Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: VR/PBoQ/pYeeodKm+YMPan2rLvKcuGdKEKv6i9N5Prw=
Subject key identifier: 6B:86:2D:54:4D:7C:24:9E:56:09:BD:D6:1B:D3:CE:2E:9A:68:EB:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 636FA554059D257B3BE46DE9C9BF849FFC384091
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Fri 25 Apr 2025 20:40:12 +0000
ROA not before: Fri 25 Apr 2025 20:40:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:6f:a5:54:05:9d:25:7b:3b:e4:6d:e9:c9:bf:84:9f:fc:38:40:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=4b73f25c1370aceb7bf927363ef8122fe8016f2f83f43fa86bb9810fb2311cc3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:89:1f:79:1b:5b:8e:94:03:f8:6c:c3:10:bf:
ec:48:7c:70:bc:a7:90:a0:fb:99:09:10:00:ce:b8:
11:34:6f:fd:38:8b:ea:ef:c1:e8:a0:d1:a4:39:67:
de:b4:21:98:74:a6:35:02:f9:55:1d:11:c1:68:bb:
8f:e9:0d:f0:d1:3a:b6:c9:10:31:8f:59:cc:0c:85:
ff:2c:ee:82:13:cf:d5:47:9c:86:e2:a0:62:ca:2f:
bd:d4:81:a3:6c:30:04:da:db:f6:ec:ad:cf:63:6c:
62:91:03:e3:68:14:e9:d6:e6:38:c0:40:bb:01:d6:
44:7f:93:0c:54:ca:20:da:0c:14:be:ee:6e:0c:ce:
90:94:3a:2d:d9:1e:96:cf:fe:e0:20:75:b4:ff:e7:
d4:8c:40:dc:84:bc:a1:bf:50:24:59:05:69:b3:55:
23:01:83:94:d0:8b:e4:91:7e:11:94:d6:50:a5:3c:
18:e2:29:79:7a:d1:9e:1f:52:f9:44:ee:36:74:22:
f7:15:a8:ef:bf:73:44:4c:9f:95:56:13:64:3f:90:
91:81:78:1a:01:2b:e0:34:9a:95:f8:6d:64:4a:89:
3e:80:b9:1d:66:ea:93:47:55:62:26:55:50:8b:13:
ad:6b:2d:ef:82:59:6e:8c:9c:a7:a7:bc:07:c1:a2:
38:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:86:2D:54:4D:7C:24:9E:56:09:BD:D6:1B:D3:CE:2E:9A:68:EB:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6b:44:9d:66:43:bf:da:ab:2a:e1:f9:00:fb:59:f8:7c:aa:b7:
32:a9:72:af:b5:76:42:1f:3e:e4:66:aa:6a:72:a5:1f:d3:a9:
97:ed:47:c8:ac:05:fd:80:e6:0f:a3:1f:0e:4e:31:b4:b5:76:
dd:57:4a:ec:b6:7c:ac:5b:a3:7d:78:a7:62:bb:92:0d:ff:d4:
90:16:2f:0d:f0:9a:95:b8:2c:ab:67:93:db:03:cb:c9:98:72:
fd:82:75:49:d5:34:6b:69:a1:e2:fb:f2:e0:72:f1:cf:97:2a:
6f:e8:de:64:35:88:c7:02:b9:a8:20:b8:b2:27:30:35:59:16:
fb:f4:f9:92:73:aa:be:06:24:f2:fa:06:db:9e:88:ca:b6:e7:
7a:73:3b:f5:b7:e8:0c:80:69:94:93:4b:8e:92:79:21:58:bc:
86:2a:a3:ff:6d:d7:c3:26:74:1c:b8:c0:6f:fe:27:62:73:48:
0d:46:63:a2:46:f6:91:f5:54:fb:b3:1c:4b:96:05:66:4a:6a:
55:90:c9:6d:99:cf:e9:df:73:87:68:27:32:04:cd:23:17:b5:
bd:d0:fd:7c:ee:84:a2:0b:f9:28:49:7e:3b:1b:fb:b3:b8:08:
40:1c:d6:36:ca:30:b9:7a:fb:b1:53:33:2a:7f:17:8f:27:09:
eb:71:36:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY2+lVAWdJXs75G3pyb+En/w4QJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNzNmMjVjMTM3MGFjZWI3YmY5MjczNjNlZjgxMjJmZTgwMTZmMmY4M2Y0
M2ZhODZiYjk4MTBmYjIzMTFjYzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGJH3kbW46UA/hswxC/7Eh8cLynkKD7mQkQAM64ETRv/TiL6u/B6KDRpDln
3rQhmHSmNQL5VR0RwWi7j+kN8NE6tskQMY9ZzAyF/yzughPP1UechuKgYsovvdSB
o2wwBNrb9uytz2NsYpED42gU6dbmOMBAuwHWRH+TDFTKINoMFL7ubgzOkJQ6Ldke
ls/+4CB1tP/n1IxA3IS8ob9QJFkFabNVIwGDlNCL5JF+EZTWUKU8GOIpeXrRnh9S
+UTuNnQi9xWo779zREyflVYTZD+QkYF4GgEr4DSalfhtZEqJPoC5HWbqk0dVYiZV
UIsTrWst74JZboycp6e8B8GiOI0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRrhi1U
TXwknlYJvdYb084ummjrLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBrRJ1mQ7/aqyrh+QD7Wfh8qrcyqXKvtXZCHz7kZqpq
cqUf06mX7UfIrAX9gOYPox8OTjG0tXbdV0rstnysW6N9eKdiu5IN/9SQFi8N8JqV
uCyrZ5PbA8vJmHL9gnVJ1TRraaHi+/LgcvHPlypv6N5kNYjHArmoILiyJzA1WRb7
9PmSc6q+BiTy+gbbnojKtud6czv1t+gMgGmUk0uOknkhWLyGKqP/bdfDJnQcuMBv
/idic0gNRmOiRvaR9VT7sxxLlgVmSmpVkMltmc/p33OHaCcyBM0jF7W90P187oSi
C/koSX47G/uzuAhAHNY2yjC5evuxUzMqfxePJwnrcTbM
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:15 2025 by rpki-client