Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
File: bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa (raw, json)
Hash identifier: 6yz4xyMnd/J27StSpUJ4ZaZbRHj9eHNcMUkHGaqlZaE=
Subject key identifier: DF:3B:2F:98:43:AA:82:10:78:FB:A2:0A:4C:A5:38:90:AC:45:4F:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 475EBCD9BECA2DB28CDDC77C38C6FC393DA4056D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
Signing time: Mon 14 Apr 2025 17:30:13 +0000
ROA not before: Mon 14 Apr 2025 17:30:13 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:5e:bc:d9:be:ca:2d:b2:8c:dd:c7:7c:38:c6:fc:39:3d:a4:05:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:13 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=62e79e4b3ae304dea95616c44da9b5ab730fc8c72ee9ff17421c2b5c1aa031b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:98:93:e4:90:5b:24:14:4c:4c:32:16:f5:18:
70:5f:64:16:33:31:47:71:db:41:d2:62:b1:6c:3f:
b0:f6:0c:e0:b7:ab:eb:9c:00:dd:ee:2a:54:b0:65:
65:19:7f:a5:ac:70:b0:01:6f:7d:03:f7:24:da:70:
e7:7b:53:9b:ed:85:10:3b:8f:ec:08:c0:aa:0b:d0:
e5:1d:fc:bf:6f:df:04:2f:4f:81:6e:5b:3c:48:52:
2e:8f:c4:a1:49:4c:04:fe:36:fe:ab:39:89:c8:79:
ca:90:16:fb:88:ac:5c:ae:dc:d8:bd:38:59:67:7f:
a3:31:4b:9b:ed:e3:65:99:12:50:6a:c7:1c:ba:df:
6f:56:46:ab:8c:29:f8:2a:ce:56:8d:8c:9e:39:8f:
b6:5b:eb:b5:5d:0f:93:90:75:4d:dc:b1:ea:5d:b1:
60:54:46:6f:b1:93:18:90:da:de:d5:eb:ec:62:c9:
65:0d:3f:b1:22:ec:00:2b:31:90:d3:cf:65:b4:e7:
8b:99:92:95:b3:84:21:ad:39:17:22:2b:cf:f9:73:
92:2e:fd:c9:89:f1:85:14:d9:8f:d0:03:6e:f0:a9:
36:f1:3c:10:2f:ed:c9:8b:9a:e5:1f:99:be:58:d2:
05:ee:94:06:e5:3f:22:fd:7f:52:08:dc:4f:3f:f7:
03:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3B:2F:98:43:AA:82:10:78:FB:A2:0A:4C:A5:38:90:AC:45:4F:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdc831eb-07c2-47bb-a73d-177abc9b14c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.204.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:6e:48:51:87:d4:68:64:b8:5f:06:f6:4e:f3:a5:58:3a:bf:
37:2e:e0:ae:70:c7:24:9d:04:6d:b9:82:c7:3a:a9:8f:ba:90:
1f:eb:d7:df:d6:1e:7c:6f:b1:20:0f:f1:ac:8c:d5:0a:60:fb:
9d:8b:46:ce:cb:53:c7:7b:5e:3f:23:da:49:3c:18:06:e5:f5:
e8:fe:a8:ae:bb:86:77:89:4d:7e:6a:ac:49:6e:85:91:82:02:
11:6d:75:cf:ca:9f:f2:53:77:d8:6b:33:b2:44:fa:93:bb:af:
4b:f5:32:59:19:67:fc:5e:73:59:0b:1e:29:f7:40:b7:e8:a0:
ba:45:1b:57:2c:7c:00:6e:0a:64:0a:68:dc:26:85:67:a0:c5:
41:6f:ab:2f:94:e2:81:91:a3:36:e3:bc:fa:8c:fa:9a:ed:11:
9c:3f:6f:f3:15:3e:bb:be:67:6b:c2:8a:7b:4f:7b:80:52:80:
f5:40:04:d1:57:1f:3a:b4:5d:dc:4f:c9:de:ff:f0:30:71:ad:
1b:34:7f:c9:6c:02:fa:09:dc:fd:1e:f7:d6:f7:80:ce:1c:36:
f0:69:9c:7a:dd:47:90:cf:3f:c8:3b:87:e3:7c:49:26:26:c9:
ca:26:b3:5f:38:ba:66:8a:44:27:e4:87:c6:4e:3a:32:ad:bf:
35:09:d0:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR1682b7KLbKM3cd8OMb8OT2kBW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTNaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZTc5ZTRiM2FlMzA0ZGVhOTU2MTZjNDRkYTliNWFiNzMwZmM4YzcyZWU5
ZmYxNzQyMWMyYjVjMWFhMDMxYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuYk+SQWyQUTEwyFvUYcF9kFjMxR3HbQdJisWw/sPYM4Ler65wA3e4qVLBl
ZRl/paxwsAFvfQP3JNpw53tTm+2FEDuP7AjAqgvQ5R38v2/fBC9PgW5bPEhSLo/E
oUlMBP42/qs5ich5ypAW+4isXK7c2L04WWd/ozFLm+3jZZkSUGrHHLrfb1ZGq4wp
+CrOVo2MnjmPtlvrtV0Pk5B1Tdyx6l2xYFRGb7GTGJDa3tXr7GLJZQ0/sSLsACsx
kNPPZbTni5mSlbOEIa05FyIrz/lzki79yYnxhRTZj9ADbvCpNvE8EC/tyYua5R+Z
vljSBe6UBuU/Iv1/UgjcTz/3A1sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTfOy+Y
Q6qCEHj7ogpMpTiQrEVPeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRjODMxZWItMDdjMi00N2JiLWE3M2QtMTc3YWJjOWIxNGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JzDAN
BgkqhkiG9w0BAQsFAAOCAQEAKm5IUYfUaGS4Xwb2TvOlWDq/Ny7grnDHJJ0EbbmC
xzqpj7qQH+vX39YefG+xIA/xrIzVCmD7nYtGzstTx3tePyPaSTwYBuX16P6orruG
d4lNfmqsSW6FkYICEW11z8qf8lN32GszskT6k7uvS/UyWRln/F5zWQseKfdAt+ig
ukUbVyx8AG4KZApo3CaFZ6DFQW+rL5TigZGjNuO8+oz6mu0RnD9v8xU+u75na8KK
e097gFKA9UAE0VcfOrRd3E/J3v/wMHGtGzR/yWwC+gnc/R731veAzhw28Gmcet1H
kM8/yDuH43xJJibJyiazXzi6ZopEJ+SHxk46Mq2/NQnQQw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:02 2025 by rpki-client