Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json)
Hash identifier: FpnzvNaOvxyM6CbSkv0stbUkJt4eSWU/NwbsFA7YdB4=
Subject key identifier: AD:04:19:43:E7:4E:0A:D1:68:51:12:5D:7B:CC:26:B5:29:9D:77:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 567190CEE19F718BB3F7A76E0C682786E390BF3B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
Signing time: Fri 25 Apr 2025 20:30:20 +0000
ROA not before: Fri 25 Apr 2025 20:30:20 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:71:90:ce:e1:9f:71:8b:b3:f7:a7:6e:0c:68:27:86:e3:90:bf:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:20 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f35f5979482eacd2181e9c2167b41c8e9982d5da887a3d5a1de4251ea1cff5b6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1b:a1:b4:03:65:79:a3:fc:b8:a6:1a:9d:1e:
f1:b2:03:2b:df:57:e8:f9:87:42:ec:4b:b0:2e:f6:
26:7c:a7:e0:9f:0e:8a:b1:f2:46:f9:38:8e:dc:66:
e7:1f:c3:1a:73:83:cc:b5:c5:9b:8b:46:5f:2f:a9:
cf:72:12:a6:10:55:d8:c7:49:13:11:34:69:d9:f4:
07:1f:5a:2d:5f:ce:5b:8a:d8:ec:1b:71:5b:c4:e8:
05:c1:84:e5:3c:1e:8e:22:d5:35:c3:e2:6e:e2:5a:
ca:18:8e:61:95:62:ba:ef:0f:fc:ec:3f:51:0d:89:
8a:aa:79:28:34:e8:6a:29:6d:7c:a7:b9:80:96:3f:
80:ef:4a:cf:85:7e:ad:c1:c1:b1:af:5b:a9:07:3b:
13:7e:35:ee:a5:b9:6f:b7:ba:1c:71:9c:eb:d8:96:
cd:d3:e7:a8:3e:58:63:9b:17:c1:a1:4f:a0:0d:65:
4e:ba:5f:5c:86:cc:f8:03:e5:87:36:87:d9:f0:c9:
af:39:c1:1f:5b:f1:6e:4b:64:33:7a:b6:da:00:ba:
61:40:05:86:55:56:f5:5a:66:d6:3b:f9:af:96:fb:
3d:24:e8:10:55:69:3f:7b:ce:54:e4:03:e9:4f:31:
92:58:4c:a2:cb:8f:c8:c6:0e:da:f4:f3:32:09:09:
2b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:04:19:43:E7:4E:0A:D1:68:51:12:5D:7B:CC:26:B5:29:9D:77:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c1:6f:c4:d6:58:79:4f:fd:53:82:bb:6e:79:0e:63:1e:8d:58:
56:0c:25:6c:20:4d:63:e8:08:59:00:61:dd:c3:91:19:04:10:
de:8c:f3:b9:f3:7c:b2:35:1d:c4:b8:59:90:81:32:a4:3e:99:
06:3e:ee:8a:ec:83:e8:42:23:a3:3e:e5:1c:43:81:e2:df:3a:
02:c7:35:5a:c2:02:51:ee:4f:8b:15:65:64:2e:f8:e2:af:ab:
f6:57:d8:06:ca:88:07:92:08:3c:66:ef:c8:aa:89:65:7d:f2:
e0:db:01:99:0b:a7:bc:21:09:21:00:ac:cd:f9:32:18:a8:68:
c7:63:19:1e:ff:73:34:28:18:1e:3f:dc:96:f8:02:49:bd:14:
92:ba:a0:a7:8b:bf:0f:81:de:b8:fa:9c:e8:4c:d4:00:c3:df:
57:d5:92:51:5a:53:dd:3a:8f:a1:24:82:a7:99:76:80:c4:4b:
49:a5:01:25:36:a6:db:81:64:a7:1e:08:93:86:e0:c1:e5:41:
41:7a:0f:16:0b:1a:36:e4:85:13:53:ad:e6:ac:3e:72:4b:f7:
13:b5:80:c0:1b:c5:8d:2f:66:65:e3:77:27:d5:b1:80:89:94:
04:65:19:ae:32:88:7d:96:6e:9f:39:c3:32:94:4d:c2:7e:94:
cd:c0:40:81
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVnGQzuGfcYuz96duDGgnhuOQvzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMjBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNWY1OTc5NDgyZWFjZDIxODFlOWMyMTY3YjQxYzhlOTk4MmQ1ZGE4ODdh
M2Q1YTFkZTQyNTFlYTFjZmY1YjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMbobQDZXmj/LimGp0e8bIDK99X6PmHQuxLsC72Jnyn4J8OirHyRvk4jtxm
5x/DGnODzLXFm4tGXy+pz3ISphBV2MdJExE0adn0Bx9aLV/OW4rY7BtxW8ToBcGE
5TwejiLVNcPibuJayhiOYZViuu8P/Ow/UQ2Jiqp5KDToailtfKe5gJY/gO9Kz4V+
rcHBsa9bqQc7E3417qW5b7e6HHGc69iWzdPnqD5YY5sXwaFPoA1lTrpfXIbM+APl
hzaH2fDJrznBH1vxbktkM3q22gC6YUAFhlVW9Vpm1jv5r5b7PSToEFVpP3vOVOQD
6U8xklhMosuPyMYO2vTzMgkJK3ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBStBBlD
504K0WhREl17zCa1KZ13QTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQDBb8TWWHlP/VOCu255DmMejVhWDCVsIE1j6AhZAGHd
w5EZBBDejPO583yyNR3EuFmQgTKkPpkGPu6K7IPoQiOjPuUcQ4Hi3zoCxzVawgJR
7k+LFWVkLvjir6v2V9gGyogHkgg8Zu/IqollffLg2wGZC6e8IQkhAKzN+TIYqGjH
Yxke/3M0KBgeP9yW+AJJvRSSuqCni78Pgd64+pzoTNQAw99X1ZJRWlPdOo+hJIKn
mXaAxEtJpQElNqbbgWSnHgiThuDB5UFBeg8WCxo25IUTU63mrD5yS/cTtYDAG8WN
L2Zl43cn1bGAiZQEZRmuMoh9lm6fOcMylE3CfpTNwECB
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:05 2025 by rpki-client