Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
File: 279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa (raw, json)
Hash identifier: iBXgyiSc91KYGHGME3bF1QOVVQ92YfG/qmLy5HCFJDw=
Subject key identifier: 19:BE:F3:5E:A7:5E:35:B8:01:3D:EA:EF:04:52:58:F8:16:DB:EE:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D6974E20945290980FB54C9D47A847FE981C526
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
Signing time: Mon 14 Apr 2025 17:30:14 +0000
ROA not before: Mon 14 Apr 2025 17:30:14 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:69:74:e2:09:45:29:09:80:fb:54:c9:d4:7a:84:7f:e9:81:c5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 14 17:30:14 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=358cf2e9558d467bbf9f4921fb3329e9c94a9475c4cd40d9c222b4b36a01daa9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:df:2c:c7:27:c7:23:de:7d:42:c2:81:8e:d6:
c1:ce:73:80:8a:15:41:32:7c:f2:2a:97:ec:59:5c:
60:ed:2a:61:76:dc:5e:61:eb:e2:b6:ea:85:6c:4a:
da:74:ad:0a:de:f2:14:4e:ca:73:81:d3:56:3d:e2:
35:fd:27:d8:30:d5:89:cb:71:02:be:13:a5:bf:87:
fd:b8:f1:32:2f:93:c5:dd:57:29:65:3a:d6:54:ce:
9d:93:93:91:fe:7f:2f:31:1e:36:79:63:a0:87:80:
cf:b1:8d:fc:f4:99:0c:ca:c8:f6:30:05:c9:3b:e1:
0f:ab:50:bb:6b:34:ed:ae:02:6a:ef:36:c9:28:e8:
90:84:ab:1e:8a:58:7e:bf:f1:6e:0e:dd:50:bc:6e:
d7:2b:5c:21:90:e9:ca:18:3b:1a:c1:23:98:bd:8e:
9f:d1:0c:50:7b:65:d5:55:ce:72:88:d1:72:86:38:
84:73:23:29:45:41:f9:f3:3a:61:14:02:1d:e2:69:
b3:c2:31:c0:23:ad:20:25:96:b8:ff:5f:f5:3d:2e:
f4:d1:83:5b:20:60:87:70:02:98:70:a3:92:5e:24:
80:35:60:6e:75:af:62:70:5d:19:81:8d:4c:fe:a0:
0c:46:2f:cf:28:eb:96:6b:56:a6:57:f8:bd:d2:e1:
1e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BE:F3:5E:A7:5E:35:B8:01:3D:EA:EF:04:52:58:F8:16:DB:EE:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/279da9d6-10c2-4fd5-9d75-0a963c29c8d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.144.0/21
Signature Algorithm: sha256WithRSAEncryption
69:fa:27:26:8f:73:28:c7:14:d7:e6:63:3f:ca:94:92:23:34:
71:0d:4b:f9:53:e0:0b:b8:b3:89:8c:3a:f9:89:4b:79:4b:e9:
72:28:a2:5b:49:0a:74:c8:96:f2:e1:a4:d9:bb:f2:55:70:8c:
fc:24:d1:88:6d:18:f1:5e:82:e6:c7:94:23:86:48:81:89:27:
d3:24:8d:eb:17:da:2a:65:71:ba:a9:d9:c7:64:2b:f7:95:1c:
68:14:68:75:fb:e6:76:be:b5:f0:bd:12:54:74:92:c2:8b:e0:
cb:32:ba:7a:59:f3:fd:ba:ef:48:76:b6:58:c6:ad:6e:c3:ed:
21:08:f2:98:56:16:0f:e1:a5:9c:a1:f0:ac:3f:82:56:a3:01:
84:8c:43:1d:35:f9:77:65:28:6e:37:80:7d:8f:9c:8e:64:ac:
f1:6e:cd:f5:79:5c:c3:32:ff:56:b7:12:3b:0d:2f:05:d2:98:
ec:00:14:77:8f:82:e3:0b:bb:c1:d5:be:08:03:d0:91:da:4e:
9e:94:33:c9:f4:fa:74:35:d7:8f:70:02:2e:e2:a9:cd:a6:9a:
35:c3:38:22:70:0f:f7:f5:10:1f:2a:47:e9:9d:70:a7:2c:8d:
7c:61:28:ce:15:a7:48:a3:9b:7a:a1:71:6a:ce:5a:c6:96:11:
0c:3e:27:fa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHWl04glFKQmA+1TJ1HqEf+mBxSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTQxNzMwMTRaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1OGNmMmU5NTU4ZDQ2N2JiZjlmNDkyMWZiMzMyOWU5Yzk0YTk0NzVjNGNk
NDBkOWMyMjJiNGIzNmEwMWRhYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnfLMcnxyPefULCgY7Wwc5zgIoVQTJ88iqX7FlcYO0qYXbcXmHr4rbqhWxK
2nStCt7yFE7Kc4HTVj3iNf0n2DDVictxAr4Tpb+H/bjxMi+Txd1XKWU61lTOnZOT
kf5/LzEeNnljoIeAz7GN/PSZDMrI9jAFyTvhD6tQu2s07a4Cau82ySjokISrHopY
fr/xbg7dULxu1ytcIZDpyhg7GsEjmL2On9EMUHtl1VXOcojRcoY4hHMjKUVB+fM6
YRQCHeJps8IxwCOtICWWuP9f9T0u9NGDWyBgh3ACmHCjkl4kgDVgbnWvYnBdGYGN
TP6gDEYvzyjrlmtWplf4vdLhHrUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZvvNe
p141uAE96u8EUlj4Ftvu7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc5ZGE5ZDYtMTBjMi00ZmQ1LTlkNzUtMGE5NjNjMjljOGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6JkDAN
BgkqhkiG9w0BAQsFAAOCAQEAafonJo9zKMcU1+ZjP8qUkiM0cQ1L+VPgC7iziYw6
+YlLeUvpciiiW0kKdMiW8uGk2bvyVXCM/CTRiG0Y8V6C5seUI4ZIgYkn0ySN6xfa
KmVxuqnZx2Qr95UcaBRodfvmdr618L0SVHSSwovgyzK6elnz/brvSHa2WMatbsPt
IQjymFYWD+GlnKHwrD+CVqMBhIxDHTX5d2UobjeAfY+cjmSs8W7N9XlcwzL/VrcS
Ow0vBdKY7AAUd4+C4wu7wdW+CAPQkdpOnpQzyfT6dDXXj3ACLuKpzaaaNcM4InAP
9/UQHypH6Z1wpyyNfGEozhWnSKObeqFxas5axpYRDD4n+g==
-----END CERTIFICATE-----
Generated at Mon May 5 18:40:56 2025 by rpki-client