Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: Sgzz0cDLw3yWjvYQ+nPZJyHv9uAUxDY43JaVMj6XlfY=
Subject key identifier: 68:4A:46:05:A8:09:9F:2D:1C:68:25:35:1B:BC:05:E2:7B:A2:77:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 218D41CCDE44D973F3C30D01D8F68D08CC085893
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Fri 25 Apr 2025 20:40:38 +0000
ROA not before: Fri 25 Apr 2025 20:40:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:8d:41:cc:de:44:d9:73:f3:c3:0d:01:d8:f6:8d:08:cc:08:58:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=bffcd661361a089241be009497829868f4d79547fdaa53e342079f8b17489a3a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0c:a9:b9:cc:71:fb:fb:04:22:17:f0:4c:b7:
2d:91:45:32:9c:17:28:b6:11:0a:89:ea:2e:36:2a:
c8:29:52:ee:4d:72:50:12:99:25:b4:3f:c2:8a:17:
00:1a:1e:03:2d:72:1b:a8:f0:99:63:ad:89:34:e9:
c7:49:67:f3:38:9e:dd:86:be:d4:87:e0:c7:0d:39:
db:6c:fe:b8:b7:c3:ec:cb:e3:4d:01:51:d2:c7:0f:
4c:13:5e:a6:f5:c5:15:cc:b3:45:bb:3f:cc:ec:5e:
18:4f:6b:da:69:9b:9a:0c:d8:0d:3a:2e:35:48:1e:
fe:32:b7:3c:bc:13:22:19:48:3d:e7:ea:43:50:92:
6c:f0:a5:d9:90:c1:e8:77:69:6d:c3:31:bb:d2:43:
9c:50:a5:99:f2:af:ac:04:7c:42:c6:a3:ac:0b:7a:
31:4e:31:4c:71:58:b8:26:6c:4d:dc:ef:00:fa:d6:
a8:c4:65:8c:e5:c7:87:6e:d2:05:d2:2f:d7:83:9b:
4f:3e:d7:52:f2:2a:6d:ff:3a:0a:07:f4:9b:a8:3d:
72:c4:f7:3d:26:78:3d:f9:25:a8:de:34:b0:4d:72:
9e:f6:3d:2c:35:b7:be:51:44:63:4f:d3:18:28:d8:
96:d0:e5:e5:2f:96:db:21:ed:79:e1:8e:1f:71:55:
29:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4A:46:05:A8:09:9F:2D:1C:68:25:35:1B:BC:05:E2:7B:A2:77:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:0d:21:7e:30:62:92:93:cb:08:aa:c4:ed:89:48:3d:3f:b7:
4a:1e:6f:9c:76:de:59:af:c3:41:49:b0:7b:d6:e9:7b:c2:0f:
22:e1:76:f7:e0:9d:02:6a:51:13:11:f2:1f:9d:79:17:cb:c9:
91:82:53:df:e6:c5:c0:ad:c6:fb:83:45:2c:1c:1f:57:ad:24:
ac:76:ab:d6:50:c1:4b:9e:e7:65:56:a8:28:2b:89:f6:72:9e:
c6:47:4b:0b:25:0c:2e:62:06:73:0f:8b:f5:a0:cf:0c:31:48:
69:0d:65:29:98:87:42:d4:6b:4d:6e:6b:70:da:f1:3d:c2:fd:
b2:0e:61:f2:c9:a5:de:6c:c2:42:90:1d:02:2c:94:9d:e3:45:
e1:2e:7a:66:6d:68:7f:77:2d:26:4e:25:72:d3:61:8c:0b:0a:
20:08:87:89:54:eb:b8:66:69:3a:4b:8e:0c:46:46:35:d5:57:
68:26:f6:6d:7c:8c:03:65:61:d5:d9:e9:3d:44:b4:51:36:81:
b7:a2:11:1d:15:7d:3a:29:f9:96:7e:55:3b:cf:e1:c7:69:f0:
02:83:6a:16:05:b9:93:2a:67:e3:74:4f:60:8c:00:d7:c6:06:
76:c2:e9:2b:6b:fb:03:be:0f:56:27:22:bf:e7:ca:84:e5:33:
09:60:f0:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIY1BzN5E2XPzww0B2PaNCMwIWJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmZmNkNjYxMzYxYTA4OTI0MWJlMDA5NDk3ODI5ODY4ZjRkNzk1NDdmZGFh
NTNlMzQyMDc5ZjhiMTc0ODlhM2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQMqbnMcfv7BCIX8Ey3LZFFMpwXKLYRConqLjYqyClS7k1yUBKZJbQ/wooX
ABoeAy1yG6jwmWOtiTTpx0ln8zie3Ya+1Ifgxw0522z+uLfD7MvjTQFR0scPTBNe
pvXFFcyzRbs/zOxeGE9r2mmbmgzYDTouNUge/jK3PLwTIhlIPefqQ1CSbPCl2ZDB
6HdpbcMxu9JDnFClmfKvrAR8QsajrAt6MU4xTHFYuCZsTdzvAPrWqMRljOXHh27S
BdIv14ObTz7XUvIqbf86Cgf0m6g9csT3PSZ4PfklqN40sE1ynvY9LDW3vlFEY0/T
GCjYltDl5S+W2yHteeGOH3FVKSkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRoSkYF
qAmfLRxoJTUbvAXie6J3hTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQAhDSF+MGKSk8sIqsTtiUg9P7dKHm+cdt5Zr8NBSbB7
1ul7wg8i4Xb34J0CalETEfIfnXkXy8mRglPf5sXArcb7g0UsHB9XrSSsdqvWUMFL
nudlVqgoK4n2cp7GR0sLJQwuYgZzD4v1oM8MMUhpDWUpmIdC1GtNbmtw2vE9wv2y
DmHyyaXebMJCkB0CLJSd40XhLnpmbWh/dy0mTiVy02GMCwogCIeJVOu4Zmk6S44M
RkY11VdoJvZtfIwDZWHV2ek9RLRRNoG3ohEdFX06KfmWflU7z+HHafACg2oWBbmT
KmfjdE9gjADXxgZ2wukra/sDvg9WJyK/58qE5TMJYPBV
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:56 2025 by rpki-client