:76:4c:f1:1e:6f:dd:9e:97:
42:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:D2:0D:DD:40:FA:B0:D7:66:96:78:7C:BB:87:88:DA:E0:F3:4E:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c3be55c-de0f-4901-938e-229a296fa31f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.168.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:f7:32:d9:a4:79:3c:1e:f8:d4:ee:45:92:e8:ff:68:a2:16:
0f:16:a4:1f:91:54:ec:f3:21:e9:91:88:a5:d9:2b:35:97:c4:
cc:e0:7a:bc:51:d0:20:f7:a9:8b:5b:06:e8:44:a3:24:9c:16:
49:68:df:3a:1f:97:c7:08:1f:f8:6f:e4:34:ee:4f:5b:44:89:
7d:92:72:77:16:7a:bc:6f:3c:46:2c:de:06:0b:ea:79:08:df:
8b:10:bc:86:bb:d8:b6:01:54:69:3d:e7:74:bf:3a:ed:9b:9b:
71:0b:a1:bc:2e:10:fa:72:11:90:c9:db:aa:02:ec:d1:43:1a:
d7:ba:95:37:f2:d9:e5:6b:3a:04:f6:7b:7f:54:2c:99:2a:8e:
93:c3:36:c4:b9:db:95:a0:61:95:b0:31:c4:23:cb:41:5a:73:
01:9f:47:69:00:82:6e:ce:a3:33:75:92:52:b7:8f:d4:f6:1f:
50:0b:18:e7:a3:0d:46:92:55:6d:0b:58:32:39:3e:35:88:18:
b4:82:7d:1f:6d:c2:99:5d:d6:97:65:79:44:3d:08:73:69:6e:
5a:c1:9a:8b:1e:af:93:84:46:08:62:c9:58:f6:9e:ea:7d:82:
ff:a4:c0:ee:a6:79:e6:0a:f1:f7:11:30:82:09:57:b5:52:51:
63:48:e7:1a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDAUy5apa8UJYqyjhPwR8KOw4mX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMDhaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyOGUxZjc1MGY0YzZmZjJkNGE0YTRmMzRiOWEzYjMzOThkODAzMmVhZDZm
YTliZGFkZDlkZDY0YmViZjFhMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1RG62uUtoBxjdrAP3qNDhbm3+XZh+kObEGd1CNjvQjmBKDgTgs0Z8KtPsL
kgMjs8eXmycVJkRPqrjL+e8LkislVcG0QDI+griwd2AztDN7cpIuvSgUCl1T8JV9
zPgBs7DyJ/c+g68Z/VSFlPrkl4UN0h7k4/I1W0okvBaWBHouhXADT8A4sVT3PTrc
R6nY8zgGVMG5ctTLB1V16ZTTijNWwKFtNNWm+mbRKq0UcTbx/JER7611SlDEzHtW
Tbmr3t0m8zfaGmGpnq6ofVAkqb76Ze2gVJRjA8C9UvXpjDPZsnQvLievlY5CrB7p
vUDuz/hnFR8NF3ZM8R5v3Z6XQqkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR50g3d
QPqw12aWeHy7h4ja4PNOPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMzYmU1NWMtZGUwZi00OTAxLTkzOGUtMjI5YTI5NmZhMzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6JqDAN
BgkqhkiG9w0BAQsFAAOCAQEAPPcy2aR5PB741O5Fkuj/aKIWDxakH5FU7PMh6ZGI
pdkrNZfEzOB6vFHQIPepi1sG6ESjJJwWSWjfOh+Xxwgf+G/kNO5PW0SJfZJydxZ6
vG88RizeBgvqeQjfixC8hrvYtgFUaT3ndL867ZubcQuhvC4Q+nIRkMnbqgLs0UMa
17qVN/LZ5Ws6BPZ7f1QsmSqOk8M2xLnblaBhlbAxxCPLQVpzAZ9HaQCCbs6jM3WS
UreP1PYfUAsY56MNRpJVbQtYMjk+NYgYtIJ9H23CmV3Wl2V5RD0Ic2luWsGaix6v
k4RGCGLJWPae6n2C/6TA7qZ55grx9xEwgglXtVJRY0jnGg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:22 2025 by rpki-client