Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: C3NTIbObvTceA0S9mkm8tSvGfUPBgUff/gLv3fJAVk4=
Subject key identifier: B8:9C:70:3C:42:E9:C4:5C:28:44:28:99:C1:50:56:05:11:61:30:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63D6C9DD95331CD8ABF194C87FCDB015A24DAA8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Fri 25 Apr 2025 20:30:15 +0000
ROA not before: Fri 25 Apr 2025 20:30:15 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:d6:c9:dd:95:33:1c:d8:ab:f1:94:c8:7f:cd:b0:15:a2:4d:aa:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:15 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1d037b78ee522504bcf70aa4b164d131fb63f2508dfb8bc5d786880f5d8a5a15, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:21:a6:d3:ff:e4:31:c3:d5:f2:cb:da:26:cc:
3f:41:51:4b:67:20:00:5e:12:c2:b4:94:3c:26:65:
a9:96:73:20:52:96:71:fd:d1:fa:0e:43:7c:25:eb:
21:6e:98:c1:e1:72:16:72:cf:f9:b6:f0:ff:be:6d:
a2:ca:dd:ed:68:92:ee:6c:69:ed:23:26:b8:47:3a:
4b:c8:b3:84:6d:dd:de:22:93:1f:74:06:34:c2:65:
47:28:90:dd:d0:3f:90:63:bd:13:ec:37:ba:8d:d9:
55:98:bc:90:96:be:0d:75:9c:cf:8f:52:0a:c7:09:
1b:06:5f:9c:3f:75:8c:a2:1d:05:02:ac:62:0b:4b:
78:1f:2d:b6:df:92:ae:3e:0b:36:3e:58:ea:b1:e4:
ab:69:81:96:d3:3d:8d:ee:bb:77:90:59:c0:b8:0b:
b4:2a:91:a8:14:44:ea:8e:9e:2a:8f:7a:35:fb:81:
5a:f2:9d:87:bd:4f:3e:a8:ab:ba:23:db:7f:02:26:
ac:d3:8e:97:11:2f:bc:61:26:8f:b2:9c:2e:e1:4d:
e9:94:a5:67:e1:af:fd:7b:2f:97:19:fa:28:b5:3b:
d3:3b:39:c8:bc:ec:87:eb:17:6e:64:54:a3:36:69:
d4:88:a1:eb:b0:fd:de:e4:e2:17:99:d1:7c:eb:b8:
2c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9C:70:3C:42:E9:C4:5C:28:44:28:99:C1:50:56:05:11:61:30:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:a8:56:6a:ab:72:d9:30:76:3b:4c:57:f6:f5:87:e8:3d:c7:
4f:a1:71:cf:e0:fc:ae:9e:59:ab:90:71:82:bb:20:38:be:59:
d6:bc:2f:06:c0:de:59:ea:14:80:9c:19:30:fc:bd:22:f5:87:
d5:ee:3d:ff:6a:5c:1f:4d:02:0d:eb:56:57:17:94:a1:b2:e1:
54:5f:71:0d:73:72:8f:00:8d:c3:e1:4f:11:76:11:4b:6a:1d:
d5:a0:fc:e9:0b:65:bf:ce:d1:50:18:18:af:27:87:a8:19:86:
6a:e4:14:e8:bf:e8:70:f3:fb:ac:67:12:29:a3:97:50:60:8b:
49:6a:ba:78:57:fb:ee:b3:7d:df:6f:b3:c9:a1:8d:a7:56:72:
32:aa:f7:d2:61:88:ca:70:90:e1:93:19:9e:89:78:05:72:87:
d6:9f:86:30:70:11:44:77:22:94:21:a3:80:9a:c6:5b:35:f0:
4b:b0:5e:3d:12:88:b4:5b:35:f9:c2:ea:5c:6e:2c:fc:a5:82:
89:30:f1:79:f8:f2:b7:32:17:af:e1:ec:0f:dd:3e:70:fc:27:
b9:94:e7:81:af:99:13:10:f0:3b:ad:87:80:95:cb:11:a4:33:
64:95:cd:08:ad:c6:f7:f4:12:52:3e:f6:5b:d3:c2:5e:70:2d:
ca:7b:ee:74
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY9bJ3ZUzHNir8ZTIf82wFaJNqowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMDM3Yjc4ZWU1MjI1MDRiY2Y3MGFhNGIxNjRkMTMxZmI2M2YyNTA4ZGZi
OGJjNWQ3ODY4ODBmNWQ4YTVhMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4hptP/5DHD1fLL2ibMP0FRS2cgAF4SwrSUPCZlqZZzIFKWcf3R+g5DfCXr
IW6YweFyFnLP+bbw/75tosrd7WiS7mxp7SMmuEc6S8izhG3d3iKTH3QGNMJlRyiQ
3dA/kGO9E+w3uo3ZVZi8kJa+DXWcz49SCscJGwZfnD91jKIdBQKsYgtLeB8ttt+S
rj4LNj5Y6rHkq2mBltM9je67d5BZwLgLtCqRqBRE6o6eKo96NfuBWvKdh71PPqir
uiPbfwImrNOOlxEvvGEmj7KcLuFN6ZSlZ+Gv/Xsvlxn6KLU70zs5yLzsh+sXbmRU
ozZp1Iih67D93uTiF5nRfOu4LP0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS4nHA8
QunEXChEKJnBUFYFEWEwGTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQAeqFZqq3LZMHY7TFf29YfoPcdPoXHP4PyunlmrkHGC
uyA4vlnWvC8GwN5Z6hSAnBkw/L0i9YfV7j3/alwfTQIN61ZXF5ShsuFUX3ENc3KP
AI3D4U8RdhFLah3VoPzpC2W/ztFQGBivJ4eoGYZq5BTov+hw8/usZxIpo5dQYItJ
arp4V/vus33fb7PJoY2nVnIyqvfSYYjKcJDhkxmeiXgFcofWn4YwcBFEdyKUIaOA
msZbNfBLsF49Eoi0WzX5wupcbiz8pYKJMPF5+PK3Mhev4ewP3T5w/Ce5lOeBr5kT
EPA7rYeAlcsRpDNklc0Ircb39BJSPvZb08JecC3Ke+50
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:14 2025 by rpki-client