Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: yehs8VapMR8NkCYKhpd8AKXBYov3pZnxaQlv7fKUwn8=
Subject key identifier: 78:80:84:F7:B7:74:DE:C9:C6:E1:80:5D:23:A2:3E:BB:7E:F6:09:B2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 755C4DCF223BDF3AA6345E918CC525BCF3D032F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Tue 20 May 2025 20:50:05 +0000
ROA not before: Tue 20 May 2025 20:50:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:5c:4d:cf:22:3b:df:3a:a6:34:5e:91:8c:c5:25:bc:f3:d0:32:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2b000cb815361737d5f5ad661d3da621bf47525616007f60c705f35497bc64a9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8f:59:81:e4:b5:a5:cd:d6:f0:ef:45:5e:78:
c9:e4:15:60:c1:3c:fc:82:e5:17:e4:1d:af:b1:ba:
e8:89:32:02:b3:b5:c8:c8:be:6e:83:af:a6:f0:a2:
c6:65:aa:7d:06:3f:b8:d4:73:74:47:a1:2d:04:92:
f6:ae:2a:4c:5c:eb:bf:cb:bc:9d:09:59:f2:9b:9c:
f0:c6:84:7c:98:a7:75:41:14:9a:04:86:d0:eb:6c:
c6:9e:26:32:2c:3a:17:51:77:f1:61:f9:f5:ae:d8:
45:67:46:31:a3:27:5c:d8:b6:6e:dc:ba:bd:41:c9:
75:14:1f:0e:e4:b6:f9:55:10:20:d6:8f:1c:6d:9e:
2a:1e:5e:8c:73:81:a5:b7:55:bb:f0:ef:1e:45:d3:
22:ef:13:53:9b:51:09:ae:76:aa:e1:3b:6b:66:19:
6b:77:9a:6a:5d:be:6c:0e:b9:dd:35:b3:dc:b2:86:
59:3e:0c:4d:64:ab:b6:41:5b:78:cd:18:c2:6b:ba:
64:ad:7d:81:98:e8:1b:26:dd:bd:22:3c:af:a6:cd:
84:55:7c:c0:12:eb:ee:bc:d8:2d:b4:9b:ed:0b:d6:
a1:24:71:6f:a4:09:7c:82:a6:1b:e4:93:f6:5d:f9:
9a:b7:24:92:5e:fb:60:90:c4:01:95:91:99:33:a6:
70:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:80:84:F7:B7:74:DE:C9:C6:E1:80:5D:23:A2:3E:BB:7E:F6:09:B2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:00:87:3d:26:9b:19:e8:f3:6c:97:2e:1c:71:eb:f8:97:95:
d4:69:b4:9a:de:bd:c3:51:78:fb:6c:78:fb:86:80:6a:7a:4a:
ea:d1:2b:11:be:7e:31:2d:07:bb:8d:24:6c:f5:39:a1:18:42:
37:29:74:72:30:08:33:f4:44:14:eb:79:27:ad:fd:20:a0:eb:
25:06:08:75:ce:96:0d:e2:38:4b:7e:3b:fd:60:0e:b3:99:fc:
33:cf:88:21:f6:12:63:28:a8:cf:79:e4:a9:da:09:ad:0a:82:
74:75:31:92:39:61:d9:22:ce:60:ec:52:58:e3:a6:c5:1a:59:
9f:28:2a:46:70:46:6f:bb:a3:05:1b:a5:c8:96:cd:59:1e:b6:
55:0e:6d:e3:84:05:21:e1:5c:a6:a6:01:c6:43:d9:46:90:45:
06:d3:40:4d:27:90:ce:22:8e:08:01:01:06:e3:9d:c6:c8:a0:
f5:66:9b:fa:12:2d:d6:af:ad:33:0d:26:05:c2:b6:75:11:ab:
39:90:96:22:4a:21:48:d8:ce:42:64:62:5f:6b:c7:3a:46:b1:
10:0c:77:32:5f:6a:b1:1b:f4:0a:f4:20:94:6b:f3:92:4b:b2:
b7:c6:e5:46:d0:44:5d:81:68:dd:d4:55:0f:de:3a:79:4c:3d:
68:61:ff:cd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdVxNzyI73zqmNF6RjMUlvPPQMvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiMDAwY2I4MTUzNjE3MzdkNWY1YWQ2NjFkM2RhNjIxYmY0NzUyNTYxNjAw
N2Y2MGM3MDVmMzU0OTdiYzY0YTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALePWYHktaXN1vDvRV54yeQVYME8/ILlF+Qdr7G66IkyArO1yMi+boOvpvCi
xmWqfQY/uNRzdEehLQSS9q4qTFzrv8u8nQlZ8puc8MaEfJindUEUmgSG0Otsxp4m
Miw6F1F38WH59a7YRWdGMaMnXNi2bty6vUHJdRQfDuS2+VUQINaPHG2eKh5ejHOB
pbdVu/DvHkXTIu8TU5tRCa52quE7a2YZa3eaal2+bA653TWz3LKGWT4MTWSrtkFb
eM0Ywmu6ZK19gZjoGybdvSI8r6bNhFV8wBLr7rzYLbSb7QvWoSRxb6QJfIKmG+ST
9l35mrckkl77YJDEAZWRmTOmcG8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4gIT3
t3TeycbhgF0joj67fvYJsjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQAwAIc9JpsZ6PNsly4ccev4l5XUabSa3r3DUXj7bHj7
hoBqekrq0SsRvn4xLQe7jSRs9TmhGEI3KXRyMAgz9EQU63knrf0goOslBgh1zpYN
4jhLfjv9YA6zmfwzz4gh9hJjKKjPeeSp2gmtCoJ0dTGSOWHZIs5g7FJY46bFGlmf
KCpGcEZvu6MFG6XIls1ZHrZVDm3jhAUh4VympgHGQ9lGkEUG00BNJ5DOIo4IAQEG
453GyKD1Zpv6Ei3Wr60zDSYFwrZ1Eas5kJYiSiFI2M5CZGJfa8c6RrEQDHcyX2qx
G/QK9CCUa/OSS7K3xuVG0ERdgWjd1FUP3jp5TD1oYf/N
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:34 2025 by rpki-client