Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
File: be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa (raw, json)
Hash identifier: idG6I3ILiaj6pRzjSiKDsAUEnTtFwgBoYFxinkTcdok=
Subject key identifier: 71:C9:6E:AA:57:7A:03:9F:8A:46:EB:A2:8E:62:FD:54:7D:36:65:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E6558AE7E723E1BFB52F359A84B5DB7654F9377
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
Signing time: Mon 14 Apr 2025 17:30:57 +0000
ROA not before: Mon 14 Apr 2025 17:30:57 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:65:58:ae:7e:72:3e:1b:fb:52:f3:59:a8:4b:5d:b7:65:4f:93:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:57 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=7248de6d271adb2b6d12067e5befdb891a2c3e577c316de13dfb198a53c3ebe0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fd:8d:15:01:d5:8c:05:c9:49:43:3c:b5:9a:
f3:f8:a8:8d:af:ab:c3:47:3a:6b:8b:c8:72:10:02:
c7:2e:fc:f4:19:cd:08:41:95:bd:16:b0:48:d7:9e:
35:28:7e:e2:39:8c:91:46:8c:d3:a7:dd:14:16:d5:
8b:e2:bc:92:f4:5d:e6:b8:b1:39:7a:55:67:b3:01:
90:f9:fe:ab:43:ee:1f:0c:a2:ab:8c:75:d7:1f:d1:
97:24:17:75:37:a9:5a:af:6b:fc:77:70:43:27:02:
0d:fc:20:08:ef:7b:49:60:cb:5b:87:4f:f0:3f:f7:
59:1b:03:28:4e:c3:3f:e8:5e:e5:92:f4:f2:f3:a2:
a2:75:7a:21:8b:f9:a7:a6:ef:22:03:88:b7:d7:0c:
e3:b7:1e:63:46:c7:05:c4:ba:51:c4:a3:e2:74:80:
aa:73:ab:b9:3c:78:e9:02:b9:15:05:68:d0:ca:10:
b1:db:4d:45:aa:94:bb:fe:eb:20:8b:59:8d:e9:c8:
f2:5e:cc:9b:0c:76:65:45:a5:49:09:41:96:94:74:
9c:8a:2c:d8:88:8c:bc:0d:9f:ea:27:e2:0d:d2:e8:
94:e2:98:94:e7:e2:ad:da:3d:9f:14:36:af:c5:8b:
2c:7b:1b:fa:d0:70:b6:5b:fd:60:09:1f:3e:8c:93:
86:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C9:6E:AA:57:7A:03:9F:8A:46:EB:A2:8E:62:FD:54:7D:36:65:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be6b7cb0-3c55-4a65-b00a-45bc1310868b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.96.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:2f:c5:27:89:3c:fe:5a:f2:93:76:93:77:e1:23:33:37:1e:
04:d9:cb:cb:26:4b:cb:f8:20:bf:b4:9b:66:c4:12:bd:18:f5:
9a:b1:77:10:cf:98:ae:c0:0e:83:49:29:43:23:ba:cd:0e:db:
20:4c:25:be:20:3a:c3:e0:1f:17:0d:68:99:16:86:f4:60:6d:
3f:e0:6b:94:51:61:13:9b:26:f2:b8:54:e0:1f:9f:9b:90:cc:
da:a7:35:40:fc:67:28:c1:05:4b:73:11:bb:e9:55:28:f5:5a:
13:85:84:96:59:e4:ad:b1:a8:45:d4:2f:2a:67:a4:bd:0e:7c:
97:1f:5d:19:4d:9c:47:c4:23:c7:63:03:ab:64:e3:7e:77:de:
c2:09:3c:52:79:10:70:6d:71:9f:e3:0e:d4:17:2f:56:21:6b:
f3:f0:a8:f8:36:0a:84:d5:7c:9e:a0:bb:5a:c8:f4:d6:c2:2e:
c5:41:7a:68:5e:3c:53:da:5f:66:ea:a6:05:88:72:94:ef:28:
31:d4:f8:34:b0:d9:48:8e:ac:be:bc:b7:1e:60:78:c4:1a:0f:
2d:bc:ff:f1:d0:75:94:53:5e:2f:da:3e:d6:7c:e3:ac:35:4d:
ce:dd:0c:b6:02:ae:1f:df:15:d1:03:ef:48:94:67:35:e3:37:
80:21:66:80
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXmVYrn5yPhv7UvNZqEtdt2VPk3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwNTdaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyNDhkZTZkMjcxYWRiMmI2ZDEyMDY3ZTViZWZkYjg5MWEyYzNlNTc3YzMx
NmRlMTNkZmIxOThhNTNjM2ViZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALH9jRUB1YwFyUlDPLWa8/ioja+rw0c6a4vIchACxy789BnNCEGVvRawSNee
NSh+4jmMkUaM06fdFBbVi+K8kvRd5rixOXpVZ7MBkPn+q0PuHwyiq4x11x/RlyQX
dTepWq9r/HdwQycCDfwgCO97SWDLW4dP8D/3WRsDKE7DP+he5ZL08vOionV6IYv5
p6bvIgOIt9cM47ceY0bHBcS6UcSj4nSAqnOruTx46QK5FQVo0MoQsdtNRaqUu/7r
IItZjenI8l7Mmwx2ZUWlSQlBlpR0nIos2IiMvA2f6ifiDdLolOKYlOfirdo9nxQ2
r8WLLHsb+tBwtlv9YAkfPoyThiUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRxyW6q
V3oDn4pG66KOYv1UfTZlajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2YjdjYjAtM2M1NS00YTY1LWIwMGEtNDViYzEzMTA4NjhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS6JYDAN
BgkqhkiG9w0BAQsFAAOCAQEALi/FJ4k8/lryk3aTd+EjMzceBNnLyyZLy/ggv7Sb
ZsQSvRj1mrF3EM+YrsAOg0kpQyO6zQ7bIEwlviA6w+AfFw1omRaG9GBtP+BrlFFh
E5sm8rhU4B+fm5DM2qc1QPxnKMEFS3MRu+lVKPVaE4WEllnkrbGoRdQvKmekvQ58
lx9dGU2cR8Qjx2MDq2Tjfnfewgk8UnkQcG1xn+MO1BcvViFr8/Co+DYKhNV8nqC7
Wsj01sIuxUF6aF48U9pfZuqmBYhylO8oMdT4NLDZSI6svry3HmB4xBoPLbz/8dB1
lFNeL9o+1nzjrDVNzt0MtgKuH98V0QPvSJRnNeM3gCFmgA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:24 2025 by rpki-client