Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json)
Hash identifier: /JXWh/zuC/Yc2c3EKMoH5GkW1jzggbTc0PNaTSKtynM=
Subject key identifier: 94:FE:3B:C2:3B:30:82:0B:0C:2E:D8:B2:A5:13:16:D4:76:B2:95:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C1842AEA5D7F015988E1FB26F682244C57537EC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
Signing time: Fri 25 Apr 2025 20:40:22 +0000
ROA not before: Fri 25 Apr 2025 20:40:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:18:42:ae:a5:d7:f0:15:98:8e:1f:b2:6f:68:22:44:c5:75:37:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=da2ac2ee225223ecc7b9066302cc9163bd04f13436977375935e6afeadacbb84, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4f:1d:73:60:80:74:38:14:89:61:a5:11:ad:
32:ef:de:28:ef:55:18:e6:cc:7d:68:0c:72:c3:d3:
c3:1f:75:d1:eb:3d:4f:ee:f0:45:ec:3c:06:a5:3c:
4a:3d:83:f9:b9:ae:79:10:24:30:ec:f3:da:3c:5e:
4e:f8:e1:71:64:cf:98:52:39:8a:50:c5:dd:ce:74:
e3:bf:8b:31:fa:72:ec:e4:0f:e2:89:03:8b:7c:5b:
db:94:2c:f8:01:5f:22:2d:cb:c6:74:7f:b2:ac:50:
48:d9:d1:ae:c1:b3:bb:57:aa:2d:33:b4:63:74:8a:
29:ff:15:4d:ba:95:96:79:e8:79:2e:03:c8:19:cb:
6b:f3:08:fd:4f:4e:fb:b5:27:d0:f2:7a:4f:95:cb:
1f:19:9b:bc:f1:d0:2c:8f:0e:33:1e:f9:0c:ab:93:
6c:3d:59:c2:97:61:19:f5:ed:41:6e:55:20:39:5a:
95:f3:4e:6e:5c:04:a8:86:09:37:57:dc:cc:1b:cb:
fd:8f:d2:0b:54:a2:96:1a:de:5b:8b:41:f0:35:7d:
14:c8:aa:9a:e5:7c:11:b8:5b:81:38:0f:99:50:09:
ec:ec:02:42:50:b7:db:c7:14:0f:4c:9d:25:c2:d2:
aa:55:85:13:4f:23:dc:9b:4b:aa:80:be:68:eb:b0:
1a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:FE:3B:C2:3B:30:82:0B:0C:2E:D8:B2:A5:13:16:D4:76:B2:95:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d3:1c:e9:e1:a1:e3:e1:ce:32:04:4a:74:9e:ef:ab:ec:22:04:
4f:06:9b:05:42:ff:cf:94:a6:84:7f:05:e9:4f:ed:cc:f8:72:
ec:0f:b0:fe:eb:4b:bf:fe:4c:2b:09:94:c1:a1:33:ef:7b:3b:
08:91:ac:06:27:67:51:f4:b2:f9:c6:04:63:45:1f:d2:d4:c0:
75:7c:d2:1d:21:63:6b:80:07:e6:d3:f3:b6:8d:4e:92:ef:86:
6a:3a:8c:c0:80:13:d2:14:52:af:b5:44:77:61:cd:86:8c:66:
57:f5:64:b1:a8:98:76:01:04:ab:17:a5:50:d3:ff:11:16:71:
ff:61:f0:d1:c8:91:86:11:2f:4d:60:82:f4:ee:3a:50:69:60:
b6:c7:da:94:43:de:a0:93:be:29:45:1f:aa:5e:54:6a:5c:31:
78:87:8a:00:f0:a3:75:5e:19:69:3f:64:c6:15:9f:cf:59:6e:
81:a2:9f:00:43:cf:8d:5f:1b:26:b4:25:ab:fc:3b:88:7a:e0:
f4:22:62:da:88:6b:c1:71:88:13:72:52:c3:0e:09:c9:0a:08:
ab:cf:83:5f:53:bc:1f:a9:af:d1:cb:7e:e4:56:b2:2b:14:92:
da:e7:2b:63:44:05:07:56:e1:1c:50:9c:cf:8c:d8:4f:13:ed:
06:f8:84:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbBhCrqXX8BWYjh+yb2giRMV1N+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhMmFjMmVlMjI1MjIzZWNjN2I5MDY2MzAyY2M5MTYzYmQwNGYxMzQzNjk3
NzM3NTkzNWU2YWZlYWRhY2JiODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1PHXNggHQ4FIlhpRGtMu/eKO9VGObMfWgMcsPTwx910es9T+7wRew8BqU8
Sj2D+bmueRAkMOzz2jxeTvjhcWTPmFI5ilDF3c5047+LMfpy7OQP4okDi3xb25Qs
+AFfIi3LxnR/sqxQSNnRrsGzu1eqLTO0Y3SKKf8VTbqVlnnoeS4DyBnLa/MI/U9O
+7Un0PJ6T5XLHxmbvPHQLI8OMx75DKuTbD1ZwpdhGfXtQW5VIDlalfNOblwEqIYJ
N1fczBvL/Y/SC1SilhreW4tB8DV9FMiqmuV8EbhbgTgPmVAJ7OwCQlC328cUD0yd
JcLSqlWFE08j3JtLqoC+aOuwGtcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSU/jvC
OzCCCwwu2LKlExbUdrKV2DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQDTHOnhoePhzjIESnSe76vsIgRPBpsFQv/PlKaEfwXp
T+3M+HLsD7D+60u//kwrCZTBoTPvezsIkawGJ2dR9LL5xgRjRR/S1MB1fNIdIWNr
gAfm0/O2jU6S74ZqOozAgBPSFFKvtUR3Yc2GjGZX9WSxqJh2AQSrF6VQ0/8RFnH/
YfDRyJGGES9NYIL07jpQaWC2x9qUQ96gk74pRR+qXlRqXDF4h4oA8KN1XhlpP2TG
FZ/PWW6Bop8AQ8+NXxsmtCWr/DuIeuD0ImLaiGvBcYgTclLDDgnJCgirz4NfU7wf
qa/Ry37kVrIrFJLa5ytjRAUHVuEcUJzPjNhPE+0G+ITF
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:55:40 2025 by rpki-client