Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: ULr/hyAfEulXM/mLplWqqifCCON+JwdCDh85v4UZksM=
Subject key identifier: C1:4D:EC:A7:68:D9:A0:23:E0:86:7E:BC:C4:0D:6B:01:8A:81:44:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34F8A5C4D2DBE9173ECA7EBC0F62B451B2F362A4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Fri 25 Apr 2025 20:30:17 +0000
ROA not before: Fri 25 Apr 2025 20:30:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:f8:a5:c4:d2:db:e9:17:3e:ca:7e:bc:0f:62:b4:51:b2:f3:62:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=048ac724447e4e11e3185c1cc519e5b4a285d27e338415f1f6f4eebcd0fe1239, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ab:3f:50:96:52:26:1b:bb:1e:bf:5f:a1:b8:
40:89:ad:d6:52:32:93:9f:4e:9b:37:f8:8d:4b:05:
98:01:55:b1:b5:63:2b:15:e5:de:40:f7:d4:83:47:
d4:1c:fd:bf:1f:44:60:82:46:6c:c1:d8:db:07:05:
84:32:5a:46:b0:83:03:b6:1e:7a:27:55:ef:8d:6e:
f6:eb:79:c4:c9:83:8b:e9:05:32:b7:cb:ae:d0:88:
57:6b:fd:63:06:39:33:cf:3c:81:d3:78:f0:1c:4c:
21:ac:63:02:64:6e:ed:0c:a6:cc:07:65:4d:49:3f:
43:58:3a:15:4a:ef:07:cc:c3:2d:6a:a6:f3:c6:01:
d4:d8:c4:61:9a:8e:4c:98:4d:27:70:e2:cf:c3:dc:
78:f8:4d:ea:26:4f:a5:21:cd:a1:50:6c:aa:53:48:
64:e5:14:d0:aa:5f:8d:cc:15:ed:60:40:76:c3:e6:
7c:ca:03:a5:e5:59:9e:46:c8:91:83:68:1f:b0:4f:
27:ea:11:52:fd:f6:fe:a6:00:b8:1a:ed:3b:8a:00:
96:bb:5f:45:7d:b0:6f:27:61:44:2e:c9:ed:e3:2a:
be:5d:5c:03:1f:30:44:78:40:e7:6b:31:74:c2:df:
6b:b3:13:92:19:e6:6d:32:ee:b3:cd:7e:64:da:01:
3a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4D:EC:A7:68:D9:A0:23:E0:86:7E:BC:C4:0D:6B:01:8A:81:44:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
51:72:fe:e2:4b:e9:0f:7d:ff:92:03:c7:25:43:cd:a7:c4:69:
63:a8:7e:d3:89:55:2f:72:65:de:a5:6d:2a:58:d5:05:a2:5e:
d9:f9:1f:97:f1:ee:8a:92:99:9b:f5:f3:72:7c:4a:92:d7:8b:
d8:57:33:e1:28:69:6e:77:c6:23:5d:ca:f0:4e:b0:76:42:f9:
0f:78:77:7f:a0:57:b9:12:22:bf:4f:61:c7:07:af:2d:74:cb:
69:eb:3b:ee:3a:0c:c9:9b:be:9a:5d:75:7b:1d:d0:41:c0:51:
48:c4:c7:c1:cd:34:84:22:f6:f2:be:5c:ea:7f:3e:3f:f5:45:
32:4f:f1:f4:b2:65:e8:14:60:e8:39:ba:02:e3:57:aa:a2:bc:
6e:96:4f:a8:3e:35:72:6a:a4:c6:d0:89:0d:f3:08:14:d9:b9:
60:3e:51:fb:45:f4:02:55:fc:8a:aa:4c:e2:8f:b6:ac:14:9e:
38:a2:7f:d6:1b:bc:36:50:d4:f8:02:34:a1:04:e9:3e:e7:94:
c6:11:da:47:e9:cf:e5:6b:d6:38:84:8e:54:84:15:0a:f3:c6:
ff:6d:3e:7d:8a:35:b3:1a:a5:ad:6e:18:04:8a:d4:c9:49:a8:
5e:51:44:da:d7:da:d5:36:55:9e:8b:6d:fc:f0:4c:4b:85:3a:
ea:34:c5:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNPilxNLb6Rc+yn68D2K0UbLzYqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0OGFjNzI0NDQ3ZTRlMTFlMzE4NWMxY2M1MTllNWI0YTI4NWQyN2UzMzg0
MTVmMWY2ZjRlZWJjZDBmZTEyMzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWrP1CWUiYbux6/X6G4QImt1lIyk59Omzf4jUsFmAFVsbVjKxXl3kD31INH
1Bz9vx9EYIJGbMHY2wcFhDJaRrCDA7YeeidV741u9ut5xMmDi+kFMrfLrtCIV2v9
YwY5M888gdN48BxMIaxjAmRu7QymzAdlTUk/Q1g6FUrvB8zDLWqm88YB1NjEYZqO
TJhNJ3Diz8PcePhN6iZPpSHNoVBsqlNIZOUU0KpfjcwV7WBAdsPmfMoDpeVZnkbI
kYNoH7BPJ+oRUv32/qYAuBrtO4oAlrtfRX2wbydhRC7J7eMqvl1cAx8wRHhA52sx
dMLfa7MTkhnmbTLus81+ZNoBOm0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTBTeyn
aNmgI+CGfrzEDWsBioFEnTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQBRcv7iS+kPff+SA8clQ82nxGljqH7TiVUvcmXepW0q
WNUFol7Z+R+X8e6Kkpmb9fNyfEqS14vYVzPhKGlud8YjXcrwTrB2QvkPeHd/oFe5
EiK/T2HHB68tdMtp6zvuOgzJm76aXXV7HdBBwFFIxMfBzTSEIvbyvlzqfz4/9UUy
T/H0smXoFGDoOboC41eqorxulk+oPjVyaqTG0IkN8wgU2blgPlH7RfQCVfyKqkzi
j7asFJ44on/WG7w2UNT4AjShBOk+55TGEdpH6c/la9Y4hI5UhBUK88b/bT59ijWz
GqWtbhgEitTJSaheUUTa19rVNlWei2388ExLhTrqNMW4
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:06:06 2025 by rpki-client