Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json)
Hash identifier: eNy7CwEAmDz2fDxUFKs6jNWANHuTKZgZua9iM3j7FHA=
Subject key identifier: 43:FF:0E:3D:8F:25:F8:0B:E0:B8:6B:1F:AD:C1:F8:78:D2:2D:B8:BF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6267015A72E58FCA31079636D8FC79D0F0943723
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
Signing time: Fri 25 Apr 2025 20:40:09 +0000
ROA not before: Fri 25 Apr 2025 20:40:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:67:01:5a:72:e5:8f:ca:31:07:96:36:d8:fc:79:d0:f0:94:37:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=dcb6cae1e511161b5db29bb0bc698546b98562f1659cbaed464e4008c6179e27, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:59:4f:d2:ab:51:97:a4:ef:a4:25:98:1f:e7:
56:a4:44:37:24:13:06:34:32:ca:e1:30:ef:6e:79:
82:77:ce:68:c2:70:23:88:56:bb:df:58:52:f0:69:
1f:33:c8:b0:90:56:de:37:0b:ef:64:42:0a:9c:bc:
10:7b:90:7d:1d:32:11:67:26:a6:1e:71:6b:27:d2:
e2:de:4a:e4:89:7c:a1:ef:be:ef:64:14:31:65:a8:
a4:bd:e2:55:7c:4a:67:e0:7e:2a:7e:1d:f5:a0:85:
92:5b:ef:e2:0b:26:c0:eb:e3:a2:ef:93:50:39:fc:
1a:fe:eb:d7:7c:6f:10:e2:28:5d:91:cf:45:0c:df:
fa:7a:39:20:f4:b3:d5:24:ba:f4:d1:97:9a:db:09:
da:50:65:f7:e5:0e:d6:fe:a1:1e:5a:79:de:e3:da:
72:34:4a:8d:ee:e3:11:ae:c4:38:ad:b4:19:43:8b:
01:1a:b5:85:00:41:87:78:e3:85:4c:31:df:fc:b0:
e4:a8:e9:8d:39:f7:09:7e:36:7d:ed:8c:46:65:a7:
7f:7c:9a:ea:42:af:f5:fb:f6:e6:4e:57:ea:62:e5:
1a:91:bd:24:01:e4:56:f1:3d:42:ea:f9:1f:ae:13:
e2:e2:30:2e:89:8a:87:31:0c:8a:a6:53:3f:02:bd:
33:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FF:0E:3D:8F:25:F8:0B:E0:B8:6B:1F:AD:C1:F8:78:D2:2D:B8:BF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
88:3c:d1:26:87:e5:6b:4e:05:dd:e0:af:fd:49:68:d2:45:5c:
e8:b0:3d:35:bb:d1:28:d6:44:0f:b2:62:17:4a:d1:c2:a7:51:
66:89:83:83:f4:7a:f1:73:a4:fb:b8:73:c7:5e:18:25:e3:ec:
0b:c4:a9:67:70:03:94:6a:96:eb:1b:9a:22:6f:47:92:51:7c:
7d:8c:c4:03:b1:15:41:b4:f5:7b:54:22:1e:fa:51:2e:0f:cb:
fb:e7:98:ed:ac:8e:3d:8d:e6:a8:b0:31:63:16:51:95:bf:75:
b0:1e:fd:47:2f:5d:ad:7f:64:8b:61:16:8f:ef:ac:a8:f2:41:
e7:b8:34:cc:84:80:09:c5:5c:7b:e0:0e:56:eb:68:d5:d5:85:
0e:03:db:c7:ed:eb:f0:a6:96:ad:78:a6:f4:37:4a:69:68:85:
ec:48:5d:ec:41:82:97:e6:ba:ac:29:43:31:13:1d:56:ff:6c:
a4:aa:23:0e:33:5d:b8:bf:34:86:c6:bc:5a:41:1e:c6:0c:a7:
b1:3c:2f:b9:c3:27:14:b1:4e:1e:c9:7d:f6:74:bc:61:1e:61:
bf:54:ab:2f:23:d8:dc:cd:70:79:19:4b:2c:52:db:91:5c:10:
a2:5a:4b:63:8c:3d:b8:19:fe:68:e6:a5:70:72:83:75:93:c0:
44:db:e8:6e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYmcBWnLlj8oxB5Y22Px50PCUNyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYjZjYWUxZTUxMTE2MWI1ZGIyOWJiMGJjNjk4NTQ2Yjk4NTYyZjE2NTlj
YmFlZDQ2NGU0MDA4YzYxNzllMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9ZT9KrUZek76QlmB/nVqRENyQTBjQyyuEw7255gnfOaMJwI4hWu99YUvBp
HzPIsJBW3jcL72RCCpy8EHuQfR0yEWcmph5xayfS4t5K5Il8oe++72QUMWWopL3i
VXxKZ+B+Kn4d9aCFklvv4gsmwOvjou+TUDn8Gv7r13xvEOIoXZHPRQzf+no5IPSz
1SS69NGXmtsJ2lBl9+UO1v6hHlp53uPacjRKje7jEa7EOK20GUOLARq1hQBBh3jj
hUwx3/yw5KjpjTn3CX42fe2MRmWnf3ya6kKv9fv25k5X6mLlGpG9JAHkVvE9Qur5
H64T4uIwLomKhzEMiqZTPwK9M2MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRD/w49
jyX4C+C4ax+twfh40i24vzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQCIPNEmh+VrTgXd4K/9SWjSRVzosD01u9Eo1kQPsmIX
StHCp1FmiYOD9Hrxc6T7uHPHXhgl4+wLxKlncAOUapbrG5oib0eSUXx9jMQDsRVB
tPV7VCIe+lEuD8v755jtrI49jeaosDFjFlGVv3WwHv1HL12tf2SLYRaP76yo8kHn
uDTMhIAJxVx74A5W62jV1YUOA9vH7evwppateKb0N0ppaIXsSF3sQYKX5rqsKUMx
Ex1W/2ykqiMOM124vzSGxrxaQR7GDKexPC+5wycUsU4eyX32dLxhHmG/VKsvI9jc
zXB5GUssUtuRXBCiWktjjD24Gf5o5qVwcoN1k8BE2+hu
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:43:40 2025 by rpki-client