Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
File: b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa (raw, json)
Hash identifier: /BdXfkp6bFy1AkyFYKEVRuy7mMgkVRiTAlcBn+f56II=
Subject key identifier: CE:AC:FD:16:A1:F6:52:14:6C:26:58:CF:09:A1:30:E8:1B:53:2C:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 578C23788FDA8E4953DEAC44454331EFCBBC877B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
Signing time: Mon 14 Apr 2025 17:30:12 +0000
ROA not before: Mon 14 Apr 2025 17:30:12 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:8c:23:78:8f:da:8e:49:53:de:ac:44:45:43:31:ef:cb:bc:87:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:12 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=bd05b26c288a4d1ddde78ee34dd9314e1497680dd85dbd81c9b6ce0c2467afa1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:13:ec:e2:13:57:2f:a9:d3:77:7f:de:c4:79:
a6:aa:f9:ae:e8:28:0e:8f:ae:20:d2:1b:c2:40:05:
42:9d:33:58:fd:de:1f:c6:c7:f2:ee:82:dd:66:5b:
b0:ec:21:89:6c:0f:99:a1:6e:9c:c9:8e:0c:c4:e9:
fb:f8:38:84:ce:87:f0:22:9f:1c:56:e0:da:bc:d0:
1b:64:39:3d:b2:70:19:2b:ec:17:af:d8:74:0b:7b:
0f:12:b6:1a:ea:60:89:33:cf:98:7a:89:bb:08:3a:
6b:22:da:d0:c8:2a:42:dd:97:26:6b:67:4d:af:d2:
ad:62:01:82:d4:09:ad:d9:7a:bb:9f:9a:19:88:43:
61:f5:3a:e3:1e:6c:03:bf:38:20:e8:a0:71:f1:ec:
41:20:1c:6e:52:1c:17:c3:f3:8a:d6:17:0a:a1:cb:
26:d9:56:d0:21:9e:fc:ca:11:ef:27:8d:60:4c:ce:
88:bc:3d:c7:64:95:f4:2b:8e:7f:07:ea:a1:ed:a1:
09:ff:f0:17:31:11:9e:f1:dc:8d:6f:8b:f5:09:ce:
7f:d8:f5:05:1b:40:46:55:ff:d4:d8:9b:93:b5:45:
3d:4c:a8:0f:23:77:01:1e:08:8f:23:59:87:33:99:
27:b0:9c:0c:68:60:b0:2b:a8:ae:7c:27:e7:0d:1e:
b3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AC:FD:16:A1:F6:52:14:6C:26:58:CF:09:A1:30:E8:1B:53:2C:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9e85174-2ffd-4b93-8357-1e2ba85449d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.156.0/22
Signature Algorithm: sha256WithRSAEncryption
17:13:c2:d7:b4:21:21:43:81:00:0c:2b:cd:31:fe:32:c4:8c:
e2:29:99:69:25:c1:72:50:84:4d:82:7b:42:fa:f8:8b:a8:bb:
86:7d:8c:04:77:1b:da:0a:4c:16:5d:9f:c4:a3:10:07:37:39:
37:f4:d7:05:f7:50:a2:73:15:b7:4d:28:2f:70:f8:d7:df:dc:
a9:1a:c3:d3:b0:04:c6:44:a3:67:1d:c4:0c:2a:b0:10:89:94:
78:75:ac:d6:b8:eb:93:68:52:64:98:d6:34:a7:9e:6d:c3:5a:
4a:5b:07:9d:44:d2:27:dc:e8:76:1b:14:88:2f:cf:8c:04:9c:
9f:72:ef:71:cc:51:1e:8b:94:25:8b:ca:51:79:f3:fb:aa:2d:
93:46:70:fd:c8:b7:7d:b8:c3:32:80:40:6c:37:92:98:4c:dc:
f7:3b:a9:ea:2a:63:76:51:7d:b5:61:d0:02:c3:c0:71:db:e8:
51:45:7f:d7:aa:8f:09:1e:33:e2:1a:16:15:ee:0f:90:18:f6:
f6:1a:f1:f5:ce:3a:59:ba:84:e8:ee:fa:a1:6d:df:96:29:45:
62:8f:f0:69:21:9d:b1:9f:f8:65:65:be:ea:06:be:19:66:ea:
8c:ea:06:e0:bd:75:24:37:49:db:f0:b4:b3:9b:82:6b:fa:07:
76:82:b2:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUV4wjeI/ajklT3qxERUMx78u8h3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTJaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMDViMjZjMjg4YTRkMWRkZGU3OGVlMzRkZDkzMTRlMTQ5NzY4MGRkODVk
YmQ4MWM5YjZjZTBjMjQ2N2FmYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIT7OITVy+p03d/3sR5pqr5rugoDo+uINIbwkAFQp0zWP3eH8bH8u6C3WZb
sOwhiWwPmaFunMmODMTp+/g4hM6H8CKfHFbg2rzQG2Q5PbJwGSvsF6/YdAt7DxK2
GupgiTPPmHqJuwg6ayLa0MgqQt2XJmtnTa/SrWIBgtQJrdl6u5+aGYhDYfU64x5s
A784IOigcfHsQSAcblIcF8PzitYXCqHLJtlW0CGe/MoR7yeNYEzOiLw9x2SV9CuO
fwfqoe2hCf/wFzERnvHcjW+L9QnOf9j1BRtARlX/1Nibk7VFPUyoDyN3AR4IjyNZ
hzOZJ7CcDGhgsCuornwn5w0es+ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTOrP0W
ofZSFGwmWM8JoTDoG1MsszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjllODUxNzQtMmZmZC00YjkzLTgzNTctMWUyYmE4NTQ0OWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JnDAN
BgkqhkiG9w0BAQsFAAOCAQEAFxPC17QhIUOBAAwrzTH+MsSM4imZaSXBclCETYJ7
Qvr4i6i7hn2MBHcb2gpMFl2fxKMQBzc5N/TXBfdQonMVt00oL3D419/cqRrD07AE
xkSjZx3EDCqwEImUeHWs1rjrk2hSZJjWNKeebcNaSlsHnUTSJ9zodhsUiC/PjASc
n3LvccxRHouUJYvKUXnz+6otk0Zw/ci3fbjDMoBAbDeSmEzc9zup6ipjdlF9tWHQ
AsPAcdvoUUV/16qPCR4z4hoWFe4PkBj29hrx9c46WbqE6O76oW3flilFYo/waSGd
sZ/4ZWW+6ga+GWbqjOoG4L11JDdJ2/C0s5uCa/oHdoKyFg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:15 2025 by rpki-client