Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json)
Hash identifier: noIHZbjkaeie9kquxLr5qD4diIjMmU+kr2/J2Gb1kq8=
Subject key identifier: 0D:77:2C:EB:59:84:09:E7:9A:CC:D3:75:E8:69:C8:B6:BE:A4:AA:F4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 359C33E9F3AF4956DBDD0EDD0CA17488F04F3D0C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
Signing time: Fri 25 Apr 2025 20:30:16 +0000
ROA not before: Fri 25 Apr 2025 20:30:16 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:9c:33:e9:f3:af:49:56:db:dd:0e:dd:0c:a1:74:88:f0:4f:3d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:16 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d4fb6237e883056e6b80c3a2e3706dbc3eef9d0f3ebef6fea41a1deeb399242a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:81:e9:e8:df:03:1f:32:7e:58:40:52:29:da:
df:3b:f9:f2:b4:a5:30:8d:60:f4:ed:8d:72:fa:8d:
5b:7e:45:c7:0d:6c:db:14:36:0f:58:00:31:a8:6c:
6e:cf:3c:ea:9e:7c:47:6f:ba:7d:6d:83:96:01:39:
d8:ba:57:c6:f4:c9:9e:e6:1b:fc:6f:dd:83:37:71:
23:3e:d1:d0:af:84:27:2d:d0:f6:54:46:40:40:c7:
45:e1:98:17:aa:48:aa:74:0e:a8:4b:6b:e1:ba:75:
fa:29:3f:9e:f2:0b:7c:c7:65:8e:2b:e4:ec:bf:c6:
67:4a:0f:ae:79:d4:dc:53:cb:73:e3:ff:c1:23:1f:
3d:b5:d0:b3:a5:38:fa:b8:41:6a:5a:b3:de:0e:e1:
f9:7a:8c:3c:ca:97:89:e5:5b:76:1f:de:0b:87:e5:
0f:5d:92:34:5c:dc:d2:63:1a:72:74:8e:7e:75:37:
d0:b3:f3:f1:c6:ae:66:aa:f6:e3:c4:89:18:b5:19:
f5:4c:59:ab:75:6d:b0:0b:5f:04:7f:0a:f4:d3:2e:
23:30:55:fd:39:d6:ed:cc:2b:7f:7c:ee:3d:95:72:
0a:16:26:7e:70:4a:c6:94:55:2b:3a:92:6e:69:4b:
f5:46:a5:a8:1f:2b:cc:7c:d9:ff:5d:5b:2a:85:cd:
ee:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:77:2C:EB:59:84:09:E7:9A:CC:D3:75:E8:69:C8:B6:BE:A4:AA:F4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
56:97:4f:10:26:70:44:00:12:1a:b1:55:96:5b:f3:58:11:5b:
8d:3d:18:49:0d:c1:c2:37:0c:01:75:b1:e1:70:e4:83:9f:64:
09:3a:f1:fc:e7:c8:9d:7b:d7:2b:5e:76:a4:ab:9d:16:8a:24:
b8:88:59:cd:e2:37:31:32:27:b0:77:2f:9c:c3:08:8a:f4:a1:
6d:3d:1e:99:3b:fb:d4:77:eb:18:a7:35:19:8b:51:00:f2:b1:
2c:5a:95:de:c6:d9:69:78:9d:8f:7b:0f:31:71:3e:ae:ec:f5:
39:a6:7a:af:80:eb:2e:4d:22:51:4d:eb:a0:46:0b:78:5e:65:
c7:64:5e:7a:1b:b9:bb:c4:ec:be:8a:da:5a:c8:c7:14:21:20:
91:ad:da:e6:a3:05:17:28:27:03:9b:43:76:3d:c1:1f:87:fb:
62:13:17:c1:7f:f8:9e:62:6d:c5:ce:94:8b:6d:25:6a:ce:fe:
50:04:ef:b2:b0:d8:ac:d7:af:31:62:6a:e5:26:a5:b8:86:1e:
9c:c0:25:d3:2c:b6:f9:8f:a2:c7:1d:ce:77:18:7e:fb:6a:97:
31:d2:77:c6:c4:55:5b:fd:9a:3f:ff:d8:c9:ac:ed:a3:34:54:
46:02:df:72:e6:72:bf:98:02:7c:04:c7:66:f8:4f:a3:d8:0f:
26:78:a4:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNZwz6fOvSVbb3Q7dDKF0iPBPPQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ZmI2MjM3ZTg4MzA1NmU2YjgwYzNhMmUzNzA2ZGJjM2VlZjlkMGYzZWJl
ZjZmZWE0MWExZGVlYjM5OTI0MmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuB6ejfAx8yflhAUina3zv58rSlMI1g9O2NcvqNW35Fxw1s2xQ2D1gAMahs
bs886p58R2+6fW2DlgE52LpXxvTJnuYb/G/dgzdxIz7R0K+EJy3Q9lRGQEDHReGY
F6pIqnQOqEtr4bp1+ik/nvILfMdljivk7L/GZ0oPrnnU3FPLc+P/wSMfPbXQs6U4
+rhBalqz3g7h+XqMPMqXieVbdh/eC4flD12SNFzc0mMacnSOfnU30LPz8cauZqr2
48SJGLUZ9UxZq3VtsAtfBH8K9NMuIzBV/TnW7cwrf3zuPZVyChYmfnBKxpRVKzqS
bmlL9UalqB8rzHzZ/11bKoXN7mcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNdyzr
WYQJ55rM03Xoaci2vqSq9DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQBWl08QJnBEABIasVWWW/NYEVuNPRhJDcHCNwwBdbHh
cOSDn2QJOvH858ide9crXnakq50WiiS4iFnN4jcxMiewdy+cwwiK9KFtPR6ZO/vU
d+sYpzUZi1EA8rEsWpXextlpeJ2Pew8xcT6u7PU5pnqvgOsuTSJRTeugRgt4XmXH
ZF56G7m7xOy+itpayMcUISCRrdrmowUXKCcDm0N2PcEfh/tiExfBf/ieYm3FzpSL
bSVqzv5QBO+ysNis168xYmrlJqW4hh6cwCXTLLb5j6LHHc53GH77apcx0nfGxFVb
/Zo//9jJrO2jNFRGAt9y5nK/mAJ8BMdm+E+j2A8meKT7
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:38:44 2025 by rpki-client