Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json)
Hash identifier: /XutB0MOorEsBuDQ6zIGGD7TicmBdlQ6h4wx/PNGq20=
Subject key identifier: 45:2A:62:04:AF:F4:DE:12:41:A2:20:22:86:65:E2:74:5A:A0:14:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F6B820156DC5996EBB4B2F6A29DEFEE51DFD2A7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
Signing time: Fri 25 Apr 2025 20:40:43 +0000
ROA not before: Fri 25 Apr 2025 20:40:43 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:6b:82:01:56:dc:59:96:eb:b4:b2:f6:a2:9d:ef:ee:51:df:d2:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:43 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=80b6acb203e03e549b60f300c8699965ff7b679c2f2ca7f264b0fb63f29789a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:41:12:db:97:2f:59:c9:7d:d0:bc:97:90:24:
ed:c9:71:b1:f2:02:43:fd:22:68:42:7f:19:a7:35:
80:b4:d1:07:22:e6:22:d8:b8:5d:86:95:7d:79:ca:
69:9d:cf:1a:2f:bd:58:1a:30:43:44:86:c7:d8:98:
ec:f2:e3:65:64:c7:80:9f:4b:aa:03:5f:60:1d:83:
1a:6a:0b:6d:c3:64:21:1f:88:5a:ff:0f:ba:09:cc:
22:4d:75:2f:e5:c2:88:9b:dc:2a:69:f5:e4:f2:6c:
ea:4e:5b:c9:7a:cb:66:0e:de:04:bc:c4:52:3b:a4:
f0:0d:ab:b6:db:15:50:7b:6b:d8:09:86:7e:9c:aa:
2f:eb:c7:d5:b3:1f:92:32:2a:79:ca:d6:97:bc:02:
0c:00:a4:47:06:91:47:60:37:7c:ed:d6:e1:bb:a6:
6a:00:69:cf:9b:26:35:f0:a6:39:45:e1:0f:87:4d:
45:2e:71:66:a5:8f:c2:46:27:52:54:77:41:ae:76:
bd:48:d2:4f:48:7a:a3:e1:80:f2:10:f6:da:80:9f:
96:97:c5:93:c9:69:f4:a0:e2:f5:10:9a:f4:5b:03:
e1:69:17:f0:f1:0a:e3:1e:7a:a1:0f:a6:4e:51:c4:
73:12:38:35:f2:b2:0d:88:cd:20:4d:6b:6e:f0:ab:
43:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2A:62:04:AF:F4:DE:12:41:A2:20:22:86:65:E2:74:5A:A0:14:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:33:55:c0:55:8d:ab:e8:15:40:82:32:df:d4:1e:ec:a7:06:
0e:e7:48:e6:26:ea:2c:b0:9e:28:8a:de:ba:f6:2f:46:01:4b:
77:40:75:5f:c4:4e:6c:af:87:83:f3:6e:0f:03:50:1b:7d:5b:
0e:ca:52:03:85:50:03:d0:b5:42:f1:a5:39:24:e0:db:5f:51:
35:85:4d:58:13:77:fa:26:b2:84:c7:64:43:bd:d9:56:32:24:
03:9c:96:b6:34:37:21:c0:96:ba:59:0f:0a:01:6f:14:56:88:
7b:aa:ee:d3:c7:21:18:f7:b7:16:01:11:6c:ae:75:ae:e4:21:
46:cf:d8:c9:ed:3b:c6:4e:35:f1:9d:50:5e:fe:80:92:3c:97:
9a:5a:bf:70:d1:b6:d5:0e:b5:11:83:14:c0:5d:b2:4d:0f:a0:
dd:3b:b2:65:1f:12:97:96:09:e4:6e:c8:54:f2:21:a8:d0:aa:
26:8b:0d:be:68:43:c0:27:bc:1e:ff:5c:dc:ef:32:af:48:61:
39:0f:a7:7e:7a:e2:34:bd:fc:95:51:e8:28:75:0b:53:85:77:
30:d2:45:cc:ab:c4:a2:96:5f:54:43:36:df:47:d0:57:76:e1:
5b:4f:22:f3:ac:df:40:05:b1:1e:57:df:ce:00:6f:b3:65:ae:
fd:b2:52:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL2uCAVbcWZbrtLL2op3v7lHf0qcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwNDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwYjZhY2IyMDNlMDNlNTQ5YjYwZjMwMGM4Njk5OTY1ZmY3YjY3OWMyZjJj
YTdmMjY0YjBmYjYzZjI5Nzg5YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZBEtuXL1nJfdC8l5Ak7clxsfICQ/0iaEJ/Gac1gLTRByLmIti4XYaVfXnK
aZ3PGi+9WBowQ0SGx9iY7PLjZWTHgJ9LqgNfYB2DGmoLbcNkIR+IWv8PugnMIk11
L+XCiJvcKmn15PJs6k5byXrLZg7eBLzEUjuk8A2rttsVUHtr2AmGfpyqL+vH1bMf
kjIqecrWl7wCDACkRwaRR2A3fO3W4bumagBpz5smNfCmOUXhD4dNRS5xZqWPwkYn
UlR3Qa52vUjST0h6o+GA8hD22oCflpfFk8lp9KDi9RCa9FsD4WkX8PEK4x56oQ+m
TlHEcxI4NfKyDYjNIE1rbvCrQ0UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRFKmIE
r/TeEkGiICKGZeJ0WqAUGDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQDLM1XAVY2r6BVAgjLf1B7spwYO50jmJuossJ4oit66
9i9GAUt3QHVfxE5sr4eD824PA1AbfVsOylIDhVAD0LVC8aU5JODbX1E1hU1YE3f6
JrKEx2RDvdlWMiQDnJa2NDchwJa6WQ8KAW8UVoh7qu7TxyEY97cWARFsrnWu5CFG
z9jJ7TvGTjXxnVBe/oCSPJeaWr9w0bbVDrURgxTAXbJND6DdO7JlHxKXlgnkbshU
8iGo0Komiw2+aEPAJ7we/1zc7zKvSGE5D6d+euI0vfyVUegodQtThXcw0kXMq8Si
ll9UQzbfR9BXduFbTyLzrN9ABbEeV9/OAG+zZa79slJ9
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:13 2025 by rpki-client