Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
File: b39e8644-b3a5-4477-b7b6-d340235a9010.roa (raw, json)
Hash identifier: ig2IghmRJonBfMJYsuM5bgo6lkEI0an1bNqrUFXG2ls=
Subject key identifier: 99:2F:CA:C0:8B:AD:CA:FF:B2:43:29:C0:09:FE:AA:37:B3:8D:08:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40D0AE2E76DA4B0E2450A571BC5BC326D80A61B2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
Signing time: Mon 21 Apr 2025 18:40:04 +0000
ROA not before: Mon 21 Apr 2025 18:40:04 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d0:ae:2e:76:da:4b:0e:24:50:a5:71:bc:5b:c3:26:d8:0a:61:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 21 18:40:04 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=0810ec13dde3269899e7cf195b34e3e9e898439e64579fa19c4964fb63dbf800, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:53:d7:8e:91:e3:16:d4:37:94:fa:b5:8e:12:
af:98:7a:68:55:a0:f2:ca:4a:01:86:47:11:a9:5a:
61:6a:6a:40:5a:a0:be:3a:1d:a5:8a:d3:5a:76:05:
ae:f8:af:ca:01:18:1b:d6:06:47:c7:ec:fc:10:5e:
10:05:c4:30:bd:79:3a:98:8c:4f:8d:90:08:0b:ce:
57:c2:9f:5b:c3:e8:e7:0d:52:52:a7:52:cc:20:ff:
9f:17:31:12:35:9a:6b:af:dc:b6:55:a2:39:86:32:
8f:c5:d8:af:9b:0d:f8:58:a1:cc:b0:ed:86:fa:5b:
63:91:db:ab:49:72:bb:d4:5f:17:ae:75:60:f9:2d:
7f:66:db:b3:5d:0e:f0:74:d1:47:7a:bd:81:d6:0f:
38:0c:01:9e:24:2c:43:85:ac:3b:09:39:52:63:8e:
6c:1e:dc:6a:48:70:fa:3b:bc:d2:29:5c:f6:d6:9f:
3c:7a:62:67:86:d9:56:28:60:5c:bb:01:e7:48:84:
cc:e9:a6:94:f4:57:5c:ec:63:f8:3b:dc:5f:f4:03:
14:b5:f6:cf:ce:18:3a:94:37:f5:99:65:51:12:a8:
6c:5c:a3:36:f9:63:89:e6:ae:07:41:47:99:80:24:
15:59:75:65:9b:2d:00:19:a1:02:f6:5d:a0:5c:4e:
60:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2F:CA:C0:8B:AD:CA:FF:B2:43:29:C0:09:FE:AA:37:B3:8D:08:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8d:67:20:ae:b7:f6:38:da:81:58:de:17:db:36:2e:be:78:40:
f8:96:d0:90:f9:eb:1f:5d:36:66:33:42:ff:bf:5e:02:c3:28:
21:4b:b4:87:96:ec:0e:60:2e:53:2c:2f:37:51:74:10:04:71:
10:22:0d:68:fe:1b:a1:f8:ba:60:d4:99:57:ee:e4:ac:07:d2:
f6:36:bc:b1:8d:ad:89:9d:c4:79:84:e2:c8:9e:d7:74:a8:15:
62:62:47:98:6a:7f:52:8d:6f:17:63:31:42:3f:91:93:90:df:
ce:2c:0b:67:a8:b1:bf:fd:a5:c8:c1:05:72:83:ae:b2:d8:2d:
7d:49:0c:05:8f:91:6c:1c:fa:b5:1d:cc:1d:ad:fa:97:66:b6:
fa:39:a3:e1:6e:63:a8:09:8a:83:fd:4e:89:f8:fa:30:14:6a:
ee:03:c0:ab:42:d1:bb:71:af:e9:d9:1c:8c:b0:71:b5:56:70:
41:3b:ae:13:e2:de:b4:c1:ca:6a:9b:be:b5:d5:80:72:31:89:
ab:37:33:04:8b:e8:24:02:60:0b:53:f4:13:c8:70:31:31:2f:
7b:45:f9:c9:58:8f:15:e8:07:de:42:8f:78:db:ef:67:1c:0f:
02:c1:a1:3d:e4:5f:87:3f:36:6d:af:3a:7c:69:c4:e9:de:a1:
dd:b8:68:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQNCuLnbaSw4kUKVxvFvDJtgKYbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjExODQwMDRaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4MTBlYzEzZGRlMzI2OTg5OWU3Y2YxOTViMzRlM2U5ZTg5ODQzOWU2NDU3
OWZhMTljNDk2NGZiNjNkYmY4MDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBT146R4xbUN5T6tY4Sr5h6aFWg8spKAYZHEalaYWpqQFqgvjodpYrTWnYF
rvivygEYG9YGR8fs/BBeEAXEML15OpiMT42QCAvOV8KfW8Po5w1SUqdSzCD/nxcx
EjWaa6/ctlWiOYYyj8XYr5sN+FihzLDthvpbY5Hbq0lyu9RfF651YPktf2bbs10O
8HTRR3q9gdYPOAwBniQsQ4WsOwk5UmOObB7cakhw+ju80ilc9tafPHpiZ4bZVihg
XLsB50iEzOmmlPRXXOxj+DvcX/QDFLX2z84YOpQ39ZllURKobFyjNvljieauB0FH
mYAkFVl1ZZstABmhAvZdoFxOYCsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSZL8rA
i63K/7JDKcAJ/qo3s40IJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjM5ZTg2NDQtYjNhNS00NDc3LWI3YjYtZDM0MDIzNWE5MDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQCNZyCut/Y42oFY3hfbNi6+eED4ltCQ+esfXTZmM0L/
v14CwyghS7SHluwOYC5TLC83UXQQBHEQIg1o/huh+Lpg1JlX7uSsB9L2Nryxja2J
ncR5hOLIntd0qBViYkeYan9SjW8XYzFCP5GTkN/OLAtnqLG//aXIwQVyg66y2C19
SQwFj5FsHPq1HcwdrfqXZrb6OaPhbmOoCYqD/U6J+PowFGruA8CrQtG7ca/p2RyM
sHG1VnBBO64T4t60wcpqm7611YByMYmrNzMEi+gkAmALU/QTyHAxMS97RfnJWI8V
6AfeQo942+9nHA8CwaE95F+HPzZtrzp8acTp3qHduGg1
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:21 2025 by rpki-client