Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: zhnRurn+c6/78/R49ZEqMXYpdknPTLzjPL50zSBBqjA=
Subject key identifier: A6:B1:48:0C:3D:C5:A3:D5:34:9D:28:9D:47:12:D9:BE:76:3D:56:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D4459FCFD418A1351B7938D1D3E48A0C5565209
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Fri 25 Apr 2025 20:30:22 +0000
ROA not before: Fri 25 Apr 2025 20:30:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:44:59:fc:fd:41:8a:13:51:b7:93:8d:1d:3e:48:a0:c5:56:52:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8d2884ed2e0a1f53ac24ba60e36ff70877d5c07f33137362a63cd66353d0e297, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:03:5b:e6:52:09:3b:38:f7:67:2e:8e:09:1a:
f4:3b:40:d9:06:14:e0:f7:bd:16:18:0a:ef:1f:bb:
84:9b:b5:5b:e5:fd:8c:72:f4:2b:21:fd:4c:20:b2:
db:a6:af:79:ea:cd:49:53:04:c4:29:39:40:0c:32:
7b:86:a0:46:3d:f9:53:ff:a0:51:7f:73:ac:03:7d:
90:98:b1:3f:9a:46:78:fb:8c:62:0c:f8:4c:6c:f0:
3e:59:5a:78:43:c7:4c:12:2e:8c:24:ea:a4:3b:bc:
af:61:4a:b4:61:c7:d3:a1:f6:ea:45:4c:d3:65:eb:
30:f5:33:e4:5e:4e:6b:dc:91:45:ed:be:b0:bf:a2:
94:09:c8:dd:c7:35:6d:d6:3d:41:2a:77:e1:47:3e:
b2:24:92:ba:83:0f:c9:d1:ec:79:6d:97:7c:f4:e5:
68:f3:16:a9:b9:22:96:a2:c4:04:b4:92:b1:77:7c:
af:7c:06:cd:f6:4e:a5:82:ce:86:9d:af:14:5a:69:
bf:8f:c4:77:20:3e:57:c8:8f:5f:89:c5:8a:7e:1e:
61:56:ca:39:aa:a9:88:48:8c:ef:e3:28:ef:fd:81:
bc:cb:21:f6:16:fd:ed:03:a6:11:57:56:b6:9f:29:
05:ea:4f:36:48:68:34:aa:17:38:64:84:dd:39:bc:
33:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B1:48:0C:3D:C5:A3:D5:34:9D:28:9D:47:12:D9:BE:76:3D:56:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
74:81:cf:91:55:b3:59:f7:23:17:21:fd:d3:12:1f:52:6c:e2:
ed:91:67:fd:c7:03:bd:af:47:79:5a:40:e0:ad:8f:5a:56:e0:
64:0f:27:46:e4:9f:36:0a:20:52:c0:7c:2b:8a:d1:f4:49:aa:
ed:ff:2c:88:92:a3:94:fe:55:ab:26:f7:a2:1d:fb:82:a6:33:
a1:87:78:32:4d:fa:70:af:9e:aa:d6:e1:d4:98:f6:69:f1:7a:
4c:07:de:3d:b8:27:48:1a:49:9b:40:bd:26:4f:29:8c:0a:51:
6e:1e:77:2c:ad:2e:2b:a3:2c:cb:d6:3d:44:3b:38:d8:9f:1b:
e4:05:e0:06:6d:38:fc:a7:b8:a9:e1:45:e8:ee:38:9c:69:76:
d6:56:a3:30:88:25:e4:3b:65:7e:7c:56:1b:57:fb:d5:75:18:
3b:5a:6b:92:e5:57:11:7f:15:e3:e7:78:67:5a:0c:84:37:16:
12:09:58:64:82:a4:81:8a:7b:78:a2:0d:67:23:aa:bf:2e:e8:
ed:8a:a6:6b:23:b3:be:9c:3f:51:15:b3:17:d0:d6:f2:5d:35:
b1:ca:dd:22:46:55:45:2f:3b:3b:a8:c7:80:4a:b8:d0:bd:90:
cd:61:2b:5c:d7:ff:49:c0:e7:6a:45:40:6d:6c:15:d7:f4:fd:
c2:a1:19:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHURZ/P1BihNRt5ONHT5IoMVWUgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkMjg4NGVkMmUwYTFmNTNhYzI0YmE2MGUzNmZmNzA4NzdkNWMwN2YzMzEz
NzM2MmE2M2NkNjYzNTNkMGUyOTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwDW+ZSCTs492cujgka9DtA2QYU4Pe9FhgK7x+7hJu1W+X9jHL0KyH9TCCy
26aveerNSVMExCk5QAwye4agRj35U/+gUX9zrAN9kJixP5pGePuMYgz4TGzwPlla
eEPHTBIujCTqpDu8r2FKtGHH06H26kVM02XrMPUz5F5Oa9yRRe2+sL+ilAnI3cc1
bdY9QSp34Uc+siSSuoMPydHseW2XfPTlaPMWqbkilqLEBLSSsXd8r3wGzfZOpYLO
hp2vFFppv4/EdyA+V8iPX4nFin4eYVbKOaqpiEiM7+Mo7/2BvMsh9hb97QOmEVdW
tp8pBepPNkhoNKoXOGSE3Tm8MxsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSmsUgM
PcWj1TSdKJ1HEtm+dj1WUTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQB0gc+RVbNZ9yMXIf3TEh9SbOLtkWf9xwO9r0d5WkDg
rY9aVuBkDydG5J82CiBSwHwritH0Sart/yyIkqOU/lWrJveiHfuCpjOhh3gyTfpw
r56q1uHUmPZp8XpMB949uCdIGkmbQL0mTymMClFuHncsrS4royzL1j1EOzjYnxvk
BeAGbTj8p7ip4UXo7jicaXbWVqMwiCXkO2V+fFYbV/vVdRg7WmuS5VcRfxXj53hn
WgyENxYSCVhkgqSBint4og1nI6q/LujtiqZrI7O+nD9RFbMX0NbyXTWxyt0iRlVF
Lzs7qMeASrjQvZDNYStc1/9JwOdqRUBtbBXX9P3CoRnd
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:16 2025 by rpki-client