Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: xmJrhU9LJ/EDau19IMlN1oxPpkRq8Bta8OV6ZZNJ4PI=
Subject key identifier: 90:82:28:6F:BE:5F:F1:A9:C0:65:C6:0E:53:85:23:D2:9A:8C:9F:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C432F245DCF19073D6742971AC7F71503FD043C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Fri 25 Apr 2025 20:30:56 +0000
ROA not before: Fri 25 Apr 2025 20:30:56 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:43:2f:24:5d:cf:19:07:3d:67:42:97:1a:c7:f7:15:03:fd:04:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:56 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9d5dde32fde11db77798c0325ffe94dd33403a498bd5a812df0e5897a3fb911f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:0b:6a:19:24:f1:4f:7f:83:77:26:16:dd:
68:d1:44:65:be:42:04:a0:9a:80:16:21:00:58:11:
f1:58:d8:ec:91:dd:51:03:e5:58:28:29:9b:b2:a8:
ba:9b:e3:77:de:90:27:6b:6a:86:03:b4:67:3d:c8:
8e:12:3f:65:f9:a7:d2:b8:8f:34:16:e7:f9:4c:22:
fd:15:b0:fa:fa:f2:fc:20:97:d8:ac:cd:a4:6b:2e:
b4:d0:16:0c:a8:f7:7d:e2:e8:de:0e:ba:9a:19:71:
74:c7:15:ec:12:df:70:37:05:74:5b:6e:3c:da:cb:
84:fd:24:b5:5e:99:5f:cf:ac:9e:e7:b4:8e:35:b4:
0c:78:7c:5c:43:de:31:78:55:f3:dd:e4:84:9b:39:
da:61:ba:c0:37:52:5e:27:a7:40:a1:29:6c:75:fe:
d8:eb:66:14:d2:e6:79:a6:ef:6a:d7:53:bf:42:9b:
83:66:71:c2:4c:5d:f8:ed:6a:2d:d4:e4:4a:17:73:
bf:c5:4a:cb:e5:04:ff:f5:e1:8b:79:7e:ff:8e:4e:
18:1a:76:9a:9e:db:0f:a4:d5:c8:05:09:93:61:d8:
80:dd:ad:ea:41:cc:8d:87:78:83:94:32:48:7f:93:
8c:fe:16:ab:13:7a:f0:40:15:a5:1e:b4:25:85:f8:
fb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:82:28:6F:BE:5F:F1:A9:C0:65:C6:0E:53:85:23:D2:9A:8C:9F:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:5e:c7:d0:18:d1:d0:6b:b1:f4:7e:60:0e:55:9e:ce:58:1d:
47:d0:22:5c:23:db:52:7b:26:60:07:86:96:9e:70:fa:fe:70:
93:83:a2:9f:5f:76:8c:5d:8f:04:e8:ce:45:2f:b3:3c:42:80:
09:56:8c:78:14:0e:fb:32:ef:bc:57:5d:59:c4:7b:9f:d9:d2:
c4:df:2d:97:6b:16:26:f9:f3:c5:15:65:84:f3:0e:96:46:8a:
bf:88:80:13:a4:68:bb:26:76:a7:6e:04:aa:53:58:d3:27:e4:
f7:e4:68:9f:d3:5c:09:4e:3c:53:b5:39:aa:30:ab:18:c7:d1:
b2:ea:50:4b:c8:62:44:fe:04:2c:1d:2a:9e:bd:35:c1:3e:b9:
99:e0:3b:c4:55:c3:a3:f5:b8:6a:9b:d1:ff:41:50:fc:e4:c6:
15:4b:c4:61:b8:13:2d:12:cf:16:8c:0c:e2:b3:a1:e6:10:f7:
d6:c4:4b:f9:00:6a:22:f7:4d:50:d6:76:d2:0a:e7:a8:31:ec:
c1:96:13:74:5d:42:50:83:06:f3:ab:16:a0:6e:5f:43:d0:69:
12:55:03:f8:df:59:c9:2b:de:1b:ef:bf:27:81:ac:d5:a2:1d:
84:9d:8a:6d:c6:f4:00:23:9f:06:3b:8a:e9:11:12:f0:b9:7d:
1f:cf:f1:30
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbEMvJF3PGQc9Z0KXGsf3FQP9BDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkNWRkZTMyZmRlMTFkYjc3Nzk4YzAzMjVmZmU5NGRkMzM0MDNhNDk4YmQ1
YTgxMmRmMGU1ODk3YTNmYjkxMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSpC2oZJPFPf4N3JhbdaNFEZb5CBKCagBYhAFgR8VjY7JHdUQPlWCgpm7Ko
upvjd96QJ2tqhgO0Zz3IjhI/Zfmn0riPNBbn+Uwi/RWw+vry/CCX2KzNpGsutNAW
DKj3feLo3g66mhlxdMcV7BLfcDcFdFtuPNrLhP0ktV6ZX8+snue0jjW0DHh8XEPe
MXhV893khJs52mG6wDdSXienQKEpbHX+2OtmFNLmeabvatdTv0Kbg2Zxwkxd+O1q
LdTkShdzv8VKy+UE//Xhi3l+/45OGBp2mp7bD6TVyAUJk2HYgN2t6kHMjYd4g5Qy
SH+TjP4WqxN68EAVpR60JYX4+xcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQgihv
vl/xqcBlxg5ThSPSmoyfwTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQBQXsfQGNHQa7H0fmAOVZ7OWB1H0CJcI9tSeyZgB4aW
nnD6/nCTg6KfX3aMXY8E6M5FL7M8QoAJVox4FA77Mu+8V11ZxHuf2dLE3y2XaxYm
+fPFFWWE8w6WRoq/iIATpGi7JnanbgSqU1jTJ+T35Gif01wJTjxTtTmqMKsYx9Gy
6lBLyGJE/gQsHSqevTXBPrmZ4DvEVcOj9bhqm9H/QVD85MYVS8RhuBMtEs8WjAzi
s6HmEPfWxEv5AGoi901Q1nbSCueoMezBlhN0XUJQgwbzqxagbl9D0GkSVQP431nJ
K94b778ngazVoh2EnYptxvQAI58GO4rpERLwuX0fz/Ew
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:46:04 2025 by rpki-client