Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: tke1FTgugae0z+NxN/Is3VReI1hAb2eAyOJa8uCn4fM=
Subject key identifier: B3:B9:DF:62:56:12:A8:23:2F:96:17:E1:E5:67:A3:B1:E1:F2:98:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2041D62812436984C259C4D61381612164DC91B8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Fri 25 Apr 2025 20:40:10 +0000
ROA not before: Fri 25 Apr 2025 20:40:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:41:d6:28:12:43:69:84:c2:59:c4:d6:13:81:61:21:64:dc:91:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9fcc7f512d4c670f57597ac66a3cb45cf64d266c1819ff993ac0d467aad3b9e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:42:d3:a0:51:a2:21:45:3d:c9:2d:0c:35:c8:
18:64:96:11:3f:7e:74:74:74:41:df:d5:fc:5d:96:
4a:eb:a0:ff:1c:0b:83:9c:69:aa:0d:7a:fb:8c:8f:
dd:7a:26:72:63:5b:7b:ec:2a:2f:33:f6:84:88:d5:
23:45:ca:83:d0:e8:67:e6:5a:61:6b:20:3e:82:65:
1d:de:05:c1:41:c3:d1:ab:39:04:25:8f:4e:ff:15:
d6:03:d4:df:d8:7a:86:71:ab:cd:56:8b:eb:e0:bd:
5a:25:3f:07:41:bb:41:0d:b0:1d:a6:29:84:ba:ae:
12:07:8d:57:e2:07:b3:95:db:79:86:f0:fb:2f:b5:
b6:24:13:86:11:30:9c:c8:68:b0:ad:8c:a6:f8:14:
97:0c:3b:6a:3e:7b:46:f4:2a:22:53:b8:87:ff:48:
a5:8e:c4:5c:c1:73:e8:5f:a5:54:b6:e5:63:e5:f4:
be:07:98:08:cc:05:17:6b:e7:c9:d1:dc:2b:84:a6:
95:42:ee:47:e5:3a:30:56:83:2b:94:8d:d5:02:94:
e6:16:d1:b1:0c:da:b5:57:c0:56:00:b4:19:51:7c:
c3:8a:ea:fe:90:08:2d:94:4b:c1:5d:1c:f9:bc:3d:
39:27:52:1b:40:92:ca:2e:6e:56:6b:e6:d2:9f:ac:
9c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B9:DF:62:56:12:A8:23:2F:96:17:E1:E5:67:A3:B1:E1:F2:98:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bf:47:06:32:41:96:b8:48:06:64:dd:21:85:e1:f5:13:15:94:
bb:ea:31:37:d1:00:35:ba:db:55:b4:93:66:cb:17:66:de:fb:
d6:78:55:54:7a:f9:8b:38:c7:cf:89:cf:9a:15:ee:aa:84:c4:
e7:0b:d4:38:89:2e:ed:0e:01:e2:4b:09:05:90:d9:21:bf:ec:
64:8e:3f:f8:21:a1:14:0d:a7:66:30:4f:0b:59:a1:36:b4:23:
87:87:d7:ec:d6:6e:7a:49:62:e9:a5:dd:3c:44:60:60:96:1a:
05:55:16:92:66:46:4c:85:d4:2b:08:7a:82:96:b8:eb:bd:72:
c6:f8:fd:84:21:c5:f9:5b:fd:de:d7:0b:41:2b:21:e1:e7:14:
38:27:c0:54:08:90:19:01:e8:66:8c:e8:83:0a:7b:46:69:27:
df:b8:fd:8a:69:8a:25:cc:6a:90:65:ae:86:b9:99:26:71:f1:
3d:98:6d:5b:0e:44:a9:24:b9:18:d3:b2:bb:f8:22:62:d5:f9:
52:93:4d:55:56:d5:46:9b:03:ef:25:ae:28:05:bc:f9:1a:9c:
85:21:7c:fa:97:3d:9a:94:87:98:26:b1:0c:7a:3d:e8:a6:58:
55:40:e8:90:2d:b1:a8:11:66:ef:8b:e9:f2:59:3b:da:d3:8f:
64:4e:55:e2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIEHWKBJDaYTCWcTWE4FhIWTckbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmY2M3ZjUxMmQ0YzY3MGY1NzU5N2FjNjZhM2NiNDVjZjY0ZDI2NmMxODE5
ZmY5OTNhYzBkNDY3YWFkM2I5ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1C06BRoiFFPcktDDXIGGSWET9+dHR0Qd/V/F2WSuug/xwLg5xpqg16+4yP
3XomcmNbe+wqLzP2hIjVI0XKg9DoZ+ZaYWsgPoJlHd4FwUHD0as5BCWPTv8V1gPU
39h6hnGrzVaL6+C9WiU/B0G7QQ2wHaYphLquEgeNV+IHs5XbeYbw+y+1tiQThhEw
nMhosK2MpvgUlww7aj57RvQqIlO4h/9IpY7EXMFz6F+lVLblY+X0vgeYCMwFF2vn
ydHcK4SmlULuR+U6MFaDK5SN1QKU5hbRsQzatVfAVgC0GVF8w4rq/pAILZRLwV0c
+bw9OSdSG0CSyi5uVmvm0p+snMMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSzud9i
VhKoIy+WF+HlZ6Ox4fKYdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQC/RwYyQZa4SAZk3SGF4fUTFZS76jE30QA1uttVtJNm
yxdm3vvWeFVUevmLOMfPic+aFe6qhMTnC9Q4iS7tDgHiSwkFkNkhv+xkjj/4IaEU
DadmME8LWaE2tCOHh9fs1m56SWLppd08RGBglhoFVRaSZkZMhdQrCHqClrjrvXLG
+P2EIcX5W/3e1wtBKyHh5xQ4J8BUCJAZAehmjOiDCntGaSffuP2KaYolzGqQZa6G
uZkmcfE9mG1bDkSpJLkY07K7+CJi1flSk01VVtVGmwPvJa4oBbz5GpyFIXz6lz2a
lIeYJrEMej3oplhVQOiQLbGoEWbvi+nyWTva049kTlXi
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:50:07 2025 by rpki-client