Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: YW6B5ESEOunyAyBRluDTmyqhpJcJM0fl7YHR2DevJoo=
Subject key identifier: CB:11:1F:27:5A:A7:28:7E:55:53:A8:2C:A6:CE:AD:EE:86:E9:92:0B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32337C40A5233CDA95D94C7DF94FCC96A60CC433
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Fri 25 Apr 2025 20:30:14 +0000
ROA not before: Fri 25 Apr 2025 20:30:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:33:7c:40:a5:23:3c:da:95:d9:4c:7d:f9:4f:cc:96:a6:0c:c4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3f76b96ade398ab68c3a32c7b08892704696c0275deff3803407f99cc586e269, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ae:3b:ff:aa:dd:b0:d0:80:0b:19:74:36:f4:
ec:d1:83:19:b1:9c:4e:36:ba:88:b5:0f:1a:5d:c3:
d3:1a:75:d3:87:4d:6c:71:e2:4d:77:b9:53:12:22:
53:f8:87:46:cd:e2:21:d1:f7:3b:b0:9e:30:2b:3c:
d8:48:94:49:3e:dc:b0:ee:d9:45:57:37:43:b1:31:
fe:88:c7:45:7b:4c:fa:59:97:a1:14:cf:1e:0e:ba:
ef:ef:2a:ff:b6:63:cd:3c:fb:88:77:37:cc:b6:10:
40:b6:48:78:87:3f:db:4a:e1:5f:d8:46:cc:3e:91:
12:27:ed:6a:d8:75:96:8c:71:7c:44:26:b5:56:bd:
f2:28:9a:cf:cc:5f:cc:3b:ab:eb:bd:c2:1a:1f:06:
d6:2c:de:04:fb:33:2b:ed:0a:95:39:1b:62:0a:6f:
55:64:97:a1:d0:4a:a2:65:9a:01:af:24:2c:a9:c0:
c8:78:17:12:ce:4d:cf:f0:b2:44:d5:21:7f:a5:31:
bd:5c:ff:b7:cb:cc:85:f7:ab:14:66:47:af:ab:82:
ce:a2:ba:6e:a1:33:36:02:cc:1d:8b:0b:98:66:fb:
6c:ec:12:98:9a:d2:a8:4d:3e:23:a3:0d:87:f7:82:
dc:82:35:7f:2a:3d:8e:93:74:1e:45:1b:a6:c7:38:
6e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:11:1F:27:5A:A7:28:7E:55:53:A8:2C:A6:CE:AD:EE:86:E9:92:0B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:f5:c2:b5:6b:bc:d4:16:ef:da:64:f5:80:8b:2e:8b:d8:53:
96:5d:c4:32:2e:5a:d7:30:9b:c7:0f:d2:f6:7e:fc:32:ff:1f:
23:65:9e:37:c1:ee:a7:78:a7:a3:16:66:a8:2f:1b:60:95:de:
51:74:65:d8:1c:41:db:37:be:15:70:db:8d:97:41:50:56:13:
2f:fb:81:1b:c3:ac:4b:0d:8e:1a:e0:8f:1b:3d:9c:b3:87:c8:
5e:24:52:3c:57:9a:07:79:39:fc:02:35:82:d6:7c:57:c8:ef:
8f:ae:3c:e6:f8:5c:4d:05:b9:ae:89:ca:96:a2:5b:0e:3c:de:
8b:cf:97:4f:93:7c:57:f1:f9:c1:8c:18:57:e4:1b:23:49:06:
44:12:ea:9c:bb:5d:e7:38:da:9a:b8:c8:55:c2:fb:0f:5f:df:
2f:5b:f2:05:f7:c9:a5:3f:28:1f:a1:6a:79:07:fd:9f:3e:99:
be:6f:c7:fc:77:fd:5c:58:47:1b:ac:05:94:56:b5:4e:6d:dd:
d0:96:8c:a4:89:04:a6:c3:b2:0e:47:c6:ee:f7:e7:a7:7d:65:
72:3c:d0:7b:78:f3:c7:ae:d3:a3:4b:84:ad:37:c7:46:cc:c1:
3d:8c:75:3d:61:f7:0e:a1:c4:68:f5:64:45:ff:a1:4a:8f:de:
00:a3:71:b2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMjN8QKUjPNqV2Ux9+U/MlqYMxDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmNzZiOTZhZGUzOThhYjY4YzNhMzJjN2IwODg5MjcwNDY5NmMwMjc1ZGVm
ZjM4MDM0MDdmOTljYzU4NmUyNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSuO/+q3bDQgAsZdDb07NGDGbGcTja6iLUPGl3D0xp104dNbHHiTXe5UxIi
U/iHRs3iIdH3O7CeMCs82EiUST7csO7ZRVc3Q7Ex/ojHRXtM+lmXoRTPHg667+8q
/7ZjzTz7iHc3zLYQQLZIeIc/20rhX9hGzD6REiftath1loxxfEQmtVa98iiaz8xf
zDur673CGh8G1izeBPszK+0KlTkbYgpvVWSXodBKomWaAa8kLKnAyHgXEs5Nz/Cy
RNUhf6UxvVz/t8vMhferFGZHr6uCzqK6bqEzNgLMHYsLmGb7bOwSmJrSqE0+I6MN
h/eC3II1fyo9jpN0HkUbpsc4bmMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTLER8n
WqcoflVTqCymzq3uhumSCzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ9cK1a7zUFu/aZPWAiy6L2FOWXcQyLlrXMJvHD9L2
fvwy/x8jZZ43we6neKejFmaoLxtgld5RdGXYHEHbN74VcNuNl0FQVhMv+4Ebw6xL
DY4a4I8bPZyzh8heJFI8V5oHeTn8AjWC1nxXyO+Prjzm+FxNBbmuicqWolsOPN6L
z5dPk3xX8fnBjBhX5BsjSQZEEuqcu13nONqauMhVwvsPX98vW/IF98mlPygfoWp5
B/2fPpm+b8f8d/1cWEcbrAWUVrVObd3QloykiQSmw7IOR8bu9+enfWVyPNB7ePPH
rtOjS4StN8dGzME9jHU9YfcOocRo9WRF/6FKj94Ao3Gy
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:37:55 2025 by rpki-client