Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
File: b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa (raw, json)
Hash identifier: pw6bOObDXzsqJYUp9tFv82UWhr3+PzsoJF6QpdRqPOo=
Subject key identifier: 22:4F:AC:93:F8:E4:89:93:70:7D:92:49:D4:8E:BA:5C:90:DB:9D:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5465C98978C49CC69F097380C871DC2C48F54EC9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
Signing time: Mon 14 Apr 2025 17:31:06 +0000
ROA not before: Mon 14 Apr 2025 17:31:06 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:65:c9:89:78:c4:9c:c6:9f:09:73:80:c8:71:dc:2c:48:f5:4e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:31:06 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=21837465efae7d53504b86917012f0ffabc474f61d7a83dfd225bf774e483311, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c1:7f:03:c9:00:06:45:ea:6c:e7:57:8f:31:
c4:09:fb:08:61:03:c3:cb:02:67:f6:e8:9e:0a:38:
f4:8e:ce:8c:7d:5b:7b:eb:5f:73:e8:0a:be:0e:90:
37:0d:8f:9c:df:a4:1e:85:6a:ff:3e:72:44:f2:9b:
0b:08:38:b1:10:71:50:3e:dd:60:74:f3:fc:68:24:
b1:65:21:b5:ab:86:c3:99:de:48:40:65:66:c5:1d:
33:d1:31:29:7d:06:8a:33:70:d4:37:94:1f:6d:31:
38:d4:58:79:a6:94:b8:9c:a6:d1:92:d9:39:c7:ef:
fe:b7:fe:a1:23:c9:d1:97:ef:64:03:85:67:98:77:
43:e4:3e:5a:30:b7:20:e7:98:d7:f0:6f:ac:6b:a4:
8c:0e:42:da:3a:7e:83:67:34:c6:67:4c:f3:14:95:
c2:f0:b2:85:39:5d:ee:af:de:16:31:09:38:7a:a0:
9b:07:8e:8f:b3:61:1c:51:bf:1d:92:28:f8:fe:04:
88:57:fb:55:dc:f0:bb:be:fd:c6:98:49:a7:13:e1:
75:d3:13:4e:ee:64:ea:d4:37:ae:24:8a:aa:55:0f:
12:88:6a:54:59:c9:22:26:ba:03:40:67:b0:af:c4:
3b:87:b3:9d:a0:c9:9d:44:2f:c3:b5:ee:f4:0b:d7:
3e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:4F:AC:93:F8:E4:89:93:70:7D:92:49:D4:8E:BA:5C:90:DB:9D:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b730eef0-bb94-4d31-bf9a-c0fb9a47b3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.160.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:3a:6a:6e:ba:7c:d0:a1:aa:27:fa:13:21:3b:22:d9:01:b1:
c3:85:96:92:1a:d2:84:af:28:d9:3c:64:89:a5:94:68:a0:9b:
75:5d:1e:c5:bf:f2:6e:ce:ae:c4:9a:83:6e:37:a5:ec:f3:f4:
56:8f:23:68:c5:0b:58:88:84:d1:e9:2b:a5:38:0f:9c:1a:da:
06:4e:cf:50:cf:15:d4:cf:63:08:9d:a9:7e:c4:b3:ba:62:df:
e1:ac:cc:11:5c:21:4e:ec:b5:0d:b0:53:6f:11:fc:a5:0c:28:
05:71:9a:b7:99:fb:f1:fa:d1:57:43:48:13:1c:e1:09:64:1e:
ff:55:95:7b:61:91:08:1d:3d:d3:d3:f9:4a:be:89:f7:6b:c7:
8d:49:a1:3c:28:e2:f0:e1:6b:43:e0:d9:0a:a5:01:bc:6f:ce:
45:cb:5a:38:0d:2f:87:a6:27:4f:81:bf:d7:7e:d5:a8:07:8b:
55:dd:c5:51:28:d2:30:23:99:4f:cb:b2:8e:0a:ad:36:f7:a0:
9c:4d:de:15:26:71:f8:b7:bf:ea:fd:74:5a:12:e7:86:0a:f3:
1d:4c:49:f2:83:28:12:2c:57:eb:23:8d:ff:95:e3:c1:4d:ce:
e4:94:3f:92:81:f1:49:b9:0d:91:83:00:0f:7e:24:2a:9a:96:
3b:bf:93:f5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVGXJiXjEnMafCXOAyHHcLEj1TskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMxMDZaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxODM3NDY1ZWZhZTdkNTM1MDRiODY5MTcwMTJmMGZmYWJjNDc0ZjYxZDdh
ODNkZmQyMjViZjc3NGU0ODMzMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/BfwPJAAZF6mznV48xxAn7CGEDw8sCZ/bongo49I7OjH1be+tfc+gKvg6Q
Nw2PnN+kHoVq/z5yRPKbCwg4sRBxUD7dYHTz/GgksWUhtauGw5neSEBlZsUdM9Ex
KX0GijNw1DeUH20xONRYeaaUuJym0ZLZOcfv/rf+oSPJ0ZfvZAOFZ5h3Q+Q+WjC3
IOeY1/BvrGukjA5C2jp+g2c0xmdM8xSVwvCyhTld7q/eFjEJOHqgmweOj7NhHFG/
HZIo+P4EiFf7Vdzwu779xphJpxPhddMTTu5k6tQ3riSKqlUPEohqVFnJIia6A0Bn
sK/EO4eznaDJnUQvw7Xu9AvXPjMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQiT6yT
+OSJk3B9kknUjrpckNudZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjczMGVlZjAtYmI5NC00ZDMxLWJmOWEtYzBmYjlhNDdiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4zoDAN
BgkqhkiG9w0BAQsFAAOCAQEAWzpqbrp80KGqJ/oTITsi2QGxw4WWkhrShK8o2Txk
iaWUaKCbdV0exb/ybs6uxJqDbjel7PP0Vo8jaMULWIiE0ekrpTgPnBraBk7PUM8V
1M9jCJ2pfsSzumLf4azMEVwhTuy1DbBTbxH8pQwoBXGat5n78frRV0NIExzhCWQe
/1WVe2GRCB0909P5Sr6J92vHjUmhPCji8OFrQ+DZCqUBvG/ORctaOA0vh6YnT4G/
137VqAeLVd3FUSjSMCOZT8uyjgqtNvegnE3eFSZx+Le/6v10WhLnhgrzHUxJ8oMo
EixX6yON/5XjwU3O5JQ/koHxSbkNkYMAD34kKpqWO7+T9Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:35:39 2025 by rpki-client