Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: up+UU8G4YWJy/cEepBXS7DukMoEPCcCl6gIVsrH9fz4=
Subject key identifier: 17:B0:32:13:3C:DB:16:47:E7:AB:94:E7:1B:E7:6C:06:D2:66:51:22
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 230E8E3D9DBA714987D8DB5A384F641586547A11
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Fri 25 Apr 2025 20:31:35 +0000
ROA not before: Fri 25 Apr 2025 20:31:35 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:0e:8e:3d:9d:ba:71:49:87:d8:db:5a:38:4f:64:15:86:54:7a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:35 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=daa8bec4f5a00a4050159a47df14d8312f864cee773544f2131c6ccdefed37f9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:77:ea:a1:9e:19:9d:25:73:8b:10:43:29:94:
a4:df:2f:72:7d:5d:20:a8:55:48:49:4d:1a:7b:85:
6f:17:4a:a3:98:ed:65:c0:21:c3:15:4e:79:9c:2b:
41:9b:3a:d9:d2:22:52:29:e9:dd:14:4d:a3:ba:20:
21:01:c7:26:68:4d:9e:df:01:47:c6:92:0b:fd:0b:
a3:63:6d:e5:18:c4:38:bc:33:85:29:6e:35:ca:40:
67:f3:6d:3a:86:32:7d:5c:73:e5:9d:ff:51:76:4e:
d5:02:af:13:ae:4b:1f:c2:d1:64:5c:69:10:4b:9d:
70:d8:c8:56:3f:9e:e4:57:bf:a1:ae:7d:c3:6a:f8:
4e:32:6e:8e:6e:f9:53:95:d2:79:ee:b8:71:21:ae:
28:12:58:9b:99:50:00:bd:8d:8b:58:f2:51:8d:c6:
8e:d8:09:46:b0:df:f3:ed:ab:29:b2:17:55:79:a5:
d8:cc:41:34:73:f0:b0:32:05:fb:6d:43:63:f4:91:
ce:7d:b7:e8:c8:f3:62:12:89:f8:bb:be:6a:a6:f5:
77:5e:6d:0d:54:5d:ee:04:43:1a:30:24:90:42:4a:
73:2c:0f:ff:f1:73:5a:38:05:c4:d9:bf:d1:d7:82:
9b:96:92:53:33:b8:78:8b:b7:a3:b6:a0:a0:16:d7:
36:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B0:32:13:3C:DB:16:47:E7:AB:94:E7:1B:E7:6C:06:D2:66:51:22
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a3:02:d2:83:dd:14:23:c8:ba:96:dc:00:ae:ef:88:e8:66:3e:
23:a7:36:d0:9e:b4:ad:a0:e6:bd:18:27:22:98:5d:8b:cc:75:
1a:9f:86:65:69:fd:36:b3:d4:b5:3b:a3:2a:69:76:28:46:d8:
45:dc:c5:b5:9c:0f:7a:53:81:8f:42:69:e5:60:e6:90:a4:1c:
83:1e:3b:a2:54:86:8d:0c:81:46:4c:db:4f:1c:6e:cd:00:0f:
3a:3c:ee:e9:b9:7f:04:6a:da:dd:97:6c:20:36:36:03:92:1f:
ea:84:85:b3:fc:4b:ad:7d:cc:ab:43:37:dc:0b:e1:f8:fb:a5:
58:05:ec:ce:cc:bb:b6:03:7d:ec:a8:19:55:e1:7e:c4:39:6c:
46:bd:1e:0f:0d:8a:72:e1:13:28:79:18:ac:be:aa:f0:98:dd:
d8:7c:58:ea:d1:7a:92:99:3f:01:8f:bb:43:5f:0d:c2:4f:b9:
45:85:a9:fb:bc:cd:2c:f5:ee:e9:af:a1:4b:f5:4a:d7:04:72:
ac:ac:db:04:a1:62:9d:b9:0f:4f:54:ce:2d:98:9a:22:32:46:
13:5d:44:7e:8a:f3:44:ae:8c:78:3a:b4:b8:bf:54:00:d1:20:
4d:bf:f4:48:8d:21:00:f0:bb:1f:96:d1:1e:ca:ed:17:82:d2:
96:98:a3:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIw6OPZ26cUmH2NtaOE9kFYZUehEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMzVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhYThiZWM0ZjVhMDBhNDA1MDE1OWE0N2RmMTRkODMxMmY4NjRjZWU3NzM1
NDRmMjEzMWM2Y2NkZWZlZDM3ZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJB36qGeGZ0lc4sQQymUpN8vcn1dIKhVSElNGnuFbxdKo5jtZcAhwxVOeZwr
QZs62dIiUinp3RRNo7ogIQHHJmhNnt8BR8aSC/0Lo2Nt5RjEOLwzhSluNcpAZ/Nt
OoYyfVxz5Z3/UXZO1QKvE65LH8LRZFxpEEudcNjIVj+e5Fe/oa59w2r4TjJujm75
U5XSee64cSGuKBJYm5lQAL2Ni1jyUY3GjtgJRrDf8+2rKbIXVXml2MxBNHPwsDIF
+21DY/SRzn236MjzYhKJ+Lu+aqb1d15tDVRd7gRDGjAkkEJKcywP//FzWjgFxNm/
0deCm5aSUzO4eIu3o7agoBbXNrkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXsDIT
PNsWR+erlOcb52wG0mZRIjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQCjAtKD3RQjyLqW3ACu74joZj4jpzbQnrStoOa9GCci
mF2LzHUan4Zlaf02s9S1O6MqaXYoRthF3MW1nA96U4GPQmnlYOaQpByDHjuiVIaN
DIFGTNtPHG7NAA86PO7puX8Eatrdl2wgNjYDkh/qhIWz/EutfcyrQzfcC+H4+6VY
BezOzLu2A33sqBlV4X7EOWxGvR4PDYpy4RMoeRisvqrwmN3YfFjq0XqSmT8Bj7tD
Xw3CT7lFhan7vM0s9e7pr6FL9UrXBHKsrNsEoWKduQ9PVM4tmJoiMkYTXUR+ivNE
rox4OrS4v1QA0SBNv/RIjSEA8LsfltEeyu0XgtKWmKOV
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:26 2025 by rpki-client