Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: fPhrtplb75EhGbwUmNT+fPatljggY+cbJnuFd10YYgY=
Subject key identifier: D2:3D:6B:24:AA:2B:4F:78:AF:BA:C2:2E:5D:04:CD:93:CE:60:95:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38662B18D35E55FE3DAF32B61433EB48628B2406
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Fri 25 Apr 2025 20:40:38 +0000
ROA not before: Fri 25 Apr 2025 20:40:38 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:66:2b:18:d3:5e:55:fe:3d:af:32:b6:14:33:eb:48:62:8b:24:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:38 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9c6d67b176cd449c83dac600eaf0cdfc574a9b448062b81dc080425875c31230, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ab:11:1f:4e:67:e3:94:f3:f4:17:fe:9a:1c:
b6:45:6d:96:a7:b6:a7:f4:3e:93:84:9a:cc:e1:85:
3d:cd:87:30:4e:f3:df:2d:57:66:3f:20:8d:97:dc:
a5:0a:26:4d:8c:91:8f:20:25:f8:a7:16:11:66:9a:
29:57:6a:51:e8:c7:d1:37:95:2b:a6:e0:da:60:2b:
83:f2:a1:45:32:41:e4:d1:90:c7:4a:15:ca:8d:3c:
3c:d4:25:3a:a2:ca:d5:16:ea:63:e7:18:a8:19:4b:
11:7f:ab:cf:11:f2:bc:cf:ec:50:40:ef:5f:15:bb:
1d:51:a7:dc:aa:66:3a:44:22:25:9b:a3:d3:41:1a:
a9:eb:a6:04:c6:ab:88:bd:f4:fb:24:f4:b9:a7:07:
9f:27:e5:b5:3f:07:25:82:49:14:e5:08:2f:92:d5:
c3:c4:b4:1c:df:d3:2f:5c:13:2e:43:22:08:bb:29:
25:7e:c1:dd:f5:4f:91:1e:02:c5:11:d8:ae:94:8c:
1f:1a:3d:f1:5c:81:e5:32:93:8b:03:17:35:c7:95:
2f:b3:03:74:5a:e8:87:c3:3c:bf:45:08:67:0f:22:
73:a4:ba:0d:b4:40:49:bb:1a:55:63:4f:85:2a:4f:
93:8e:f1:a8:41:88:cf:81:0c:be:d0:cf:5d:3d:d8:
6a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3D:6B:24:AA:2B:4F:78:AF:BA:C2:2E:5D:04:CD:93:CE:60:95:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:92:24:d1:41:e7:ba:9b:80:5f:0f:d3:38:27:df:8f:92:1d:
5f:78:be:c4:12:c8:bf:0e:77:5a:22:15:81:ba:ef:dd:87:8b:
67:6c:fa:15:a8:a4:8a:7c:46:b2:5f:35:ec:78:12:6e:5d:5f:
9f:ff:13:6d:59:9d:ac:15:a1:2e:e8:8d:11:15:3b:96:a9:28:
c0:57:8f:85:ce:5b:36:76:66:53:6f:22:97:6c:3f:a7:10:70:
46:ce:a1:e1:d2:12:22:61:2c:27:86:22:96:19:55:3d:9e:dc:
5b:e0:f5:cc:eb:43:44:0b:e6:5d:36:60:5e:d0:fd:08:5d:69:
8b:6d:3d:64:69:2b:9e:c2:11:bf:91:70:ed:a3:67:64:dc:45:
b6:dd:c3:c8:5a:e0:b7:ff:33:37:e7:03:cf:6a:41:e3:f5:40:
e4:a7:f6:aa:21:81:74:d2:90:f0:81:63:61:3c:c6:b0:67:31:
b1:73:1d:a2:53:dd:43:ea:1c:cc:78:57:1b:f7:a8:ca:ef:7d:
22:89:2e:76:8c:39:27:50:e6:b9:e5:c5:e3:07:9b:18:9b:0e:
1e:07:81:8b:5f:81:19:b4:ab:3d:9c:37:81:40:16:42:9a:53:
83:0a:fe:a8:4b:10:d5:49:03:f9:bb:d5:c2:4c:46:f0:6b:0b:
4c:57:8e:8a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOGYrGNNeVf49rzK2FDPrSGKLJAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMzhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDljNmQ2N2IxNzZjZDQ0OWM4M2RhYzYwMGVhZjBjZGZjNTc0YTliNDQ4MDYy
YjgxZGMwODA0MjU4NzVjMzEyMzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGrER9OZ+OU8/QX/poctkVtlqe2p/Q+k4SazOGFPc2HME7z3y1XZj8gjZfc
pQomTYyRjyAl+KcWEWaaKVdqUejH0TeVK6bg2mArg/KhRTJB5NGQx0oVyo08PNQl
OqLK1RbqY+cYqBlLEX+rzxHyvM/sUEDvXxW7HVGn3KpmOkQiJZuj00EaqeumBMar
iL30+yT0uacHnyfltT8HJYJJFOUIL5LVw8S0HN/TL1wTLkMiCLspJX7B3fVPkR4C
xRHYrpSMHxo98VyB5TKTiwMXNceVL7MDdFroh8M8v0UIZw8ic6S6DbRASbsaVWNP
hSpPk47xqEGIz4EMvtDPXT3YatUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTSPWsk
qitPeK+6wi5dBM2TzmCVSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQBokiTRQee6m4BfD9M4J9+Pkh1feL7EEsi/DndaIhWB
uu/dh4tnbPoVqKSKfEayXzXseBJuXV+f/xNtWZ2sFaEu6I0RFTuWqSjAV4+Fzls2
dmZTbyKXbD+nEHBGzqHh0hIiYSwnhiKWGVU9ntxb4PXM60NEC+ZdNmBe0P0IXWmL
bT1kaSuewhG/kXDto2dk3EW23cPIWuC3/zM35wPPakHj9UDkp/aqIYF00pDwgWNh
PMawZzGxcx2iU91D6hzMeFcb96jK730iiS52jDknUOa55cXjB5sYmw4eB4GLX4EZ
tKs9nDeBQBZCmlODCv6oSxDVSQP5u9XCTEbwawtMV46K
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:48:52 2025 by rpki-client