Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
File: b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa (raw, json)
Hash identifier: BIkyHUHUPuMFpSFrNUF7gR82xA1KnaFz/NIweQTeJwQ=
Subject key identifier: 35:93:32:51:25:2A:38:69:6A:06:4B:7D:57:03:BF:7B:DF:BC:EE:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FAFCAF08486996FCECE52251B8B5800AC574D7E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
Signing time: Mon 14 Apr 2025 17:30:30 +0000
ROA not before: Mon 14 Apr 2025 17:30:30 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:af:ca:f0:84:86:99:6f:ce:ce:52:25:1b:8b:58:00:ac:57:4d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:30 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=32bb7ba477607b155150aa4ca7efcafaf603b05c9092ca3bf71e128d7c09cf96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c4:77:6e:44:8d:2f:93:b4:e8:9a:15:38:69:
06:62:38:20:b6:52:f3:78:a4:85:05:3f:80:6d:72:
f1:ae:9f:bd:9e:04:44:3e:41:cc:1d:12:79:7e:64:
ab:b9:fb:51:c4:2c:af:50:34:99:a6:d9:8d:16:c1:
c7:5a:7f:c2:47:0a:56:af:be:05:c9:2e:be:4b:f9:
bb:ff:43:92:a4:e5:f6:19:d8:3f:26:72:98:7e:9b:
82:1d:eb:be:2a:50:83:ff:03:0e:5c:f0:07:ac:4c:
a7:b2:2f:f5:53:2e:38:ae:b0:dd:d9:13:aa:49:e1:
72:20:ae:55:69:c1:5c:e5:22:77:cd:9c:55:ed:48:
cf:d1:ca:b8:8d:37:f1:f5:e2:df:26:d6:b8:4e:db:
ab:7d:b1:56:c5:62:cf:31:ee:35:1d:b3:87:46:6c:
e2:71:e1:75:77:8c:45:c8:0f:c9:bc:c3:eb:dd:26:
dd:66:37:97:f5:3d:df:a2:de:da:f0:f1:6f:64:2f:
b7:af:cd:48:1c:c4:e2:03:72:61:6a:13:84:53:14:
a8:9b:ee:0a:51:f6:4e:e5:21:5c:c5:f2:d6:04:69:
75:93:bc:8e:a9:31:30:67:cf:16:0f:af:00:20:21:
72:35:08:f5:69:df:55:c9:f4:95:f5:03:a7:5f:fa:
6a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:93:32:51:25:2A:38:69:6A:06:4B:7D:57:03:BF:7B:DF:BC:EE:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b44363b9-ba48-4913-b8a4-9cd0dc32ba02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.240.0/20
Signature Algorithm: sha256WithRSAEncryption
bb:b6:8d:e2:82:88:3e:1c:9d:f1:b5:56:bb:ee:e6:03:be:c7:
94:81:2d:61:95:0a:50:7f:a2:94:8a:cd:30:94:7a:4d:5d:a0:
6b:cc:2f:fa:93:d4:3a:1c:33:23:03:40:be:78:c7:d0:6f:32:
b6:e0:73:2f:b4:51:d5:6c:53:91:d7:fc:8d:f7:99:96:db:43:
28:27:39:67:47:e5:68:75:a9:05:ba:de:bb:fa:11:11:49:5c:
86:77:11:ca:96:1c:c9:4c:fe:47:68:32:e2:63:54:b7:20:88:
a9:3c:cc:fe:95:9b:b7:6a:8e:f1:66:6d:45:c2:18:54:43:43:
d7:f4:3c:aa:e0:e2:e5:72:56:4f:35:bc:47:77:ab:47:f2:d6:
95:8f:74:d1:d1:3d:2b:32:11:5c:73:e4:f7:7e:5a:ed:ca:38:
39:e8:09:9a:55:fd:7f:0e:07:d5:0a:4f:87:cd:b8:6f:54:62:
c0:4b:ea:a1:af:df:1d:d4:5d:76:cb:e0:05:9d:f3:fb:6e:0f:
32:3d:9d:89:3e:29:93:63:56:d9:38:a0:03:d1:86:b3:2c:df:
8e:c0:d7:ab:bd:33:7c:85:0f:42:6f:d4:b1:90:75:c1:d6:d5:
bc:9f:52:b4:7f:d7:19:a9:fc:4c:fd:ae:fe:dc:57:45:eb:ca:
a6:c0:0e:f1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUf6/K8ISGmW/OzlIlG4tYAKxXTX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMzBaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyYmI3YmE0Nzc2MDdiMTU1MTUwYWE0Y2E3ZWZjYWZhZjYwM2IwNWM5MDky
Y2EzYmY3MWUxMjhkN2MwOWNmOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzEd25EjS+TtOiaFThpBmI4ILZS83ikhQU/gG1y8a6fvZ4ERD5BzB0SeX5k
q7n7UcQsr1A0mabZjRbBx1p/wkcKVq++Bckuvkv5u/9DkqTl9hnYPyZymH6bgh3r
vipQg/8DDlzwB6xMp7Iv9VMuOK6w3dkTqknhciCuVWnBXOUid82cVe1Iz9HKuI03
8fXi3ybWuE7bq32xVsVizzHuNR2zh0Zs4nHhdXeMRcgPybzD690m3WY3l/U936Le
2vDxb2Qvt6/NSBzE4gNyYWoThFMUqJvuClH2TuUhXMXy1gRpdZO8jqkxMGfPFg+v
ACAhcjUI9WnfVcn0lfUDp1/6aocCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1kzJR
JSo4aWoGS31XA79737zulTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQ0MzYzYjktYmE0OC00OTEzLWI4YTQtOWNkMGRjMzJiYTAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4z8DAN
BgkqhkiG9w0BAQsFAAOCAQEAu7aN4oKIPhyd8bVWu+7mA77HlIEtYZUKUH+ilIrN
MJR6TV2ga8wv+pPUOhwzIwNAvnjH0G8ytuBzL7RR1WxTkdf8jfeZlttDKCc5Z0fl
aHWpBbreu/oREUlchncRypYcyUz+R2gy4mNUtyCIqTzM/pWbt2qO8WZtRcIYVEND
1/Q8quDi5XJWTzW8R3erR/LWlY900dE9KzIRXHPk935a7co4OegJmlX9fw4H1QpP
h824b1RiwEvqoa/fHdRddsvgBZ3z+24PMj2diT4pk2NW2TigA9GGsyzfjsDXq70z
fIUPQm/UsZB1wdbVvJ9StH/XGan8TP2u/txXRevKpsAO8Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:06 2025 by rpki-client