Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: OepWYaG7ZI8Mtwp8CCxkrvZfUq6egnK0MY8vOSewPGg=
Subject key identifier: 91:DE:F5:F5:8A:75:75:26:23:60:64:AD:52:BB:94:7B:E4:3F:B4:B8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D76699E21B440A338FBF56ED8F8640C128BA434
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Fri 25 Apr 2025 20:31:33 +0000
ROA not before: Fri 25 Apr 2025 20:31:33 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:76:69:9e:21:b4:40:a3:38:fb:f5:6e:d8:f8:64:0c:12:8b:a4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:33 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3c4be1ac6b04f94eb9f9048e0dca056f104a67a7f1ff65ec64d7ce729b8fb633, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:56:fa:86:5e:b9:7d:3c:4a:06:99:0b:bb:1f:
4e:c3:d4:c5:50:8e:9c:c7:7a:5f:a5:a3:61:fd:06:
ae:64:a8:44:00:37:78:14:8e:a1:96:9b:16:91:4c:
87:68:9f:3e:16:06:b4:f6:19:77:af:36:91:2f:9c:
1a:3b:0d:f6:5e:b6:4c:07:c8:88:cb:89:89:80:93:
33:df:c1:f1:ca:6e:78:e3:bd:3b:15:67:eb:30:17:
8e:e5:d3:a0:62:9d:57:5b:3c:af:61:7f:e5:13:f5:
31:ca:93:e6:4c:46:14:25:df:da:b8:72:d9:87:3e:
b5:79:50:5a:b2:e0:82:66:e8:dc:62:d3:b3:b3:fd:
7b:38:c8:5a:4c:49:f4:e4:18:61:d4:73:b7:84:1d:
81:51:80:e7:34:69:e5:53:62:97:ed:bf:21:0a:38:
79:03:9b:2a:c1:63:8d:63:d8:0a:5d:aa:da:22:a2:
6b:d5:0d:a2:90:0e:20:f1:97:3e:e3:f4:33:a3:db:
f4:20:4b:ef:71:f8:5b:bb:11:5f:23:e5:a2:ff:5b:
8c:de:09:36:e9:a6:1e:1d:76:ce:eb:0e:ed:cc:4b:
81:2c:05:46:ab:d1:33:24:3a:4e:d6:49:b9:d5:b5:
02:af:30:89:8e:13:e8:dc:1e:79:95:39:4d:99:af:
62:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DE:F5:F5:8A:75:75:26:23:60:64:AD:52:BB:94:7B:E4:3F:B4:B8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
9f:62:94:a6:d5:58:35:90:22:a7:33:f9:73:9e:65:8c:19:e6:
16:6e:d7:71:1d:6a:c9:b5:00:5d:f3:fc:9c:6c:0b:61:a5:0a:
f5:84:0d:e8:a9:b1:9c:c4:24:81:5f:83:97:ee:9d:6c:2f:eb:
f8:e1:2b:d2:b6:69:97:21:2d:9c:13:9e:a7:7c:bc:81:c0:5e:
8f:c1:b6:14:d4:59:59:41:fd:6b:57:15:d7:66:b7:9d:67:b0:
31:cf:3f:90:90:48:c9:d9:46:26:09:28:a6:ff:86:e9:3b:20:
66:55:03:6c:97:bf:cb:b9:4d:d7:d2:57:87:9a:93:35:d1:5f:
e0:2f:1a:09:26:a8:53:69:61:3a:c2:02:b0:3d:f3:ea:5c:ad:
7c:d4:12:7f:b4:8f:f7:a2:91:68:dc:fe:27:99:c0:23:f7:78:
e9:1a:9a:8e:ea:ad:c0:df:a3:00:20:92:f6:8b:de:8c:48:35:
f0:af:f1:9d:1b:db:83:30:56:9c:4f:03:b3:33:e8:38:67:44:
21:32:33:3b:61:08:2f:d2:1f:5d:8a:85:07:17:27:00:9b:1c:
54:fb:f9:3f:5d:1a:c0:5b:7c:f9:df:95:73:70:dd:e4:cd:b4:
a1:2d:9f:b8:93:54:9d:01:73:26:69:0e:63:07:03:8b:13:41:
01:3b:c3:f1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXXZpniG0QKM4+/Vu2PhkDBKLpDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMzNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjNGJlMWFjNmIwNGY5NGViOWY5MDQ4ZTBkY2EwNTZmMTA0YTY3YTdmMWZm
NjVlYzY0ZDdjZTcyOWI4ZmI2MzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVW+oZeuX08SgaZC7sfTsPUxVCOnMd6X6WjYf0GrmSoRAA3eBSOoZabFpFM
h2ifPhYGtPYZd682kS+cGjsN9l62TAfIiMuJiYCTM9/B8cpueOO9OxVn6zAXjuXT
oGKdV1s8r2F/5RP1McqT5kxGFCXf2rhy2Yc+tXlQWrLggmbo3GLTs7P9ezjIWkxJ
9OQYYdRzt4QdgVGA5zRp5VNil+2/IQo4eQObKsFjjWPYCl2q2iKia9UNopAOIPGX
PuP0M6Pb9CBL73H4W7sRXyPlov9bjN4JNummHh12zusO7cxLgSwFRqvRMyQ6TtZJ
udW1Aq8wiY4T6NweeZU5TZmvYl0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSR3vX1
inV1JiNgZK1Su5R75D+0uDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAn2KUptVYNZAipzP5c55ljBnmFm7XcR1qybUAXfP8
nGwLYaUK9YQN6KmxnMQkgV+Dl+6dbC/r+OEr0rZplyEtnBOep3y8gcBej8G2FNRZ
WUH9a1cV12a3nWewMc8/kJBIydlGJgkopv+G6TsgZlUDbJe/y7lN19JXh5qTNdFf
4C8aCSaoU2lhOsICsD3z6lytfNQSf7SP96KRaNz+J5nAI/d46RqajuqtwN+jACCS
9ovejEg18K/xnRvbgzBWnE8DszPoOGdEITIzO2EIL9IfXYqFBxcnAJscVPv5P10a
wFt8+d+Vc3Dd5M20oS2fuJNUnQFzJmkOYwcDixNBATvD8Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:48:37 2025 by rpki-client