Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
File: fc353215-935f-47d2-9298-767ccc0eae1a.roa (raw, json)
Hash identifier: 0AkVUhzfc2n81DkO1gCkIldan4Q1UkRuBjMUaLMoQG8=
Subject key identifier: 5B:92:A2:DE:9A:20:73:94:22:25:5D:91:7A:5E:1C:19:6A:3C:7A:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23256A031CFCF97DBC7FF8C8CE4151FC31D1BF59
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
Signing time: Fri 25 Apr 2025 20:40:48 +0000
ROA not before: Fri 25 Apr 2025 20:40:48 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:25:6a:03:1c:fc:f9:7d:bc:7f:f8:c8:ce:41:51:fc:31:d1:bf:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:48 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=005bbe661f39bc5cd478de0c3faf63ea3f275f9a6f1999dc1548901304e28f9e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:66:41:4d:48:d9:b9:57:03:c3:63:93:5c:ef:
96:51:43:61:ff:d8:b7:84:45:68:d8:c7:3e:c6:13:
12:90:07:5e:f0:8e:f5:f2:fd:a9:1b:76:d3:0b:97:
84:e6:ac:ef:77:05:e1:cf:de:36:18:59:41:64:2c:
d6:7d:ea:60:29:e5:41:fd:cc:66:f2:8c:d9:50:d8:
90:f4:2f:79:28:21:bf:32:2d:ab:18:7c:81:55:35:
52:f5:56:4c:6e:b5:35:b1:c1:2a:88:79:96:f2:8d:
ab:bb:15:1c:62:55:39:f0:2b:c4:42:7d:1c:46:cb:
f1:36:e5:d2:7c:e0:f3:b6:c6:f5:6d:ae:4f:e9:ac:
38:ff:2a:79:50:03:fa:84:9d:34:79:76:92:bd:f2:
64:fd:a1:8f:9a:40:98:8d:d7:92:0b:32:fd:61:f8:
23:76:08:c3:54:9a:d0:21:41:f4:6a:b5:50:1f:82:
41:fa:92:aa:2d:39:45:71:d5:18:cd:2a:85:ec:b6:
15:59:d7:f9:5e:a6:92:b8:c9:f7:1c:cc:b0:dd:6c:
2b:e4:e9:e4:2c:a3:fb:71:81:1f:4c:db:56:c9:c9:
5f:5a:1b:0f:cf:30:17:1e:00:64:5a:4e:49:3c:a9:
19:b1:a2:4f:7b:fe:61:b8:09:6c:8e:d5:bd:f0:04:
cf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:92:A2:DE:9A:20:73:94:22:25:5D:91:7A:5E:1C:19:6A:3C:7A:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:38:ca:0e:8b:55:fb:c8:8c:90:2a:4d:c1:67:19:a9:f2:e4:
ec:6c:b7:5f:ca:55:55:53:f0:20:d2:d2:d8:ba:08:df:35:d7:
49:be:22:3f:2e:4d:cc:fd:f1:ac:c5:4c:e7:04:f5:a0:f3:09:
2a:5f:f9:a1:6c:2f:57:a1:9c:4e:fa:1c:80:9a:84:9a:dc:c6:
f2:c7:53:b8:85:e7:12:1d:c2:dd:ec:52:52:67:0b:11:83:da:
e5:19:7c:ca:5b:50:f4:36:1b:24:a7:65:fe:37:1b:67:3d:c8:
aa:13:40:91:94:4f:e8:0e:aa:48:e5:9b:a7:88:72:5e:4b:32:
d0:32:f1:c0:6a:2f:99:bb:c2:3b:0b:b4:45:38:94:5e:68:42:
2d:1e:62:0e:38:97:03:83:9f:64:28:b8:70:9c:01:32:ff:cc:
c5:ea:c3:2a:c9:57:d1:07:bc:7a:40:5d:8e:c5:70:bd:63:f8:
93:3a:ce:f8:a5:6b:8b:16:1c:72:41:42:d3:0a:46:0e:83:d0:
81:5a:60:a4:e7:66:83:01:62:87:55:3c:ab:98:63:97:76:c1:
ce:e0:da:95:12:e7:f1:68:a7:c5:2d:2e:74:65:3a:5d:49:97:
6e:40:40:71:99:63:9c:75:05:f9:3a:a9:36:c7:2f:6b:0e:d3:
e0:d3:2c:c0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIyVqAxz8+X28f/jIzkFR/DHRv1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwNDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNWJiZTY2MWYzOWJjNWNkNDc4ZGUwYzNmYWY2M2VhM2YyNzVmOWE2ZjE5
OTlkYzE1NDg5MDEzMDRlMjhmOWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJmQU1I2blXA8Njk1zvllFDYf/Yt4RFaNjHPsYTEpAHXvCO9fL9qRt20wuX
hOas73cF4c/eNhhZQWQs1n3qYCnlQf3MZvKM2VDYkPQveSghvzItqxh8gVU1UvVW
TG61NbHBKoh5lvKNq7sVHGJVOfArxEJ9HEbL8Tbl0nzg87bG9W2uT+msOP8qeVAD
+oSdNHl2kr3yZP2hj5pAmI3Xkgsy/WH4I3YIw1Sa0CFB9Gq1UB+CQfqSqi05RXHV
GM0qhey2FVnX+V6mkrjJ9xzMsN1sK+Tp5Cyj+3GBH0zbVsnJX1obD88wFx4AZFpO
STypGbGiT3v+YbgJbI7VvfAEzxECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRbkqLe
miBzlCIlXZF6XhwZajx61zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmMzNTMyMTUtOTM1Zi00N2QyLTkyOTgtNzY3Y2NjMGVhZTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQCUOMoOi1X7yIyQKk3BZxmp8uTsbLdfylVVU/Ag0tLY
ugjfNddJviI/Lk3M/fGsxUznBPWg8wkqX/mhbC9XoZxO+hyAmoSa3Mbyx1O4hecS
HcLd7FJSZwsRg9rlGXzKW1D0Nhskp2X+NxtnPciqE0CRlE/oDqpI5ZuniHJeSzLQ
MvHAai+Zu8I7C7RFOJReaEItHmIOOJcDg59kKLhwnAEy/8zF6sMqyVfRB7x6QF2O
xXC9Y/iTOs74pWuLFhxyQULTCkYOg9CBWmCk52aDAWKHVTyrmGOXdsHO4NqVEufx
aKfFLS50ZTpdSZduQEBxmWOcdQX5Oqk2xy9rDtPg0yzA
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:51:12 2025 by rpki-client