Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: DgjL/vfE9M67PcE3PFL81uRpfNRdR+J2lCiOPhBtQhw=
Subject key identifier: CC:33:75:85:02:52:70:9C:CA:CC:9B:30:82:FC:F7:E2:F9:D8:E4:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 616561A549FA60E15F0719C4BEC25091E4107152
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Fri 25 Apr 2025 20:30:09 +0000
ROA not before: Fri 25 Apr 2025 20:30:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:65:61:a5:49:fa:60:e1:5f:07:19:c4:be:c2:50:91:e4:10:71:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ed9be137284df8b8e14f5a75d228c68baa911393f14dbf603322bdfcaded5f38, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7d:43:e8:de:d1:65:82:1a:4a:bc:17:7b:31:
f4:ac:e6:43:46:56:91:cc:e1:27:88:54:f8:a6:77:
81:30:02:b7:51:8c:5e:49:d3:61:98:b8:ac:2b:48:
64:15:2a:0e:59:cf:4c:5b:fc:cc:11:3d:07:9f:27:
ca:df:fb:22:0a:55:0f:9c:4f:4c:79:9d:24:f3:92:
c3:8e:7a:63:e1:53:37:77:bc:cb:0a:90:ab:6e:ca:
72:c4:fd:5f:d7:66:c6:b4:da:41:19:d9:55:3e:ae:
ff:58:4d:ed:0b:02:17:72:f6:55:d4:9e:9c:d4:b0:
29:19:39:9e:7e:a3:84:80:6d:11:1e:77:ac:d9:da:
62:7b:4d:06:ed:82:10:b9:1f:ab:a0:bd:2c:46:7c:
de:04:f1:cf:96:f4:09:11:9c:31:aa:c1:3b:10:4f:
cf:d6:d3:ed:40:ca:86:91:5d:37:11:cc:c9:92:cd:
68:bb:6c:64:53:19:d0:b2:9e:dc:06:58:5f:ea:8b:
49:c9:b2:9f:e0:73:22:a9:7b:7a:e6:f4:82:05:bf:
47:14:b4:ed:52:b8:a7:b1:6c:13:3e:d8:0e:b2:8f:
12:56:36:ad:5d:be:a5:68:66:d9:47:4b:b4:c9:62:
0f:64:19:aa:ab:23:09:29:c6:81:a6:47:5e:46:8b:
40:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:33:75:85:02:52:70:9C:CA:CC:9B:30:82:FC:F7:E2:F9:D8:E4:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:5c:3d:73:3d:e5:ee:7b:e9:23:5e:5e:93:7d:c4:0f:cc:fd:
71:83:65:c4:7e:05:b7:2e:85:ee:be:95:1b:55:c2:5f:b6:9a:
2d:2d:bd:ba:86:f0:63:06:e1:68:5b:75:c7:e5:e3:b4:34:8e:
0e:b5:c1:17:3a:da:c6:8b:d6:61:d6:55:d2:6c:ca:23:58:fd:
08:eb:5d:0a:78:0f:8d:89:86:6a:1d:24:87:2d:78:89:b2:de:
57:4c:f5:a5:0f:ca:6d:8a:09:17:2c:25:9b:83:8f:52:f1:a6:
5e:62:38:64:fd:6e:96:b1:73:0c:e7:f3:67:e6:51:d3:a4:92:
f2:36:5b:13:bd:bf:25:dc:48:38:ea:7b:6e:8e:d1:3a:c3:f3:
57:f3:fd:31:9c:ab:ff:b2:05:fa:f7:6c:b4:7b:f4:9a:bc:b0:
4e:53:90:02:18:7f:28:c0:67:7a:a8:0c:f9:08:2f:41:f0:af:
82:0e:69:9a:72:05:98:14:65:0e:13:33:65:78:8a:e3:64:74:
40:a8:86:6e:39:51:06:80:52:59:cb:25:4b:b7:57:ea:23:8b:
8c:da:66:29:7f:94:c7:a0:a5:23:f9:d4:90:4e:18:be:8f:ba:
e0:05:71:0f:48:36:1a:ed:76:05:a7:ed:e4:28:90:f4:ce:4f:
bd:ce:9c:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYWVhpUn6YOFfBxnEvsJQkeQQcVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkOWJlMTM3Mjg0ZGY4YjhlMTRmNWE3NWQyMjhjNjhiYWE5MTEzOTNmMTRk
YmY2MDMzMjJiZGZjYWRlZDVmMzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV9Q+je0WWCGkq8F3sx9KzmQ0ZWkczhJ4hU+KZ3gTACt1GMXknTYZi4rCtI
ZBUqDlnPTFv8zBE9B58nyt/7IgpVD5xPTHmdJPOSw456Y+FTN3e8ywqQq27KcsT9
X9dmxrTaQRnZVT6u/1hN7QsCF3L2VdSenNSwKRk5nn6jhIBtER53rNnaYntNBu2C
ELkfq6C9LEZ83gTxz5b0CRGcMarBOxBPz9bT7UDKhpFdNxHMyZLNaLtsZFMZ0LKe
3AZYX+qLScmyn+BzIql7eub0ggW/RxS07VK4p7FsEz7YDrKPElY2rV2+pWhm2UdL
tMliD2QZqqsjCSnGgaZHXkaLQFECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMM3WF
AlJwnMrMmzCC/Pfi+djkwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQAiXD1zPeXue+kjXl6TfcQPzP1xg2XEfgW3LoXuvpUb
VcJftpotLb26hvBjBuFoW3XH5eO0NI4OtcEXOtrGi9Zh1lXSbMojWP0I610KeA+N
iYZqHSSHLXiJst5XTPWlD8ptigkXLCWbg49S8aZeYjhk/W6WsXMM5/Nn5lHTpJLy
NlsTvb8l3Eg46ntujtE6w/NX8/0xnKv/sgX692y0e/SavLBOU5ACGH8owGd6qAz5
CC9B8K+CDmmacgWYFGUOEzNleIrjZHRAqIZuOVEGgFJZyyVLt1fqI4uM2mYpf5TH
oKUj+dSQThi+j7rgBXEPSDYa7XYFp+3kKJD0zk+9zpwH
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:27 2025 by rpki-client