Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: FxuyD8P/RhkTxycn2VbesO6FTXcVQehtJBw8fbAH0zw=
Subject key identifier: 82:C4:3C:9A:B4:1A:99:7B:DE:71:6F:24:CF:72:28:E9:2B:EA:EC:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27DC095AF662F5D8EDDE52EE4B469433870FFB95
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Fri 25 Apr 2025 20:30:23 +0000
ROA not before: Fri 25 Apr 2025 20:30:23 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:dc:09:5a:f6:62:f5:d8:ed:de:52:ee:4b:46:94:33:87:0f:fb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:23 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1cc2e7f6400732f22bbc100dab8b610bfe88f87542bc069907a54c6be1c89c08, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d6:ef:6a:c5:96:e1:78:a9:b8:49:8a:95:e9:
2c:a2:24:0e:d7:d5:15:04:cd:25:ad:1e:e7:4b:31:
9c:bd:a6:5d:70:b8:a6:fb:43:d1:46:15:bc:bb:fc:
f9:d9:f1:e8:39:6a:24:7a:a6:8e:48:fb:b6:ce:52:
eb:f6:0d:fd:5a:1c:95:26:c2:a6:c2:e7:87:6b:0f:
77:61:8c:27:f8:39:97:51:f7:8d:c4:d9:4c:45:98:
24:70:c2:ed:03:42:c8:51:9f:fd:b0:a1:d6:cb:cd:
11:2e:02:67:ac:b2:41:f9:bf:fd:e2:a6:ab:78:4e:
14:89:d6:32:e9:52:d6:0b:76:6b:a7:94:41:d8:98:
80:9d:8e:5b:05:e1:44:d2:58:cc:6e:38:9b:2c:57:
8b:da:10:0b:80:7a:53:e5:15:d2:6a:05:14:8f:34:
73:44:61:40:cc:c2:90:ad:c6:4a:39:4f:9f:e7:ba:
c9:0b:ee:da:92:77:53:78:28:c7:f9:93:4e:1e:15:
bc:f8:04:5e:62:91:41:08:1f:62:3f:b6:99:b0:5a:
1e:89:22:10:78:e2:b8:bd:9e:bb:3d:ac:b7:e7:e2:
43:46:9e:fc:75:1a:8f:91:e7:d4:c4:e0:a3:03:10:
ba:39:52:4c:8c:8f:88:df:56:b3:60:46:04:7f:c7:
f3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C4:3C:9A:B4:1A:99:7B:DE:71:6F:24:CF:72:28:E9:2B:EA:EC:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
93:8c:df:71:39:ca:7c:74:4e:f7:c1:84:cc:c6:ed:2c:83:5a:
c9:1a:56:da:45:a8:1f:8e:f8:e3:a6:8d:16:a4:b1:28:a5:e7:
0b:60:dd:9c:42:15:02:7d:9b:f9:de:2d:92:f2:a0:35:f5:6d:
bc:e6:a3:b8:21:76:51:b5:93:cb:8f:46:13:2e:1f:ee:d5:56:
99:13:90:d0:c6:48:1e:80:53:d8:60:26:2c:c2:51:2f:69:6d:
40:91:e1:e9:5f:a9:2e:5b:86:bd:49:09:25:2d:da:ee:0c:80:
80:ed:33:38:56:b1:a3:33:3f:8e:e1:91:d2:41:a4:10:0c:ec:
0a:10:38:5b:59:b7:7e:48:b8:5f:8d:d8:ed:35:36:f5:df:18:
3d:0e:ac:99:d6:32:94:52:44:d4:f3:d6:ba:82:98:f5:6d:3e:
61:ff:51:04:30:58:db:90:ff:17:63:29:19:d2:2b:58:b9:d3:
b5:81:9a:67:d4:10:42:08:30:80:2a:b9:a8:62:12:4d:d5:83:
15:ce:d5:08:ec:65:17:76:98:08:8d:00:07:f2:ad:72:15:8d:
a8:fd:23:0e:35:12:b4:a1:5f:84:e5:6a:9f:9e:15:a0:96:5b:
e7:32:c6:c0:7c:e1:47:1c:89:f9:62:db:67:0b:d4:30:a0:4f:
3e:89:1c:a1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ9wJWvZi9djt3lLuS0aUM4cP+5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMjNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjYzJlN2Y2NDAwNzMyZjIyYmJjMTAwZGFiOGI2MTBiZmU4OGY4NzU0MmJj
MDY5OTA3YTU0YzZiZTFjODljMDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJHW72rFluF4qbhJipXpLKIkDtfVFQTNJa0e50sxnL2mXXC4pvtD0UYVvLv8
+dnx6DlqJHqmjkj7ts5S6/YN/VoclSbCpsLnh2sPd2GMJ/g5l1H3jcTZTEWYJHDC
7QNCyFGf/bCh1svNES4CZ6yyQfm//eKmq3hOFInWMulS1gt2a6eUQdiYgJ2OWwXh
RNJYzG44myxXi9oQC4B6U+UV0moFFI80c0RhQMzCkK3GSjlPn+e6yQvu2pJ3U3go
x/mTTh4VvPgEXmKRQQgfYj+2mbBaHokiEHjiuL2euz2st+fiQ0ae/HUaj5Hn1MTg
owMQujlSTIyPiN9Ws2BGBH/H88UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSCxDya
tBqZe95xbyTPcijpK+rsDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQCTjN9xOcp8dE73wYTMxu0sg1rJGlbaRagfjvjjpo0W
pLEopecLYN2cQhUCfZv53i2S8qA19W285qO4IXZRtZPLj0YTLh/u1VaZE5DQxkge
gFPYYCYswlEvaW1AkeHpX6kuW4a9SQklLdruDICA7TM4VrGjMz+O4ZHSQaQQDOwK
EDhbWbd+SLhfjdjtNTb13xg9DqyZ1jKUUkTU89a6gpj1bT5h/1EEMFjbkP8XYykZ
0itYudO1gZpn1BBCCDCAKrmoYhJN1YMVztUI7GUXdpgIjQAH8q1yFY2o/SMONRK0
oV+E5WqfnhWgllvnMsbAfOFHHIn5YttnC9QwoE8+iRyh
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:50:39 2025 by rpki-client