Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: c8k+oFzpqR+2ge/qAys49dBQeiTYtKYyeN4v6uJMOA0=
Subject key identifier: 8B:D1:04:F5:E5:0C:1F:31:5F:E3:6D:8B:8B:CC:AD:6B:69:DF:BE:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D552DD5AFFA865E1AF97CFE334CE6E0427BD508
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Fri 25 Apr 2025 20:30:19 +0000
ROA not before: Fri 25 Apr 2025 20:30:19 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:55:2d:d5:af:fa:86:5e:1a:f9:7c:fe:33:4c:e6:e0:42:7b:d5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:19 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=6204e4ce40b7f3b7d66de2c57764a7ba3ff20f0a91355d7761fa15b9bf82e57f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4b:a5:15:57:76:54:a1:9f:57:01:ca:ac:eb:
69:e2:7b:aa:b5:85:56:53:df:c5:c4:7b:a4:95:95:
84:41:36:7c:33:d8:75:99:64:5a:36:5e:dd:a6:c6:
85:15:c1:e2:3d:60:74:49:0f:27:3c:78:cc:31:5f:
cf:df:1b:40:6c:68:fa:fd:24:71:7f:c2:c6:b2:04:
8f:2a:5f:80:bb:a1:22:7d:49:b0:fa:57:41:08:43:
42:d5:17:b1:b7:8e:e6:72:b9:fb:c3:b8:44:c1:48:
cd:11:8c:6e:e6:6a:f1:a0:cd:31:0c:65:19:e1:f1:
5d:48:91:08:bd:08:02:7e:57:7f:83:e2:13:f0:15:
c1:81:d4:a2:db:08:e4:4b:74:1b:76:7e:9c:9c:79:
bd:cd:08:46:db:33:59:83:ac:2f:f2:e8:db:6d:44:
1c:b9:2c:d6:9d:b4:90:c9:8a:c8:a0:4f:25:6c:80:
46:69:18:a2:d8:0d:f6:4a:4b:38:ab:b3:9a:c2:46:
49:5c:b4:2f:c0:48:f3:9f:9a:f5:71:84:77:e1:21:
71:0e:e8:1c:1e:34:37:64:bb:f4:a2:db:d8:e0:3b:
24:2f:be:76:e4:26:4f:3d:9f:64:38:b1:d9:d0:68:
d4:be:1e:5f:4a:d5:9c:f5:a9:a2:9d:43:67:fd:d6:
e0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D1:04:F5:E5:0C:1F:31:5F:E3:6D:8B:8B:CC:AD:6B:69:DF:BE:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d4:3c:6f:bf:0e:34:02:7e:62:18:b1:df:d2:dd:6e:e7:87:34:
e9:38:12:b4:c9:5d:cd:b2:8f:56:b3:fd:69:d5:69:99:e4:fa:
00:04:df:34:84:15:d2:2e:d5:2b:22:0d:9f:9e:e2:59:77:6b:
6e:54:49:92:5f:79:86:e1:9c:52:b2:35:4e:22:da:49:44:b8:
d5:17:61:e0:67:6e:2e:c0:b9:28:1d:56:7a:b0:90:63:b1:9e:
69:f9:1f:10:51:3d:ef:87:bd:f1:ee:b9:ba:68:8b:1e:17:e7:
34:46:04:5d:7e:9d:b3:f6:19:4d:4e:08:f3:f1:3d:63:1e:7c:
0d:02:0b:79:e7:42:f9:32:d0:08:27:67:b7:36:9d:3e:a7:33:
85:b8:8b:80:f2:b8:9a:37:d4:06:a7:26:c4:e9:62:e8:4e:97:
5a:68:2f:4e:2a:04:65:de:b7:f7:f7:64:f0:98:81:13:79:6b:
e9:d3:9a:78:cb:33:a2:6e:1d:08:68:e2:7c:fd:57:60:99:2a:
ae:ae:1c:13:3d:27:c6:86:93:71:fb:de:4c:2a:e9:7d:67:d0:
5b:19:f5:94:20:e7:cf:02:b0:8b:3d:b7:85:d0:1e:e3:3c:7a:
a2:bf:04:c7:ec:db:e5:98:74:5c:f3:7b:f9:34:91:00:97:b3:
0c:ee:96:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfVUt1a/6hl4a+Xz+M0zm4EJ71QgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMDRlNGNlNDBiN2YzYjdkNjZkZTJjNTc3NjRhN2JhM2ZmMjBmMGE5MTM1
NWQ3NzYxZmExNWI5YmY4MmU1N2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9LpRVXdlShn1cByqzraeJ7qrWFVlPfxcR7pJWVhEE2fDPYdZlkWjZe3abG
hRXB4j1gdEkPJzx4zDFfz98bQGxo+v0kcX/CxrIEjypfgLuhIn1JsPpXQQhDQtUX
sbeO5nK5+8O4RMFIzRGMbuZq8aDNMQxlGeHxXUiRCL0IAn5Xf4PiE/AVwYHUotsI
5Et0G3Z+nJx5vc0IRtszWYOsL/Lo221EHLks1p20kMmKyKBPJWyARmkYotgN9kpL
OKuzmsJGSVy0L8BI85+a9XGEd+EhcQ7oHB40N2S79KLb2OA7JC++duQmTz2fZDix
2dBo1L4eX0rVnPWpop1DZ/3W4OsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSL0QT1
5QwfMV/jbYuLzK1rad++XDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDUPG+/DjQCfmIYsd/S3W7nhzTpOBK0yV3Nso9Ws/1p
1WmZ5PoABN80hBXSLtUrIg2fnuJZd2tuVEmSX3mG4ZxSsjVOItpJRLjVF2HgZ24u
wLkoHVZ6sJBjsZ5p+R8QUT3vh73x7rm6aIseF+c0RgRdfp2z9hlNTgjz8T1jHnwN
Agt550L5MtAIJ2e3Np0+pzOFuIuA8riaN9QGpybE6WLoTpdaaC9OKgRl3rf392Tw
mIETeWvp05p4yzOibh0IaOJ8/VdgmSqurhwTPSfGhpNx+95MKul9Z9BbGfWUIOfP
ArCLPbeF0B7jPHqivwTH7NvlmHRc83v5NJEAl7MM7pat
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:14 2025 by rpki-client