Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: fC2TodQf1Qlo8h4kHWT0RWmv3p5hEBe2jGOonYLUIYs=
Subject key identifier: A8:4F:51:9B:73:2A:33:F8:3C:C8:C3:18:D3:31:A8:2C:9F:88:5A:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21753638D6A12D4EE64E6D6E84F032DDD75548DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Mon 14 Apr 2025 17:30:11 +0000
ROA not before: Mon 14 Apr 2025 17:30:11 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:75:36:38:d6:a1:2d:4e:e6:4e:6d:6e:84:f0:32:dd:d7:55:48:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:11 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=49b6c510754a529272be5fc91c1852d5fcf57718a29d9eeed1c5f2f955252bf2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ed:82:f0:d3:fa:90:bd:fc:c1:3e:0e:57:3e:
3f:d3:73:65:62:58:22:66:66:e5:5d:c9:db:9f:8c:
95:e2:6f:70:0e:06:58:be:f3:05:22:a4:42:a9:47:
7a:fc:02:ac:4d:01:e4:b6:cc:03:46:9f:8c:f2:2c:
65:4a:2c:9e:36:0e:f2:80:61:94:c3:4c:4f:ec:16:
ca:cc:aa:40:0b:f2:43:f7:bb:98:a4:9d:b9:b2:6f:
6b:ec:42:3a:7d:03:a6:e2:15:fb:6f:f9:1b:4e:b9:
e7:07:b9:2b:e1:9f:36:f9:39:ef:68:7e:c4:72:e6:
55:4b:ff:8e:6a:51:7f:ae:98:f5:7e:cb:b8:5f:df:
41:eb:51:b5:5e:ee:4d:0a:dd:bb:3f:53:5f:b7:be:
06:b4:e9:8f:3a:d3:5f:9b:10:c6:1e:19:b0:08:35:
72:67:be:a6:1b:33:11:05:ae:37:b8:9e:30:bc:84:
b2:79:e0:cd:d9:b5:f3:44:46:2d:68:b3:f6:ef:76:
f1:f4:5b:c6:08:38:f6:19:26:b8:18:b9:fa:c0:f6:
a6:4f:39:fc:2a:f6:ea:77:bd:c1:3a:81:fb:28:67:
b4:0e:8e:54:6b:2e:33:23:ab:b8:8a:f5:6a:c6:e4:
21:70:03:49:6a:a6:ab:cd:a0:20:36:ad:cb:78:a9:
f7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4F:51:9B:73:2A:33:F8:3C:C8:C3:18:D3:31:A8:2C:9F:88:5A:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:74:f4:1f:44:46:7c:3c:1f:d4:e7:81:a3:2f:b2:65:dd:31:
ac:40:bc:50:b3:1f:c6:02:5a:30:5e:30:2e:17:f7:1e:61:6a:
e3:87:23:fc:77:a5:6b:4c:ed:45:79:68:20:cd:51:54:7c:b8:
c5:79:a3:06:3b:eb:81:bb:5f:12:36:22:0e:69:b3:b3:db:5e:
e3:cf:80:fe:05:22:ef:3c:22:3a:09:92:0d:46:dd:90:bc:36:
f8:b9:90:b7:72:63:34:ca:d6:2d:e6:4b:11:03:c8:d4:2e:23:
79:5c:cb:16:85:69:b2:02:7c:85:f9:76:12:09:5f:92:04:59:
c0:4a:36:7c:90:93:a9:86:0e:70:02:86:0f:3f:d6:97:69:29:
5e:5c:84:a0:4c:27:d4:bf:f7:8a:a3:a3:e3:73:f3:0b:b5:67:
06:47:21:46:61:46:7a:d1:27:08:c8:fa:e2:71:fb:81:37:f8:
24:6a:30:37:b3:9b:c4:ea:af:5c:51:fa:db:11:b2:2c:c7:cc:
50:f9:cb:50:33:25:92:89:a7:60:7e:d6:88:f4:3c:e7:66:fd:
26:b7:17:40:7f:c3:75:55:07:79:20:d9:6e:4e:19:56:1e:d4:
8a:03:17:47:c4:20:77:65:b8:bc:fc:d4:d8:fa:c6:13:ca:6d:
8a:99:0b:85
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIXU2ONahLU7mTm1uhPAy3ddVSNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTFaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5YjZjNTEwNzU0YTUyOTI3MmJlNWZjOTFjMTg1MmQ1ZmNmNTc3MThhMjlk
OWVlZWQxYzVmMmY5NTUyNTJiZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjtgvDT+pC9/ME+Dlc+P9NzZWJYImZm5V3J25+MleJvcA4GWL7zBSKkQqlH
evwCrE0B5LbMA0afjPIsZUosnjYO8oBhlMNMT+wWysyqQAvyQ/e7mKSdubJva+xC
On0DpuIV+2/5G0655we5K+GfNvk572h+xHLmVUv/jmpRf66Y9X7LuF/fQetRtV7u
TQrduz9TX7e+BrTpjzrTX5sQxh4ZsAg1cme+phszEQWuN7ieMLyEsnngzdm180RG
LWiz9u928fRbxgg49hkmuBi5+sD2pk85/Cr26ne9wTqB+yhntA6OVGsuMyOruIr1
asbkIXADSWqmq82gIDaty3ip920CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSoT1Gb
cyoz+DzIwxjTMagsn4ha1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEAD3T0H0RGfDwf1OeBoy+yZd0xrEC8ULMfxgJaMF4w
Lhf3HmFq44cj/Hela0ztRXloIM1RVHy4xXmjBjvrgbtfEjYiDmmzs9te48+A/gUi
7zwiOgmSDUbdkLw2+LmQt3JjNMrWLeZLEQPI1C4jeVzLFoVpsgJ8hfl2EglfkgRZ
wEo2fJCTqYYOcAKGDz/Wl2kpXlyEoEwn1L/3iqOj43PzC7VnBkchRmFGetEnCMj6
4nH7gTf4JGowN7ObxOqvXFH62xGyLMfMUPnLUDMlkomnYH7WiPQ852b9JrcXQH/D
dVUHeSDZbk4ZVh7UigMXR8Qgd2W4vPzU2PrGE8ptipkLhQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:08:13 2025 by rpki-client