Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
File: df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa (raw, json)
Hash identifier: LAdhniGBphcU27NhlHK4j5BksaO/enHpNf46sJFBnDw=
Subject key identifier: 52:12:FA:E4:50:BA:0D:D7:41:D5:B1:29:30:6B:8C:58:AE:28:36:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22ECC546A5D0BF04FB6F1CB9EAF5566A84957E2A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
Signing time: Mon 14 Apr 2025 17:30:10 +0000
ROA not before: Mon 14 Apr 2025 17:30:10 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:ec:c5:46:a5:d0:bf:04:fb:6f:1c:b9:ea:f5:56:6a:84:95:7e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:10 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=01e5006cd7948cd6cf0112b67c6bd0b2927d45d375d4e7ab50e6996e3d701f1e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4a:20:f2:e6:aa:e0:b8:d9:51:75:8e:76:e4:
25:c0:5e:b5:3f:1c:85:ed:d7:13:31:a9:d5:ee:79:
f8:a1:84:e2:ee:8d:84:ca:58:88:f0:62:fb:f1:89:
06:94:e2:a5:d5:43:d0:9c:b6:b4:e3:c3:5b:ff:a6:
f6:63:53:cc:1c:3b:4f:81:31:2e:42:ef:70:39:6f:
9e:2c:01:10:d7:7c:7a:e1:33:5d:8b:1d:cf:54:d2:
93:24:8b:27:79:33:c0:3c:25:6e:c3:4e:54:65:b7:
a0:c0:39:7f:f6:08:c7:1a:34:26:c0:04:c1:be:0f:
d0:04:92:b4:b6:df:e9:5a:5e:5c:bb:7d:66:46:d5:
69:2e:fe:2e:a6:27:c2:7b:5f:b7:77:31:6f:f0:0f:
b4:32:06:f8:da:6d:61:4f:fa:f2:7f:f0:c0:b3:3a:
05:37:a8:dd:3d:e0:11:00:1a:e3:ca:65:b1:f9:fa:
de:31:5f:3c:cf:f6:3e:cf:cd:30:23:7a:f8:99:4d:
b5:6d:7a:3d:69:df:ae:a1:d4:7c:7d:24:79:86:7b:
15:f9:51:4a:f6:8c:1d:9c:f7:0a:8b:ba:d0:4e:a1:
51:ab:99:fc:0d:e3:86:42:14:de:ad:4f:b6:1e:42:
81:5b:ec:4c:2b:d8:ad:0d:a2:83:a1:24:a7:00:60:
ba:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:12:FA:E4:50:BA:0D:D7:41:D5:B1:29:30:6B:8C:58:AE:28:36:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df740e2f-8ce5-4b1b-a95e-60487d9388a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:6d:63:db:d7:48:9f:a8:4d:4e:f9:7b:e9:59:11:91:25:ed:
10:bc:2e:c5:36:37:87:f4:c2:37:b3:a3:a4:1e:58:80:3a:ee:
5e:de:d4:cf:14:44:95:36:aa:a2:41:7a:cb:6a:9d:8e:bf:71:
1b:92:7a:f1:7f:30:b0:ce:d5:b1:76:a8:7e:2f:e9:1c:8c:a5:
ef:8d:1f:e0:c5:74:f6:44:b4:94:70:1b:9e:d6:55:e5:38:94:
e3:dd:b0:54:4d:88:c7:6b:38:f6:84:10:07:a7:9c:b4:2e:c8:
a6:d8:95:ed:37:1d:e3:5d:b0:15:40:32:90:d6:09:0e:4d:1c:
b4:dc:5e:4e:02:91:4a:28:db:be:11:68:f3:fa:01:28:91:f0:
78:a0:4c:7f:18:3a:34:c9:60:d9:4c:5e:42:93:9f:c0:c6:3e:
d6:26:0c:79:de:fb:c7:48:43:4d:05:c0:b9:83:7f:5f:24:17:
a9:f8:b2:d8:56:d4:ab:ba:4f:81:7a:c2:8a:20:a0:46:33:35:
cc:6d:62:9a:ff:06:f2:7e:19:f0:5d:bc:95:4e:94:6c:d3:7c:
1e:19:b5:eb:ae:42:72:85:9c:73:14:88:5c:5c:18:ab:64:c0:
71:21:bb:1a:8b:5b:ff:b1:63:7c:5b:0a:04:a3:16:6c:ee:5d:
8e:33:c2:2e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIuzFRqXQvwT7bxy56vVWaoSVfiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTBaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxZTUwMDZjZDc5NDhjZDZjZjAxMTJiNjdjNmJkMGIyOTI3ZDQ1ZDM3NWQ0
ZTdhYjUwZTY5OTZlM2Q3MDFmMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRKIPLmquC42VF1jnbkJcBetT8che3XEzGp1e55+KGE4u6NhMpYiPBi+/GJ
BpTipdVD0Jy2tOPDW/+m9mNTzBw7T4ExLkLvcDlvniwBENd8euEzXYsdz1TSkySL
J3kzwDwlbsNOVGW3oMA5f/YIxxo0JsAEwb4P0ASStLbf6VpeXLt9ZkbVaS7+LqYn
wntft3cxb/APtDIG+NptYU/68n/wwLM6BTeo3T3gEQAa48plsfn63jFfPM/2Ps/N
MCN6+JlNtW16PWnfrqHUfH0keYZ7FflRSvaMHZz3Cou60E6hUauZ/A3jhkIU3q1P
th5CgVvsTCvYrQ2ig6EkpwBgunECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRSEvrk
ULoN10HVsSkwa4xYrig2eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGY3NDBlMmYtOGNlNS00YjFiLWE5NWUtNjA0ODdkOTM4OGE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JyDAN
BgkqhkiG9w0BAQsFAAOCAQEAX21j29dIn6hNTvl76VkRkSXtELwuxTY3h/TCN7Oj
pB5YgDruXt7UzxRElTaqokF6y2qdjr9xG5J68X8wsM7VsXaofi/pHIyl740f4MV0
9kS0lHAbntZV5TiU492wVE2Ix2s49oQQB6ectC7IptiV7Tcd412wFUAykNYJDk0c
tNxeTgKRSijbvhFo8/oBKJHweKBMfxg6NMlg2UxeQpOfwMY+1iYMed77x0hDTQXA
uYN/XyQXqfiy2FbUq7pPgXrCiiCgRjM1zG1imv8G8n4Z8F28lU6UbNN8Hhm1665C
coWccxSIXFwYq2TAcSG7Gotb/7FjfFsKBKMWbO5djjPCLg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:19 2025 by rpki-client