Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: ppmibleBWTJfN/xcoFaePgLSdiaAZriQ3kl7LX7G30M=
Subject key identifier: A9:9E:33:2C:10:EE:F4:A6:41:B0:74:DE:23:D6:8E:43:8E:8D:D8:D0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2FB7EC439FEF6F3BC3C807FDDA7CEA05BAA711BE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Fri 25 Apr 2025 20:30:55 +0000
ROA not before: Fri 25 Apr 2025 20:30:55 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:b7:ec:43:9f:ef:6f:3b:c3:c8:07:fd:da:7c:ea:05:ba:a7:11:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:55 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1121ccd2b3d5264e6a1c6b331e06ee38f5b889ac27873d662632c2e41b6f95e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3b:96:90:03:54:70:aa:82:30:bc:bb:16:ae:
0f:7e:fc:8e:4c:f1:3d:cb:45:3c:6f:d7:6d:60:20:
8a:d9:1b:fd:fa:77:04:73:86:dd:c1:01:97:46:c2:
bc:51:96:24:7a:2f:1a:83:e7:b8:0b:f6:75:6e:6d:
92:15:a0:b8:97:27:4a:7e:ee:ee:af:41:66:72:a0:
87:25:35:21:c4:19:93:b4:5b:e7:82:c9:2b:cb:da:
e1:3b:9e:84:3b:7a:62:f3:02:82:08:db:ad:f6:6a:
6c:ce:ee:fa:e7:23:6c:dd:3a:f2:e0:13:a9:9e:87:
23:03:e3:7d:66:50:84:76:9c:26:fd:17:8f:6d:8b:
aa:cd:6b:da:68:db:e5:24:54:92:74:c6:08:c6:bf:
9a:aa:99:12:06:31:e9:cb:08:3c:3c:f8:6a:f9:7d:
7d:40:8e:5b:e1:bc:93:50:a3:43:db:a7:ec:25:bc:
82:ce:9e:9b:a6:79:8f:82:a8:2d:0d:c2:48:e1:d3:
f5:c1:cd:7d:4a:4c:40:d0:d9:c2:92:3b:8c:b0:36:
e7:07:25:d0:c8:04:3e:80:52:e7:5e:23:db:8c:14:
f0:59:8b:8f:8f:01:6d:db:a4:b4:ef:3d:38:bb:f6:
10:1e:a6:89:17:4a:33:6d:37:da:ea:a9:14:1e:d0:
8b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9E:33:2C:10:EE:F4:A6:41:B0:74:DE:23:D6:8E:43:8E:8D:D8:D0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:8e:f6:bd:7d:12:47:82:54:3f:38:e1:bb:29:7c:e7:8e:dd:
88:25:bc:f0:df:9a:cc:2b:d8:ed:6b:56:13:79:6a:76:39:01:
06:f9:70:da:a4:b1:f8:b9:bc:f3:1d:b8:3f:cc:4b:48:22:19:
76:97:63:62:18:2c:05:2a:f9:2f:12:35:af:30:f4:dd:c3:99:
0d:98:2e:5c:d1:1c:db:07:bb:1a:47:10:4a:17:d1:e4:11:51:
99:5c:4c:d8:13:ec:ce:00:cf:be:b4:f7:4b:4b:6f:62:9f:5e:
97:fe:e8:58:e1:be:cb:9e:c7:dd:d2:81:fb:74:09:ae:39:57:
41:7e:86:32:bc:8f:9a:e4:81:cb:f6:e9:1f:80:6a:2c:87:66:
e2:8e:00:5a:c4:ff:7a:2e:28:23:5d:a9:7e:47:b3:65:df:23:
b3:44:dc:2c:4c:0f:c6:30:1b:89:5b:51:cd:cb:0e:8b:c5:82:
81:42:49:08:14:64:bd:f5:d3:41:67:38:17:d5:3e:c5:3a:f5:
e7:22:1e:d6:e5:20:c9:88:74:33:93:b4:60:fc:2c:71:39:07:
bd:35:6d:b9:f3:bb:42:66:94:44:43:79:58:1c:9a:0d:b1:b4:
ec:d1:61:56:08:4a:26:61:bf:a2:0c:a2:e4:98:20:77:da:94:
f9:d8:a5:56
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL7fsQ5/vbzvDyAf92nzqBbqnEb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNTVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDExMjFjY2QyYjNkNTI2NGU2YTFjNmIzMzFlMDZlZTM4ZjViODg5YWMyNzg3
M2Q2NjI2MzJjMmU0MWI2Zjk1ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK47lpADVHCqgjC8uxauD378jkzxPctFPG/XbWAgitkb/fp3BHOG3cEBl0bC
vFGWJHovGoPnuAv2dW5tkhWguJcnSn7u7q9BZnKghyU1IcQZk7Rb54LJK8va4Tue
hDt6YvMCggjbrfZqbM7u+ucjbN068uATqZ6HIwPjfWZQhHacJv0Xj22Lqs1r2mjb
5SRUknTGCMa/mqqZEgYx6csIPDz4avl9fUCOW+G8k1CjQ9un7CW8gs6em6Z5j4Ko
LQ3CSOHT9cHNfUpMQNDZwpI7jLA25wcl0MgEPoBS514j24wU8FmLj48BbduktO89
OLv2EB6miRdKM2032uqpFB7Qi4UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSpnjMs
EO70pkGwdN4j1o5Djo3Y0DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQChjva9fRJHglQ/OOG7KXznjt2IJbzw35rMK9jta1YT
eWp2OQEG+XDapLH4ubzzHbg/zEtIIhl2l2NiGCwFKvkvEjWvMPTdw5kNmC5c0Rzb
B7saRxBKF9HkEVGZXEzYE+zOAM++tPdLS29in16X/uhY4b7Lnsfd0oH7dAmuOVdB
foYyvI+a5IHL9ukfgGosh2bijgBaxP96LigjXal+R7Nl3yOzRNwsTA/GMBuJW1HN
yw6LxYKBQkkIFGS99dNBZzgX1T7FOvXnIh7W5SDJiHQzk7Rg/CxxOQe9NW2587tC
ZpREQ3lYHJoNsbTs0WFWCEomYb+iDKLkmCB32pT52KVW
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:50:23 2025 by rpki-client