Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
File: 19bd833c-9eac-4b19-b264-a191d9c1b939.roa (raw, json)
Hash identifier: FEOypKwQc8w8mkrbvzFPCBGedOPJl3kpRxNyIjnPuAI=
Subject key identifier: 80:91:57:62:36:4A:52:39:C6:01:94:B4:05:30:75:A1:66:51:84:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5AE11F64307CBD1E68F2CC1F60F78E6FE618B9E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
Signing time: Mon 14 Apr 2025 17:31:05 +0000
ROA not before: Mon 14 Apr 2025 17:31:05 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:e1:1f:64:30:7c:bd:1e:68:f2:cc:1f:60:f7:8e:6f:e6:18:b9:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:31:05 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=5413abcdf4c2742f8fb2889bb0435621e85a72378f0ecb0fbadf9b1bd358f5a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e2:03:0c:56:01:d0:fe:b3:31:45:2d:86:d6:
a8:02:7a:01:44:da:ad:35:19:8f:c7:36:71:d4:4f:
2e:92:38:6c:00:f9:b1:2c:38:2a:09:d4:72:9f:f1:
f3:49:e3:69:4b:a5:f7:be:41:bc:40:94:25:3b:c7:
8a:52:70:85:a3:3d:15:f1:b9:37:5b:ae:37:56:01:
8c:e0:ea:2e:8e:41:f0:18:22:8a:22:78:de:31:c7:
b3:ca:47:4c:1d:a1:f4:23:70:84:7e:c0:2a:72:73:
ee:8e:ac:3e:55:83:ae:28:6e:61:db:61:3f:4b:b4:
79:de:ca:50:13:34:b5:09:6e:5b:47:9b:32:98:ce:
6a:a7:86:2d:32:e9:3c:d2:23:96:06:3a:78:6e:7b:
f6:81:4b:cd:4c:13:19:90:9e:6e:ed:f5:50:16:3b:
c5:c8:e2:da:0c:58:d1:8e:c3:85:ca:7f:fb:14:f6:
9c:73:a1:75:f5:bc:23:b5:09:82:d3:b2:59:a4:1f:
c5:96:0c:1a:3a:04:6b:1b:f7:bc:48:39:47:9e:e3:
c0:6a:c7:7b:2d:60:88:55:57:e4:6d:48:d0:96:d7:
a8:82:ba:b9:1e:48:10:c5:36:e3:f4:46:92:00:31:
54:f3:2a:66:f9:ab:5d:f1:bd:45:6d:cc:80:26:aa:
a2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:91:57:62:36:4A:52:39:C6:01:94:B4:05:30:75:A1:66:51:84:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19bd833c-9eac-4b19-b264-a191d9c1b939.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:e6:ef:22:af:3a:b0:c4:be:d6:7d:f4:93:e6:53:c2:c7:7f:
b9:c7:f4:ab:71:8e:60:5d:dd:77:3a:b0:10:d2:93:8b:76:fe:
ba:61:25:69:a6:b0:e9:b3:c2:e0:eb:e6:7d:bc:b8:b8:28:22:
17:62:d0:e1:d2:e5:b5:4f:98:11:24:fc:1d:2f:ac:51:d8:82:
75:5d:85:6a:81:43:e5:80:8b:53:d2:ff:e6:03:e2:f7:70:e7:
8e:12:9b:d9:ec:7b:df:47:4f:ae:bd:53:44:ae:7e:f5:0b:88:
fb:b5:81:d8:b1:3f:12:1e:d7:5c:57:3d:c1:65:ca:4e:d4:f1:
5f:b4:08:ba:dc:1f:5f:20:c6:20:82:70:ac:06:88:8c:e2:62:
50:05:c8:86:d1:bc:04:f3:7f:38:c1:70:22:58:a2:4b:1f:8a:
b9:e0:ff:62:22:61:77:5a:9d:5e:31:24:d3:b6:5d:fc:1b:61:
1c:cb:3b:eb:0a:d2:da:1f:6e:e5:dd:bc:7d:66:a0:de:8e:c5:
84:44:86:34:91:23:c7:90:d7:92:b9:49:ca:93:76:e5:8c:46:
92:05:9c:b0:0a:dc:e7:5c:9b:5f:0d:9b:e0:09:ea:c6:7c:26:
cf:8d:86:21:96:64:df:6a:3f:4c:43:41:c2:83:ea:4c:18:45:
b6:a2:83:98
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWuEfZDB8vR5o8swfYPeOb+YYueQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMxMDVaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MTNhYmNkZjRjMjc0MmY4ZmIyODg5YmIwNDM1NjIxZTg1YTcyMzc4ZjBl
Y2IwZmJhZGY5YjFiZDM1OGY1YTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjiAwxWAdD+szFFLYbWqAJ6AUTarTUZj8c2cdRPLpI4bAD5sSw4KgnUcp/x
80njaUul975BvECUJTvHilJwhaM9FfG5N1uuN1YBjODqLo5B8BgiiiJ43jHHs8pH
TB2h9CNwhH7AKnJz7o6sPlWDrihuYdthP0u0ed7KUBM0tQluW0ebMpjOaqeGLTLp
PNIjlgY6eG579oFLzUwTGZCebu31UBY7xcji2gxY0Y7Dhcp/+xT2nHOhdfW8I7UJ
gtOyWaQfxZYMGjoEaxv3vEg5R57jwGrHey1giFVX5G1I0JbXqIK6uR5IEMU24/RG
kgAxVPMqZvmrXfG9RW3MgCaqonsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSAkVdi
NkpSOcYBlLQFMHWhZlGEEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTliZDgzM2MtOWVhYy00YjE5LWIyNjQtYTE5MWQ5YzFiOTM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEApObvIq86sMS+1n30k+ZTwsd/ucf0q3GOYF3ddzqw
ENKTi3b+umElaaaw6bPC4Ovmfby4uCgiF2LQ4dLltU+YEST8HS+sUdiCdV2FaoFD
5YCLU9L/5gPi93DnjhKb2ex730dPrr1TRK5+9QuI+7WB2LE/Eh7XXFc9wWXKTtTx
X7QIutwfXyDGIIJwrAaIjOJiUAXIhtG8BPN/OMFwIliiSx+KueD/YiJhd1qdXjEk
07Zd/BthHMs76wrS2h9u5d28fWag3o7FhESGNJEjx5DXkrlJypN25YxGkgWcsArc
51ybXw2b4Anqxnwmz42GIZZk32o/TENBwoPqTBhFtqKDmA==
-----END CERTIFICATE-----
Generated at Mon May 5 13:28:53 2025 by rpki-client