Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
File: a472a17f-cded-45fb-a444-3393023f0b36.roa (raw, json)
Hash identifier: BiyP/dc9tiAd8kQssfxNo4PpaHLob6fo+4KPYWZ2Ovo=
Subject key identifier: 81:64:C2:14:E5:1C:4B:29:54:31:83:75:30:58:3A:10:0B:AA:9A:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AE77EE7D9E2079381DA1F18CE5061A2F21A48A5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
Signing time: Mon 14 Apr 2025 17:31:01 +0000
ROA not before: Mon 14 Apr 2025 17:31:01 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:e7:7e:e7:d9:e2:07:93:81:da:1f:18:ce:50:61:a2:f2:1a:48:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:31:01 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=74ede9b2d29d0dea5c74e7a09cedb62fab3ad9fdb164873b91b575e0fee45cfe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:28:2e:19:50:73:c8:dc:63:5c:f7:63:9d:8c:
73:28:00:1c:94:81:9e:65:50:02:61:ba:23:cd:83:
0f:a8:b0:f5:a1:1b:37:72:ae:2a:2e:78:77:08:dc:
52:04:e7:0c:c4:cd:ac:37:fd:27:fc:13:56:05:19:
8a:78:70:48:f3:48:7a:cd:e5:ed:da:fb:4c:84:2a:
38:e5:78:40:70:20:6c:81:2c:62:ea:5a:d5:40:88:
f2:1a:0f:ae:f9:f4:98:0a:8b:e8:dd:60:c2:85:00:
3b:0f:e1:6e:6b:11:f0:42:80:37:e7:dc:62:a2:9d:
86:df:95:7f:dc:d0:67:9c:5d:dc:44:9f:0b:40:4c:
14:8a:aa:b5:fe:1b:1a:ce:e9:73:c7:60:52:b7:a6:
b6:b4:83:f3:52:f2:f1:61:e8:82:55:80:68:e2:ab:
97:ff:e8:27:1a:3d:51:8a:f3:2d:38:ae:a3:31:ee:
06:8a:40:52:76:7f:3d:db:f8:ac:ec:99:ef:1c:62:
6d:15:e4:17:19:80:e5:03:02:28:29:38:dd:0b:a2:
a3:b4:38:23:f0:35:35:7f:4a:c9:09:cd:5c:0b:3b:
a0:34:2f:f3:c6:9e:b2:66:fb:07:62:bb:a7:7d:31:
58:e8:46:92:9f:3b:c0:e3:95:9f:e7:4c:4f:09:c2:
12:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:64:C2:14:E5:1C:4B:29:54:31:83:75:30:58:3A:10:0B:AA:9A:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a472a17f-cded-45fb-a444-3393023f0b36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
56:8d:c8:f5:bf:ae:ed:42:93:44:18:fa:a1:7a:d2:52:24:f4:
a0:c0:a4:4a:77:37:61:ab:f8:07:94:23:a5:a0:3d:47:81:33:
b2:fd:b5:b6:d2:53:00:cc:f6:f3:ee:d0:04:d4:d8:3c:eb:b2:
4c:08:41:5d:e1:78:28:28:55:af:2d:9a:20:23:00:2e:34:0e:
53:69:95:9e:63:4b:89:8a:bd:82:ac:26:d2:8b:93:73:5e:4d:
ec:54:02:20:d6:a7:8f:9e:52:a5:f2:44:ff:ea:d0:97:46:6b:
2e:aa:ba:61:16:1d:73:04:31:5e:3a:38:56:96:38:b1:fa:24:
f3:eb:de:0d:66:32:05:ae:7e:fc:7a:5a:d2:41:aa:e2:44:3b:
b7:52:d3:62:3b:0e:bc:b1:7e:ce:6c:25:8a:29:52:44:7f:4c:
0a:51:90:bd:cd:74:1f:5a:1b:5f:71:c4:1a:6a:b6:12:3d:cd:
41:d7:f3:85:c5:e3:13:a2:32:81:04:56:fd:9e:70:c8:7e:62:
18:cc:ad:2b:65:fc:f8:0a:7f:14:12:89:ec:a3:09:86:73:ec:
b7:81:a3:a6:33:f2:e9:d6:32:86:f4:ab:2d:1d:3c:87:58:f2:
96:34:a2:8d:f7:7a:b9:00:68:a1:46:09:c4:71:bf:0b:a8:4c:
b0:9a:59:33
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaud+59niB5OB2h8YzlBhovIaSKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMxMDFaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0ZWRlOWIyZDI5ZDBkZWE1Yzc0ZTdhMDljZWRiNjJmYWIzYWQ5ZmRiMTY0
ODczYjkxYjU3NWUwZmVlNDVjZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO4oLhlQc8jcY1z3Y52McygAHJSBnmVQAmG6I82DD6iw9aEbN3KuKi54dwjc
UgTnDMTNrDf9J/wTVgUZinhwSPNIes3l7dr7TIQqOOV4QHAgbIEsYupa1UCI8hoP
rvn0mAqL6N1gwoUAOw/hbmsR8EKAN+fcYqKdht+Vf9zQZ5xd3ESfC0BMFIqqtf4b
Gs7pc8dgUremtrSD81Ly8WHoglWAaOKrl//oJxo9UYrzLTiuozHuBopAUnZ/Pdv4
rOyZ7xxibRXkFxmA5QMCKCk43Quio7Q4I/A1NX9KyQnNXAs7oDQv88aesmb7B2K7
p30xWOhGkp87wOOVn+dMTwnCEn0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSBZMIU
5RxLKVQxg3UwWDoQC6qa6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ3MmExN2YtY2RlZC00NWZiLWE0NDQtMzM5MzAyM2YwYjM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAVo3I9b+u7UKTRBj6oXrSUiT0oMCkSnc3Yav4B5Qj
paA9R4Ezsv21ttJTAMz28+7QBNTYPOuyTAhBXeF4KChVry2aICMALjQOU2mVnmNL
iYq9gqwm0ouTc15N7FQCINanj55SpfJE/+rQl0ZrLqq6YRYdcwQxXjo4VpY4sfok
8+veDWYyBa5+/Hpa0kGq4kQ7t1LTYjsOvLF+zmwliilSRH9MClGQvc10H1obX3HE
Gmq2Ej3NQdfzhcXjE6IygQRW/Z5wyH5iGMytK2X8+Ap/FBKJ7KMJhnPst4GjpjPy
6dYyhvSrLR08h1jyljSijfd6uQBooUYJxHG/C6hMsJpZMw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:39 2025 by rpki-client