Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: 7xknvwtEHXyapNWkc2RMFF1eoTcMGWMFZW06H1ZUxTs=
Subject key identifier: 6C:1B:9B:15:8B:50:A7:00:23:7B:0F:5D:21:75:45:F4:41:36:A4:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5670EDFBD65CCCEE30D2B36265E698BE3867D998
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Fri 25 Apr 2025 20:40:41 +0000
ROA not before: Fri 25 Apr 2025 20:40:41 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:70:ed:fb:d6:5c:cc:ee:30:d2:b3:62:65:e6:98:be:38:67:d9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:41 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=e1c3c2224057c2683e2af2ec5e5e2149c60d60b98ef43a66e5ee5c2badd08d8a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e5:78:df:35:19:a4:4b:a1:0a:b7:fd:b9:5c:
1e:f2:75:ed:06:05:a0:31:f6:48:1a:fa:64:2e:b1:
06:a8:5e:6c:54:b4:e4:b7:be:6f:07:40:33:83:53:
e7:f0:63:4f:45:78:7a:a6:57:b5:13:e4:b9:49:23:
6e:c2:bd:3a:af:08:86:90:a8:73:5f:9b:91:55:a0:
bd:8a:c7:7c:fd:f6:26:97:fe:94:25:6c:3a:29:80:
2a:c4:a1:b7:b5:11:4e:bd:dd:fb:5f:9e:60:6b:9c:
77:f6:59:8d:6e:37:2c:41:c7:15:7f:4f:a8:93:7c:
6b:48:68:bd:1f:2a:bd:cd:d9:c2:de:ec:62:85:2a:
51:de:c4:2e:3d:5f:1a:f2:88:c4:24:dc:d4:fa:92:
04:5d:40:95:c7:00:77:0a:e7:4b:b9:19:03:8c:5d:
07:62:2a:77:f9:6b:5e:21:7f:14:12:b4:c0:fe:ec:
fd:a2:55:88:6c:cf:70:9c:29:ba:1b:5d:d3:4d:45:
78:38:8b:9a:ff:2c:bb:ae:f1:47:21:ab:31:b8:40:
36:14:bd:2b:02:59:fc:65:b2:7f:02:58:d8:d1:60:
bc:b8:c8:43:f8:32:27:a8:91:fb:29:6f:d8:ea:fd:
6d:7d:df:f0:a4:87:46:c6:20:56:54:00:c8:c4:44:
08:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1B:9B:15:8B:50:A7:00:23:7B:0F:5D:21:75:45:F4:41:36:A4:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:6e:e3:4e:4a:22:c1:e3:d7:28:34:fa:fa:5d:0a:d2:04:f6:
72:28:c0:8e:3d:4a:87:3b:f4:1c:eb:30:c2:4b:ec:9a:43:8a:
89:5c:af:16:e6:e8:d1:2c:ae:67:4f:40:f4:f5:4f:b2:a4:ba:
39:46:0e:17:69:84:0b:20:f5:dc:36:22:f4:7a:0d:09:50:d6:
61:8c:08:78:7d:82:16:aa:43:d1:75:dc:9a:06:f9:30:ad:ba:
4c:ce:04:e7:f3:f7:9e:ce:8c:3a:9b:a0:bf:09:f5:05:cc:f2:
9a:0b:d1:03:3a:22:ae:75:29:35:39:2c:39:25:e0:4a:63:47:
83:26:19:03:0b:fd:a9:38:f4:79:8c:58:1e:65:70:e5:66:e9:
6d:e0:ad:e6:89:8d:74:09:b4:ac:03:b0:69:a8:93:bd:57:5a:
cc:c7:9d:e9:07:1b:86:4e:b3:00:30:02:45:47:8a:7d:31:27:
80:d1:a3:ee:7f:58:c7:03:d7:60:8e:0c:32:14:e5:06:30:d2:
af:c4:b7:6f:ee:79:c8:d8:80:b1:d6:d6:ed:01:cb:b2:14:d7:
10:3d:77:63:ed:41:db:a9:2a:0c:13:04:92:d1:f1:a6:c7:82:
f4:36:a3:98:3e:df:44:2a:f9:f4:ec:c9:88:e5:a1:a1:ca:eb:
19:f0:03:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVnDt+9ZczO4w0rNiZeaYvjhn2ZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwNDFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYzNjMjIyNDA1N2MyNjgzZTJhZjJlYzVlNWUyMTQ5YzYwZDYwYjk4ZWY0
M2E2NmU1ZWU1YzJiYWRkMDhkOGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDleN81GaRLoQq3/blcHvJ17QYFoDH2SBr6ZC6xBqhebFS05Le+bwdAM4NT
5/BjT0V4eqZXtRPkuUkjbsK9Oq8IhpCoc1+bkVWgvYrHfP32Jpf+lCVsOimAKsSh
t7URTr3d+1+eYGucd/ZZjW43LEHHFX9PqJN8a0hovR8qvc3Zwt7sYoUqUd7ELj1f
GvKIxCTc1PqSBF1AlccAdwrnS7kZA4xdB2Iqd/lrXiF/FBK0wP7s/aJViGzPcJwp
uhtd001FeDiLmv8su67xRyGrMbhANhS9KwJZ/GWyfwJY2NFgvLjIQ/gyJ6iR+ylv
2Or9bX3f8KSHRsYgVlQAyMRECJcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsG5sV
i1CnACN7D10hdUX0QTak1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQAjbuNOSiLB49coNPr6XQrSBPZyKMCOPUqHO/Qc6zDC
S+yaQ4qJXK8W5ujRLK5nT0D09U+ypLo5Rg4XaYQLIPXcNiL0eg0JUNZhjAh4fYIW
qkPRddyaBvkwrbpMzgTn8/eezow6m6C/CfUFzPKaC9EDOiKudSk1OSw5JeBKY0eD
JhkDC/2pOPR5jFgeZXDlZult4K3miY10CbSsA7BpqJO9V1rMx53pBxuGTrMAMAJF
R4p9MSeA0aPuf1jHA9dgjgwyFOUGMNKvxLdv7nnI2ICx1tbtAcuyFNcQPXdj7UHb
qSoMEwSS0fGmx4L0NqOYPt9EKvn07MmI5aGhyusZ8AN3
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:56:35 2025 by rpki-client