Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: ziTpsUymjC60zXCmZsQiAliPpiy+0c5q1BEC6fJoirY=
Subject key identifier: 92:3C:81:57:FB:59:25:07:D8:69:40:A5:46:90:DA:B1:D8:35:BD:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 025B1EF0C6CE37D66E7D1C476E3B990CEFD1EEB2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Fri 25 Apr 2025 20:30:06 +0000
ROA not before: Fri 25 Apr 2025 20:30:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:5b:1e:f0:c6:ce:37:d6:6e:7d:1c:47:6e:3b:99:0c:ef:d1:ee:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=91211055f4669891adf96fff9d0336f4fb7947b9f262f431794ebb968fa94eac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:0c:18:6f:42:07:dc:03:20:8f:84:94:46:
1e:c9:1d:2b:05:dd:f7:e4:0a:9e:c2:ca:e2:b1:04:
f3:f3:4a:f7:ab:cd:01:9e:fa:8b:47:4b:ae:b4:ae:
cb:54:73:bb:04:7c:a6:ee:49:33:92:65:f6:c0:26:
b8:b5:1f:aa:25:b1:85:11:a2:75:68:d8:cf:e4:b6:
af:66:d0:8f:aa:80:bf:3f:b5:1a:ae:b8:3f:26:97:
cb:dd:80:fd:6c:72:33:ea:d1:07:93:aa:0a:7d:73:
1c:27:df:ac:3a:1a:b3:04:20:43:16:51:89:b1:af:
f1:91:01:d0:9b:41:31:65:c4:82:7c:40:26:08:3d:
47:9b:a9:1d:e5:40:1c:d4:79:9b:3f:e3:03:ed:f9:
5c:af:61:d2:b6:9b:dd:d3:96:97:67:1b:68:1c:bd:
5e:34:8c:04:e0:5a:7e:c3:01:4a:0e:6e:40:04:41:
e6:25:16:38:0c:99:b6:ad:79:c6:99:bd:03:58:10:
fd:99:df:f1:f6:41:fa:c6:8a:e7:f8:96:ac:20:7b:
90:53:cb:33:19:ef:4b:b7:4e:5f:a4:17:f1:93:eb:
ee:46:36:5d:d7:c4:11:f9:50:08:7d:cd:59:b9:c1:
c3:18:5c:d6:73:a2:01:a1:0d:da:82:58:35:44:c5:
9b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3C:81:57:FB:59:25:07:D8:69:40:A5:46:90:DA:B1:D8:35:BD:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:e3:16:da:76:6e:96:80:06:23:43:e5:12:51:86:34:f8:83:
7a:6e:3c:bd:74:a4:34:bc:5e:f9:62:39:9a:67:fa:80:78:3d:
90:07:06:7a:1a:91:25:f8:b4:d4:da:d0:c9:56:7a:42:2f:3b:
fb:bf:9f:e5:9c:99:60:75:90:16:9c:03:fe:53:48:2b:b9:a0:
08:dd:9d:60:b1:5a:bb:4f:35:2b:09:3d:77:4c:c6:c8:16:59:
95:76:aa:44:a1:05:36:e7:f5:ae:3a:76:1a:0a:10:3b:6f:5d:
d6:b9:e4:ea:a1:e1:a4:74:69:93:6c:5f:00:4d:38:a3:5f:7e:
a9:7c:b8:c7:74:d2:1a:d6:7c:93:02:ad:1c:32:f7:6c:e6:b6:
b2:ba:90:98:f6:4d:48:e9:75:52:a0:11:8f:ec:2d:37:9f:23:
32:77:9b:7e:4c:52:0b:1a:13:8b:a8:42:64:be:c2:69:0f:5e:
81:07:5c:4e:fb:43:a8:8d:7a:86:70:b5:22:79:e1:a3:68:a1:
02:e6:80:7d:0d:0d:49:31:10:1c:ba:67:7b:54:2b:7e:e6:31:
20:68:84:cf:f8:62:b6:38:44:2f:29:3f:1d:98:5b:b0:2c:f7:
02:a4:0d:97:d0:2d:9a:4b:47:1f:c5:91:b4:f4:5a:07:72:50:
df:17:e4:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAlse8MbON9ZufRxHbjuZDO/R7rIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxMjExMDU1ZjQ2Njk4OTFhZGY5NmZmZjlkMDMzNmY0ZmI3OTQ3YjlmMjYy
ZjQzMTc5NGViYjk2OGZhOTRlYWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQtDBhvQgfcAyCPhJRGHskdKwXd9+QKnsLK4rEE8/NK96vNAZ76i0dLrrSu
y1RzuwR8pu5JM5Jl9sAmuLUfqiWxhRGidWjYz+S2r2bQj6qAvz+1Gq64PyaXy92A
/WxyM+rRB5OqCn1zHCffrDoaswQgQxZRibGv8ZEB0JtBMWXEgnxAJgg9R5upHeVA
HNR5mz/jA+35XK9h0rab3dOWl2cbaBy9XjSMBOBafsMBSg5uQARB5iUWOAyZtq15
xpm9A1gQ/Znf8fZB+saK5/iWrCB7kFPLMxnvS7dOX6QX8ZPr7kY2XdfEEflQCH3N
WbnBwxhc1nOiAaEN2oJYNUTFm8cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSSPIFX
+1klB9hpQKVGkNqx2DW9yjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQCX4xbadm6WgAYjQ+USUYY0+IN6bjy9dKQ0vF75Yjma
Z/qAeD2QBwZ6GpEl+LTU2tDJVnpCLzv7v5/lnJlgdZAWnAP+U0gruaAI3Z1gsVq7
TzUrCT13TMbIFlmVdqpEoQU25/WuOnYaChA7b13WueTqoeGkdGmTbF8ATTijX36p
fLjHdNIa1nyTAq0cMvds5rayupCY9k1I6XVSoBGP7C03nyMyd5t+TFILGhOLqEJk
vsJpD16BB1xO+0OojXqGcLUieeGjaKEC5oB9DQ1JMRAcumd7VCt+5jEgaITP+GK2
OEQvKT8dmFuwLPcCpA2X0C2aS0cfxZG09FoHclDfF+Tj
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:50:19 2025 by rpki-client