Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
File: cda4310a-ca55-4999-9a56-f3175f246324.roa (raw, json)
Hash identifier: G3t8tavfwYIJQWK6NL19XrBQxgTjPxAZyCafvNps5A4=
Subject key identifier: 09:4B:D7:10:C9:04:4B:1C:11:3A:1F:CA:EC:A7:F1:24:63:ED:05:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D25D823B1CE42E9B15762A267E15AC0C2FA6B28
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
Signing time: Fri 09 May 2025 16:30:14 +0000
ROA not before: Fri 09 May 2025 16:30:14 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:25:d8:23:b1:ce:42:e9:b1:57:62:a2:67:e1:5a:c0:c2:fa:6b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 9 16:30:14 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=d130ce7b3181e17967adc02466d60a99714f98282efde27ba44194d381124604, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:9d:c9:78:f7:c8:c2:92:4b:36:84:42:99:a9:
40:d9:b4:77:0e:4e:c9:53:ed:2b:0d:a4:4c:73:9d:
97:39:d5:16:2b:63:84:b2:9a:6b:df:1a:03:b2:31:
79:a3:06:a1:fc:74:f6:77:a6:0e:33:63:aa:16:f7:
34:f4:ee:e9:9f:e3:d6:17:7e:1d:21:ba:74:e5:87:
ea:77:57:2b:c2:23:73:33:9f:9c:33:3d:cc:0c:79:
fc:2f:49:7f:1c:c7:16:fe:e6:22:af:6f:24:45:c4:
78:b9:d9:6f:8e:0d:8a:49:5e:20:a4:fc:4d:aa:9f:
67:d6:be:74:d9:44:47:73:af:fd:d5:c7:e9:a5:1f:
6d:33:8c:ee:c3:35:55:68:6d:e3:50:9e:b2:e2:c4:
89:5f:d0:a1:15:1f:46:75:dd:14:e2:66:0b:e9:48:
e3:44:e0:7b:c3:2d:3f:1c:9b:f3:7c:5d:96:5b:9c:
2c:f4:d5:6a:fd:c1:54:24:97:cb:52:c0:93:56:62:
9d:eb:e7:a5:69:e8:d6:05:51:68:a3:60:0e:35:da:
d7:34:bf:dc:d3:dc:78:69:22:16:05:ff:2a:36:87:
de:c5:9e:95:27:30:bd:12:69:da:68:15:9e:91:be:
4f:9e:e9:91:82:0f:43:2c:de:3d:72:72:55:83:4b:
98:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4B:D7:10:C9:04:4B:1C:11:3A:1F:CA:EC:A7:F1:24:63:ED:05:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda4310a-ca55-4999-9a56-f3175f246324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.152.0/22
Signature Algorithm: sha256WithRSAEncryption
88:c7:da:e4:2a:f0:e6:d3:f6:85:f0:c5:37:43:1e:6f:9e:08:
34:a2:3a:73:27:cf:c8:27:a6:b8:c1:7c:95:64:11:c6:cc:1c:
17:a7:85:4f:26:f1:d9:88:de:38:cd:01:96:9b:3d:51:6c:61:
17:93:68:32:57:94:04:bc:96:6f:27:3c:13:7b:4f:8d:b0:35:
0c:fa:05:32:1e:79:46:bd:86:2e:7e:fd:32:e1:f2:75:f2:4d:
47:ab:92:34:00:03:1f:64:30:14:e1:10:ba:0e:62:9a:7f:79:
fb:45:b5:5f:ec:d3:48:e0:c4:37:eb:c7:fb:02:a1:59:79:1d:
c6:c4:0d:5f:ca:3a:66:89:05:dc:27:d7:7a:5e:45:97:26:7b:
31:73:0d:4e:33:83:65:73:13:87:d4:c3:e3:fe:23:72:d7:f8:
36:df:da:ce:cb:11:b6:6d:ff:7a:aa:ad:46:83:33:7c:28:3e:
80:50:f7:71:c1:c2:5a:8e:84:0f:0c:e3:f4:51:b8:09:a3:c6:
df:c0:32:80:0e:52:d2:ea:f8:28:94:c7:14:6e:9d:a5:a4:7f:
12:40:de:62:7f:2a:a3:da:7e:90:30:0a:27:f9:c1:21:4e:df:
90:9d:6b:df:df:a8:f7:c3:92:69:61:80:33:d5:1c:33:0c:79:
76:53:46:1a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbSXYI7HOQumxV2KiZ+FawML6aygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MDkxNjMwMTRaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxMzBjZTdiMzE4MWUxNzk2N2FkYzAyNDY2ZDYwYTk5NzE0Zjk4MjgyZWZk
ZTI3YmE0NDE5NGQzODExMjQ2MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSdyXj3yMKSSzaEQpmpQNm0dw5OyVPtKw2kTHOdlznVFitjhLKaa98aA7Ix
eaMGofx09nemDjNjqhb3NPTu6Z/j1hd+HSG6dOWH6ndXK8IjczOfnDM9zAx5/C9J
fxzHFv7mIq9vJEXEeLnZb44NikleIKT8TaqfZ9a+dNlER3Ov/dXH6aUfbTOM7sM1
VWht41CesuLEiV/QoRUfRnXdFOJmC+lI40Tge8MtPxyb83xdllucLPTVav3BVCSX
y1LAk1ZinevnpWno1gVRaKNgDjXa1zS/3NPceGkiFgX/KjaH3sWelScwvRJp2mgV
npG+T57pkYIPQyzePXJyVYNLmBsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQJS9cQ
yQRLHBE6H8rsp/EkY+0FqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhNDMxMGEtY2E1NS00OTk5LTlhNTYtZjMxNzVmMjQ2MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6JmDAN
BgkqhkiG9w0BAQsFAAOCAQEAiMfa5Crw5tP2hfDFN0Meb54INKI6cyfPyCemuMF8
lWQRxswcF6eFTybx2YjeOM0Blps9UWxhF5NoMleUBLyWbyc8E3tPjbA1DPoFMh55
Rr2GLn79MuHydfJNR6uSNAADH2QwFOEQug5imn95+0W1X+zTSODEN+vH+wKhWXkd
xsQNX8o6ZokF3CfXel5FlyZ7MXMNTjODZXMTh9TD4/4jctf4Nt/azssRtm3/eqqt
RoMzfCg+gFD3ccHCWo6EDwzj9FG4CaPG38AygA5S0ur4KJTHFG6dpaR/EkDeYn8q
o9p+kDAKJ/nBIU7fkJ1r39+o98OSaWGAM9UcMwx5dlNGGg==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:30:03 2025 by rpki-client