Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
File: 67568c6a-cd1a-4586-a397-580b374dbdb0.roa (raw, json)
Hash identifier: Lb0qLJ6cYowjGr35FvVY0RrxRSWMJNgnSYdoL/iDgDY=
Subject key identifier: DD:22:F7:B6:41:BC:D5:D4:D8:87:20:34:D5:51:07:9B:EC:9F:E0:BF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55F00D75ADD9C23BBCBBA18ECBCC04673A0BA0BF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
Signing time: Fri 25 Apr 2025 20:40:35 +0000
ROA not before: Fri 25 Apr 2025 20:40:35 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:f0:0d:75:ad:d9:c2:3b:bc:bb:a1:8e:cb:cc:04:67:3a:0b:a0:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:35 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=85cabe81f3a0597ef8beedfe2c671e2d5df93f1fb4b8eb82f80d490ac2d0d8d2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fa:d0:c0:c6:93:79:1a:ca:c0:52:9e:6d:92:
c2:b4:93:7a:46:e7:59:b4:ee:05:f1:99:19:5e:81:
16:3f:ab:e9:66:f4:4d:8c:dc:60:67:48:e6:90:db:
f0:00:25:23:dd:6b:49:83:86:f7:a8:8f:1b:7b:b8:
42:10:7b:97:d1:94:cd:14:de:dd:c9:c7:49:28:b2:
bd:99:6c:2e:04:d6:03:15:b6:9b:2e:15:f2:46:84:
c4:a4:84:0b:3b:dc:c2:e3:d5:a5:94:1e:e7:4e:ae:
af:dc:18:37:ed:a6:bc:16:ab:aa:2c:ab:43:9f:ef:
eb:6a:b5:77:d3:6a:cd:f4:40:95:33:b8:73:79:7f:
82:fc:91:4e:59:1b:b4:69:4c:ec:7a:fa:f3:16:5e:
81:8c:43:62:fe:32:dd:e9:d9:12:2b:c1:35:27:96:
5c:43:ed:9b:12:27:06:9b:7c:f2:a2:bf:b2:84:5a:
6e:d6:30:e0:73:33:cf:da:ee:ca:27:e0:5b:2d:b5:
85:48:db:e6:da:c5:21:ca:3e:0a:ef:5e:83:51:4c:
9b:9a:2e:20:8f:8c:f2:19:f2:bd:dc:1a:36:61:bb:
0f:29:46:4c:42:de:0b:a9:49:42:8b:73:12:7d:ae:
b9:6c:97:26:06:3b:8f:48:a7:27:e9:55:ec:09:4d:
77:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:22:F7:B6:41:BC:D5:D4:D8:87:20:34:D5:51:07:9B:EC:9F:E0:BF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:12:8e:0b:c4:3b:8a:d4:ad:70:f6:b5:66:ec:f0:8c:88:1d:
3b:af:78:25:9b:58:50:bd:0c:ad:d5:93:c8:41:4a:b5:b5:e7:
c4:5e:d4:11:d4:82:3c:a9:e4:ed:8b:ea:36:9f:37:6a:fb:be:
9c:fd:a9:4f:de:77:54:1c:1e:e6:96:aa:b2:7f:15:9e:00:8d:
e4:00:2b:c9:5e:76:24:0c:17:c0:06:0f:ed:33:ae:f5:98:ae:
d9:7e:ae:9d:2a:5a:a0:45:ea:b8:b0:da:64:99:cd:d5:72:ae:
b0:ac:8c:29:af:d8:6a:ef:2f:98:cd:6f:2a:1f:d4:31:3e:52:
c0:e4:67:f5:d4:bb:e4:b2:10:ad:82:4e:21:a0:e5:95:81:b1:
1f:30:7f:dc:f3:44:7a:28:18:62:e2:b4:a4:1f:88:6e:9e:7c:
df:e9:56:ec:12:56:53:24:38:ac:79:ac:6d:60:87:12:70:df:
6e:29:51:ca:33:be:b8:33:d3:31:23:be:69:55:27:d2:d1:cd:
53:d0:fd:5e:9d:38:0e:5d:52:71:fe:ab:2c:a9:6d:19:54:36:
c1:bc:5a:a1:1e:43:4f:9e:77:09:ac:ae:63:9e:06:c7:55:93:
95:a3:b0:11:e7:54:32:14:53:89:85:c6:b0:77:6b:b7:f2:55:
1f:11:34:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVfANda3Zwju8u6GOy8wEZzoLoL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMzVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1Y2FiZTgxZjNhMDU5N2VmOGJlZWRmZTJjNjcxZTJkNWRmOTNmMWZiNGI4
ZWI4MmY4MGQ0OTBhYzJkMGQ4ZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKP60MDGk3kaysBSnm2SwrSTekbnWbTuBfGZGV6BFj+r6Wb0TYzcYGdI5pDb
8AAlI91rSYOG96iPG3u4QhB7l9GUzRTe3cnHSSiyvZlsLgTWAxW2my4V8kaExKSE
CzvcwuPVpZQe506ur9wYN+2mvBarqiyrQ5/v62q1d9NqzfRAlTO4c3l/gvyRTlkb
tGlM7Hr68xZegYxDYv4y3enZEivBNSeWXEPtmxInBpt88qK/soRabtYw4HMzz9ru
yifgWy21hUjb5trFIco+Cu9eg1FMm5ouII+M8hnyvdwaNmG7DylGTELeC6lJQotz
En2uuWyXJgY7j0inJ+lV7AlNd2sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTdIve2
QbzV1NiHIDTVUQeb7J/gvzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc1NjhjNmEtY2QxYS00NTg2LWEzOTctNTgwYjM3NGRiZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQCREo4LxDuK1K1w9rVm7PCMiB07r3glm1hQvQyt1ZPI
QUq1tefEXtQR1II8qeTti+o2nzdq+76c/alP3ndUHB7mlqqyfxWeAI3kACvJXnYk
DBfABg/tM671mK7Zfq6dKlqgReq4sNpkmc3Vcq6wrIwpr9hq7y+YzW8qH9QxPlLA
5Gf11LvkshCtgk4hoOWVgbEfMH/c80R6KBhi4rSkH4hunnzf6VbsElZTJDiseaxt
YIcScN9uKVHKM764M9MxI75pVSfS0c1T0P1enTgOXVJx/qssqW0ZVDbBvFqhHkNP
nncJrK5jngbHVZOVo7AR51QyFFOJhcawd2u38lUfETQU
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:53:50 2025 by rpki-client