Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
File: 1daf6597-c039-470d-a015-f42507e1afef.roa (raw, json)
Hash identifier: rwNNSzoShZ1U1zY8iUgMDCYv94x21/k2cZHy3dfM1z8=
Subject key identifier: 73:20:13:ED:1C:48:DC:20:12:C1:38:72:3F:CC:40:62:DA:4D:F8:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6956ED1EBCCC50EF70D7C6823BEE1510D6B611DB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
Signing time: Fri 25 Apr 2025 20:30:21 +0000
ROA not before: Fri 25 Apr 2025 20:30:21 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:56:ed:1e:bc:cc:50:ef:70:d7:c6:82:3b:ee:15:10:d6:b6:11:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:21 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=0576d499b6976d1f040bc9d0f4f0aed8bc996c6cc1d6e7bd7f321278c6d3fd55, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a0:0f:73:dc:43:b2:32:b4:92:6b:55:ec:23:
13:88:94:e0:99:d9:df:c2:85:37:ad:1e:0d:7f:fb:
22:18:32:1f:6d:06:ad:46:9f:f7:b6:b8:50:21:c7:
76:83:4f:3c:b2:42:d9:dc:28:3d:40:4f:3b:3a:ed:
13:51:c6:19:f1:70:23:34:e2:30:aa:86:33:46:09:
01:b1:1b:28:8c:68:ff:e6:b2:a4:82:b3:fc:b4:6a:
16:ae:4f:a8:52:c0:9c:af:70:f2:be:83:97:0f:72:
c5:10:6e:61:bd:45:97:d8:f3:ee:14:9c:1d:28:f7:
a9:92:45:36:23:cd:40:d0:5e:48:6c:20:74:43:75:
21:2e:42:cc:98:bb:64:b9:2c:93:2f:e5:c2:4d:14:
af:c4:42:cc:97:0a:c5:36:95:aa:24:37:91:08:bd:
f7:5f:30:fb:69:34:d0:f5:81:ec:ed:0b:97:50:97:
29:28:48:97:d2:c1:0d:f1:4d:01:41:e6:38:f2:bf:
8c:a4:67:de:19:20:b1:41:29:ca:18:ab:31:7f:57:
b4:88:6f:22:ea:08:3b:62:4b:98:3a:2a:21:cd:71:
02:f6:83:06:a4:80:6a:8c:30:d6:0b:23:15:9e:9b:
e7:0b:26:3f:9e:eb:2a:65:13:f8:56:0f:98:24:ea:
7f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:20:13:ED:1C:48:DC:20:12:C1:38:72:3F:CC:40:62:DA:4D:F8:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
15:3a:6e:88:e4:7b:c7:6c:20:aa:19:2d:a1:e6:91:72:50:cf:
75:c8:c0:da:9f:07:43:bd:1e:e1:70:f2:8b:55:a2:42:27:45:
a7:c4:0c:bf:c7:59:ed:a6:7c:fa:d5:68:b1:b4:2a:7a:8f:5d:
89:0e:67:2b:5c:90:49:24:f9:57:0d:ba:77:98:5b:47:74:c8:
1f:24:59:1e:d1:cf:ae:28:e2:ca:e3:c8:d9:4b:25:ea:7b:32:
83:32:e4:79:ad:98:9a:c1:aa:00:82:3b:bf:af:72:d1:36:1c:
ef:43:60:c4:92:5c:65:21:1f:74:fc:3a:21:81:1d:3a:8b:58:
da:51:04:fe:2f:51:d7:34:f0:db:89:49:77:78:0f:51:a6:f3:
0a:45:6b:91:e1:ec:2c:d3:49:1b:95:be:67:70:d4:1f:5f:98:
64:ce:d3:81:07:6f:ae:9f:90:ff:cf:0d:04:d1:56:65:3c:27:
e9:13:be:d9:86:5b:a4:a5:d3:da:e6:fe:1d:d7:27:4d:55:2a:
d2:11:b8:9f:78:6a:47:41:0b:8e:89:d0:77:d3:ca:bd:ba:67:
e3:fb:1c:6d:ae:57:9a:ed:c0:29:d4:06:eb:20:24:b8:63:71:
59:06:93:b5:77:7c:84:22:70:02:e0:1b:d4:08:68:ee:a5:93:
96:bb:7e:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaVbtHrzMUO9w18aCO+4VENa2EdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMjFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1NzZkNDk5YjY5NzZkMWYwNDBiYzlkMGY0ZjBhZWQ4YmM5OTZjNmNjMWQ2
ZTdiZDdmMzIxMjc4YzZkM2ZkNTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALagD3PcQ7IytJJrVewjE4iU4JnZ38KFN60eDX/7IhgyH20GrUaf97a4UCHH
doNPPLJC2dwoPUBPOzrtE1HGGfFwIzTiMKqGM0YJAbEbKIxo/+aypIKz/LRqFq5P
qFLAnK9w8r6Dlw9yxRBuYb1Fl9jz7hScHSj3qZJFNiPNQNBeSGwgdEN1IS5CzJi7
ZLksky/lwk0Ur8RCzJcKxTaVqiQ3kQi9918w+2k00PWB7O0Ll1CXKShIl9LBDfFN
AUHmOPK/jKRn3hkgsUEpyhirMX9XtIhvIuoIO2JLmDoqIc1xAvaDBqSAaoww1gsj
FZ6b5wsmP57rKmUT+FYPmCTqf4ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRzIBPt
HEjcIBLBOHI/zEBi2k34ETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRhZjY1OTctYzAzOS00NzBkLWEwMTUtZjQyNTA3ZTFhZmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQAVOm6I5HvHbCCqGS2h5pFyUM91yMDanwdDvR7hcPKL
VaJCJ0WnxAy/x1ntpnz61WixtCp6j12JDmcrXJBJJPlXDbp3mFtHdMgfJFke0c+u
KOLK48jZSyXqezKDMuR5rZiawaoAgju/r3LRNhzvQ2DEklxlIR90/DohgR06i1ja
UQT+L1HXNPDbiUl3eA9RpvMKRWuR4ews00kblb5ncNQfX5hkztOBB2+un5D/zw0E
0VZlPCfpE77ZhlukpdPa5v4d1ydNVSrSEbifeGpHQQuOidB308q9umfj+xxtrlea
7cAp1AbrICS4Y3FZBpO1d3yEInAC4BvUCGjupZOWu37k
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:53:36 2025 by rpki-client