Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
File: ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa (raw, json)
Hash identifier: M2GgUEkc/kxVyqawtCNvmqW0wnrZXQXXB+mhUeESRhc=
Subject key identifier: 33:02:D1:97:08:B2:3C:B3:D2:41:40:A9:D2:0D:FF:97:22:6B:2B:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5646C758026999ACD73A2F6C5EB48236E74BEC54
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
Signing time: Mon 14 Apr 2025 17:31:00 +0000
ROA not before: Mon 14 Apr 2025 17:31:00 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 14618
IP address blocks: 46.51.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:46:c7:58:02:69:99:ac:d7:3a:2f:6c:5e:b4:82:36:e7:4b:ec:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:31:00 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=47fd25f0be5e3156a6b10a3b738806bc785e6b7797ca74d7bfd8e87940603dfc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:64:97:18:15:8a:d5:47:f7:8e:13:be:af:d3:
f2:d5:88:68:e0:08:bb:a1:cd:16:f6:55:56:a3:c9:
06:a3:b8:67:bf:fe:2b:2a:66:d6:ba:70:c8:d6:06:
4e:60:bc:db:ba:c9:1e:15:8f:4b:e5:39:bf:92:07:
67:67:b0:91:f2:54:a0:03:66:7d:74:01:23:10:77:
ea:50:e2:54:a0:13:a2:15:86:41:61:87:a6:bb:8e:
bc:2f:20:2c:98:fe:20:b8:94:ec:ee:49:b2:ec:30:
e4:be:92:56:0c:d1:37:4f:69:53:d8:69:c9:11:01:
4c:02:34:16:56:6d:72:54:ba:69:49:a6:92:38:01:
01:cc:6c:59:1d:3c:cb:1b:ce:17:6c:21:c6:d5:ae:
06:0c:84:98:61:25:1a:28:b0:b4:53:64:02:45:11:
d6:63:f7:2f:42:a6:93:3f:0a:7f:d8:2d:8c:12:28:
e9:4d:6c:3d:1d:ab:50:5b:09:e0:b4:22:9e:44:36:
90:38:52:ef:8c:81:ae:61:9f:02:1f:f8:68:18:ae:
ee:ce:eb:3f:5c:4a:1e:1b:84:99:8f:e3:c1:48:58:
9f:32:12:02:88:57:24:2e:4d:68:03:ee:83:d5:b5:
da:25:84:1e:32:bc:b7:73:d4:c2:4e:c4:c7:38:10:
a9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:02:D1:97:08:B2:3C:B3:D2:41:40:A9:D2:0D:FF:97:22:6B:2B:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:0b:40:18:96:85:2f:b4:fd:89:8c:76:70:00:77:01:63:c9:
14:01:7e:8b:20:df:6e:3d:80:dd:78:9e:5b:46:5b:f5:e9:9c:
08:1b:0b:7f:08:47:85:b4:6c:b1:35:fb:05:51:c8:79:c3:d6:
47:d5:cf:90:1f:35:32:69:4a:1b:90:01:be:91:a5:8c:2d:b3:
ae:9b:79:a9:58:a9:43:ba:f7:34:b2:f0:97:fe:39:33:5f:ee:
42:7f:ee:92:b7:d5:69:0e:26:e7:d1:ee:c9:4c:24:3f:5d:b4:
f6:ca:61:82:98:6f:7d:04:e0:5f:ce:f1:45:7e:d7:c4:06:ef:
51:10:6f:3d:6e:e9:42:14:41:be:47:cb:bd:13:bc:ec:2f:0c:
a0:ed:c5:a7:45:70:04:81:22:19:65:15:2a:eb:a6:a7:b6:f5:
72:b0:06:10:e5:df:b7:0a:d4:84:3c:e9:f6:90:ef:14:fc:42:
2f:e0:42:c6:f9:1e:57:d5:a0:be:c0:c8:7b:b9:8a:45:e7:34:
be:5b:f2:c8:ca:0a:26:9e:51:7c:95:3d:fc:e6:09:7d:c1:83:
89:9d:7b:d9:fc:69:6f:33:d1:7d:22:d5:4d:e4:5e:26:f0:1e:
59:1e:61:c3:b9:a4:00:b7:22:0c:96:59:c8:ab:3f:43:5c:e8:
87:a6:cc:f8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVkbHWAJpmazXOi9sXrSCNudL7FQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMxMDBaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3ZmQyNWYwYmU1ZTMxNTZhNmIxMGEzYjczODgwNmJjNzg1ZTZiNzc5N2Nh
NzRkN2JmZDhlODc5NDA2MDNkZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNklxgVitVH944Tvq/T8tWIaOAIu6HNFvZVVqPJBqO4Z7/+Kypm1rpwyNYG
TmC827rJHhWPS+U5v5IHZ2ewkfJUoANmfXQBIxB36lDiVKATohWGQWGHpruOvC8g
LJj+ILiU7O5Jsuww5L6SVgzRN09pU9hpyREBTAI0FlZtclS6aUmmkjgBAcxsWR08
yxvOF2whxtWuBgyEmGElGiiwtFNkAkUR1mP3L0Kmkz8Kf9gtjBIo6U1sPR2rUFsJ
4LQinkQ2kDhS74yBrmGfAh/4aBiu7s7rP1xKHhuEmY/jwUhYnzISAohXJC5NaAPu
g9W12iWEHjK8t3PUwk7ExzgQqfkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQzAtGX
CLI8s9JBQKnSDf+XImsrVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQxZmExYTQtNDRkNi00YTRlLTgyYzQtZjMyZDMxNTgzMGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAyQtAGJaFL7T9iYx2cAB3AWPJFAF+iyDfbj2A3Xie
W0Zb9emcCBsLfwhHhbRssTX7BVHIecPWR9XPkB81MmlKG5ABvpGljC2zrpt5qVip
Q7r3NLLwl/45M1/uQn/ukrfVaQ4m59HuyUwkP1209sphgphvfQTgX87xRX7XxAbv
URBvPW7pQhRBvkfLvRO87C8MoO3Fp0VwBIEiGWUVKuump7b1crAGEOXftwrUhDzp
9pDvFPxCL+BCxvkeV9WgvsDIe7mKRec0vlvyyMoKJp5RfJU9/OYJfcGDiZ172fxp
bzPRfSLVTeReJvAeWR5hw7mkALciDJZZyKs/Q1zoh6bM+A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:20 2025 by rpki-client