Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
File: 94c2a36e-245b-439a-bf61-04132c5df5a4.roa (raw, json)
Hash identifier: eFnRmzrTn+VUFaZfI7GFWeUBpURREmxLTiUJHbYBP3k=
Subject key identifier: BB:21:91:F8:46:08:7B:2D:B1:62:CA:7D:F9:C0:35:56:0E:5C:7B:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40F51D8A624F0FA5FC8CD632A5BD90CD86AD5ED6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
Signing time: Fri 25 Apr 2025 20:40:17 +0000
ROA not before: Fri 25 Apr 2025 20:40:17 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:f5:1d:8a:62:4f:0f:a5:fc:8c:d6:32:a5:bd:90:cd:86:ad:5e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:17 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=128c36985777612c2114ed9f1dcff1dc59c82f96a0577f73452edeed6ea0f3b1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5d:be:0c:f2:e4:f5:45:b6:0d:34:f8:dd:1f:
f3:81:d2:a4:b5:e5:5b:bd:f1:dd:07:10:3d:1a:54:
ec:4f:ad:05:30:9c:28:e6:da:c5:49:d6:c8:22:43:
2f:5d:17:b3:1e:bd:76:f9:78:a8:d6:29:97:f3:61:
0d:e8:c3:f6:bc:4d:82:c3:b1:ef:4d:2d:4e:22:f8:
cc:01:bc:1d:7b:16:be:f7:b3:86:9b:b7:b5:71:b3:
4c:99:c1:ae:2e:6e:bf:fc:d7:d5:c4:e5:4b:49:9c:
d1:b8:ba:96:82:1e:99:86:3a:b1:ea:e9:0f:f8:57:
ef:15:f5:9a:cc:64:86:48:fc:b3:0f:d3:06:f0:44:
4a:fb:1c:a2:98:fe:0c:c8:7b:d7:7b:8a:45:9c:de:
ed:5c:7e:4c:e0:7f:a4:97:1e:d1:e1:5e:cb:7a:49:
48:7d:3d:0e:d0:c3:15:db:fa:7f:f8:08:7b:78:4b:
aa:77:1d:d7:c1:ab:6b:05:75:45:d6:91:65:00:70:
aa:fe:21:c8:58:61:28:4c:30:34:01:34:88:cf:f6:
12:58:53:15:3a:a0:6f:4c:e1:b7:5e:c8:ad:5c:9f:
89:60:15:9a:75:86:4b:13:a2:d7:ca:94:a6:0a:63:
8c:67:6c:fa:16:63:ce:4d:a5:d8:5a:8b:39:52:37:
58:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:21:91:F8:46:08:7B:2D:B1:62:CA:7D:F9:C0:35:56:0E:5C:7B:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:87:31:a3:90:18:e1:01:7d:6b:43:dd:15:c5:19:83:8f:ca:
2a:e6:4e:5a:12:6e:21:f2:ac:f5:b3:fe:3e:f8:4e:3e:4a:36:
4c:f4:f6:41:f5:21:95:be:56:be:c4:c2:b4:f4:91:2c:f7:41:
99:da:34:be:06:48:b5:5d:4f:0c:7e:ef:55:32:db:72:88:11:
b7:b1:1a:7f:02:d3:f2:be:62:80:78:f5:f7:e9:8f:2c:5f:d1:
7d:67:a0:5f:64:a1:1a:27:5a:0c:9d:43:35:81:4a:48:39:32:
b5:f7:4a:90:10:ba:e3:51:17:af:2b:ed:af:8c:36:4b:e9:bf:
e9:81:a9:a0:d3:74:52:4c:ca:15:b0:72:00:9a:68:7a:a0:72:
fc:0c:7c:2f:4b:46:84:b3:0d:c1:06:51:82:20:3d:b7:32:df:
d7:d1:43:04:e5:9b:78:cc:72:8f:99:b6:c5:31:c9:e0:5e:7e:
b8:50:4e:62:09:b0:06:df:8f:05:12:f6:54:0a:b6:90:86:5c:
78:e9:90:2d:44:05:ca:67:e5:8f:09:6b:06:cb:82:1a:e9:d6:
39:b4:4e:94:17:af:0a:99:49:28:2e:32:58:ca:1b:5e:43:03:
1f:c7:77:ac:27:c4:ac:d0:15:ea:d5:95:04:00:a3:00:09:2b:
8f:9a:80:65
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQPUdimJPD6X8jNYypb2QzYatXtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyOGMzNjk4NTc3NzYxMmMyMTE0ZWQ5ZjFkY2ZmMWRjNTljODJmOTZhMDU3
N2Y3MzQ1MmVkZWVkNmVhMGYzYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPVdvgzy5PVFtg00+N0f84HSpLXlW73x3QcQPRpU7E+tBTCcKObaxUnWyCJD
L10Xsx69dvl4qNYpl/NhDejD9rxNgsOx700tTiL4zAG8HXsWvvezhpu3tXGzTJnB
ri5uv/zX1cTlS0mc0bi6loIemYY6serpD/hX7xX1msxkhkj8sw/TBvBESvscopj+
DMh713uKRZze7Vx+TOB/pJce0eFey3pJSH09DtDDFdv6f/gIe3hLqncd18GrawV1
RdaRZQBwqv4hyFhhKEwwNAE0iM/2ElhTFTqgb0zht17IrVyfiWAVmnWGSxOi18qU
pgpjjGds+hZjzk2l2FqLOVI3WNECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS7IZH4
Rgh7LbFiyn35wDVWDlx7DjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTRjMmEzNmUtMjQ1Yi00MzlhLWJmNjEtMDQxMzJjNWRmNWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G
CSqGSIb3DQEBCwUAA4IBAQAFhzGjkBjhAX1rQ90VxRmDj8oq5k5aEm4h8qz1s/4+
+E4+SjZM9PZB9SGVvla+xMK09JEs90GZ2jS+Bki1XU8Mfu9VMttyiBG3sRp/AtPy
vmKAePX36Y8sX9F9Z6BfZKEaJ1oMnUM1gUpIOTK190qQELrjURevK+2vjDZL6b/p
gamg03RSTMoVsHIAmmh6oHL8DHwvS0aEsw3BBlGCID23Mt/X0UME5Zt4zHKPmbbF
McngXn64UE5iCbAG348FEvZUCraQhlx46ZAtRAXKZ+WPCWsGy4Ia6dY5tE6UF68K
mUkoLjJYyhteQwMfx3esJ8Ss0BXq1ZUEAKMACSuPmoBl
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:50:27 2025 by rpki-client