Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
File: ef3e6945-57bf-41fe-9e98-2db6c2800547.roa (raw, json)
Hash identifier: Y5wfp72hV8ZBCIv3YJ3i2LQbO7GUsUS6xzwjw+ugvdI=
Subject key identifier: ED:AD:73:ED:55:DD:61:D5:5E:28:69:87:9B:3D:C6:01:A7:9B:48:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E4FEB3AA87197B472E331F99120511D0AE8835C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
Signing time: Fri 25 Apr 2025 20:40:07 +0000
ROA not before: Fri 25 Apr 2025 20:40:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:4f:eb:3a:a8:71:97:b4:72:e3:31:f9:91:20:51:1d:0a:e8:83:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=007b1c8bb8e470ac8f236cbaf1d45dd15b7dfc6b4aa3838dd9f1ec45b3f8d144, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ad:5c:d5:2a:c3:aa:e0:27:84:63:e2:4b:3e:
a6:8a:c6:68:5a:64:dc:0f:c5:2c:42:24:a7:38:62:
03:d3:e2:5e:44:99:2e:04:b4:d6:ac:62:08:7f:90:
55:b1:5c:49:0a:f0:60:f1:01:e9:cf:02:ef:22:9a:
94:a6:ce:c3:2a:b3:c9:ab:5d:c1:33:20:6d:5d:01:
af:3a:37:06:75:6f:01:b2:2d:66:d2:ee:1f:7b:09:
50:31:c8:a5:c9:72:40:96:91:be:33:e0:08:9f:2c:
11:30:fc:c9:7f:32:e9:02:4d:87:ca:29:01:4e:e0:
31:5b:0e:16:c9:33:53:e8:67:aa:61:cb:24:c4:62:
04:18:4f:16:98:6d:a4:ea:bc:ea:cb:9e:32:0a:76:
08:a1:18:30:9b:4f:b5:2a:bc:4f:df:a1:db:69:0f:
40:1c:ef:50:e7:3c:82:c4:3a:70:56:eb:71:a6:18:
b3:fc:a0:ca:f7:56:de:7d:7e:e3:d6:cf:7a:82:1a:
71:8a:e4:8b:92:ec:2b:61:21:ef:ef:5c:d7:7c:85:
94:93:a8:6f:77:2f:3d:89:ad:92:52:3e:f3:93:81:
b9:b6:e9:ba:73:44:34:3e:d0:e9:a2:80:22:9b:ea:
19:05:69:25:71:88:0b:81:ae:73:a7:02:34:f1:1a:
dc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:AD:73:ED:55:DD:61:D5:5E:28:69:87:9B:3D:C6:01:A7:9B:48:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2d:52:df:11:34:8a:83:c7:54:c1:b0:3d:5b:25:4f:95:d1:31:
44:74:3d:c4:1a:f9:87:ec:96:c4:06:04:98:57:a7:11:3b:47:
81:c8:dd:fe:a8:79:a9:78:23:31:8c:fd:a2:40:51:07:74:81:
6b:91:6b:91:a1:18:1d:a1:38:ab:38:1c:b5:6c:09:cb:21:ab:
84:d4:9f:49:39:0c:20:12:31:16:03:ca:73:73:cd:c2:da:b6:
df:78:43:92:94:eb:47:a7:8e:d0:a8:18:a1:ef:fb:07:99:a4:
f5:ba:59:bc:27:77:49:97:df:bb:cb:2f:9f:fe:71:4a:49:3b:
03:a8:2b:14:2d:72:6e:eb:2f:67:95:31:bb:09:eb:ca:6d:5a:
cc:d7:69:7a:08:6b:e5:4e:2e:2e:e9:c0:59:4f:f3:7e:81:6c:
37:73:30:0a:1c:0c:f7:28:34:94:f0:71:af:6a:40:72:57:fd:
26:d6:65:75:36:15:89:07:db:6a:98:6b:3e:3f:10:7e:5d:28:
f3:34:36:03:c6:91:c3:e8:e3:d4:80:36:56:1c:95:7a:78:31:
68:ea:26:71:71:a5:36:3d:e1:e0:db:ef:56:bf:46:8d:4a:1b:
22:83:fa:b7:72:5b:00:7b:53:9f:c1:db:1c:2e:ac:3b:55:33:
af:5b:db:32
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbk/rOqhxl7Ry4zH5kSBRHQrog1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwN2IxYzhiYjhlNDcwYWM4ZjIzNmNiYWYxZDQ1ZGQxNWI3ZGZjNmI0YWEz
ODM4ZGQ5ZjFlYzQ1YjNmOGQxNDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+tXNUqw6rgJ4Rj4ks+porGaFpk3A/FLEIkpzhiA9PiXkSZLgS01qxiCH+Q
VbFcSQrwYPEB6c8C7yKalKbOwyqzyatdwTMgbV0Brzo3BnVvAbItZtLuH3sJUDHI
pclyQJaRvjPgCJ8sETD8yX8y6QJNh8opAU7gMVsOFskzU+hnqmHLJMRiBBhPFpht
pOq86sueMgp2CKEYMJtPtSq8T9+h22kPQBzvUOc8gsQ6cFbrcaYYs/ygyvdW3n1+
49bPeoIacYrki5LsK2Eh7+9c13yFlJOob3cvPYmtklI+85OBubbpunNEND7Q6aKA
IpvqGQVpJXGIC4Guc6cCNPEa3KsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTtrXPt
Vd1h1V4oaYebPcYBp5tIGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYzZTY5NDUtNTdiZi00MWZlLTllOTgtMmRiNmMyODAwNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQAtUt8RNIqDx1TBsD1bJU+V0TFEdD3EGvmH7JbEBgSY
V6cRO0eByN3+qHmpeCMxjP2iQFEHdIFrkWuRoRgdoTirOBy1bAnLIauE1J9JOQwg
EjEWA8pzc83C2rbfeEOSlOtHp47QqBih7/sHmaT1ulm8J3dJl9+7yy+f/nFKSTsD
qCsULXJu6y9nlTG7CevKbVrM12l6CGvlTi4u6cBZT/N+gWw3czAKHAz3KDSU8HGv
akByV/0m1mV1NhWJB9tqmGs+PxB+XSjzNDYDxpHD6OPUgDZWHJV6eDFo6iZxcaU2
PeHg2+9Wv0aNShsig/q3clsAe1OfwdscLqw7VTOvW9sy
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:14 2025 by rpki-client