Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: LyvPm+gzZmhd5CqVCk1aTXl56fNf7ZjwAA4x2kEey+4=
Subject key identifier: 8B:05:C0:0A:B7:7F:F9:EC:81:08:8B:6C:EA:63:4F:A7:D2:DD:98:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69BD92D70ECB78D3B7A3A1556F1EA61232179D26
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Fri 25 Apr 2025 20:31:39 +0000
ROA not before: Fri 25 Apr 2025 20:31:39 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:bd:92:d7:0e:cb:78:d3:b7:a3:a1:55:6f:1e:a6:12:32:17:9d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:39 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=afe93ccf6ef207d857efa1e8db72809af7f0175ab1bbb812db6f15acc350b8b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:73:43:15:06:79:4d:f2:17:b8:68:84:20:
c8:21:57:05:24:62:ce:ff:cd:65:74:e1:f3:c0:f9:
8b:50:e1:02:b8:51:f1:8a:99:03:d0:9e:24:e8:8e:
d9:07:2d:6f:98:c9:9f:a6:f2:b0:af:c7:34:de:14:
97:70:4e:6e:a7:00:3f:1e:41:a6:3d:0a:a6:46:e5:
41:cc:71:91:39:26:76:1b:26:68:cd:a7:6c:11:21:
4a:45:e4:54:c5:f4:50:70:af:e6:bb:67:f6:ac:f0:
72:63:8f:9f:89:69:3e:d3:eb:d1:cb:fe:f0:61:84:
45:52:67:cd:98:0a:3f:c9:ea:2a:b3:cd:08:53:93:
b4:a3:fc:75:49:10:85:51:c0:c3:78:e4:b0:67:e5:
b5:62:1c:db:50:ab:ff:ea:e6:b1:d7:73:6a:e3:6e:
dc:0f:aa:07:92:da:b6:af:55:29:f9:c1:15:67:35:
79:a5:19:dd:8e:6a:87:f0:b2:81:b4:e8:84:8c:9d:
06:56:36:f7:af:d1:9c:2f:38:01:15:11:16:0d:6a:
39:89:d4:09:4d:13:88:49:78:ea:f7:86:ec:45:55:
15:b8:99:e8:fa:03:f9:34:eb:1c:6f:d1:5b:8c:28:
c8:7b:78:65:10:fa:57:c8:14:d7:2e:3b:5b:15:03:
e0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:05:C0:0A:B7:7F:F9:EC:81:08:8B:6C:EA:63:4F:A7:D2:DD:98:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:51:40:44:1a:74:5a:88:71:5b:3b:73:03:b3:f7:eb:18:c2:
6a:fd:43:2d:aa:69:65:56:0b:b7:6a:03:4a:34:4e:61:8e:3b:
bc:5b:bb:29:e6:fd:56:33:d9:96:e5:51:c7:de:88:cd:d8:3d:
b7:f4:e5:fd:20:c6:73:e6:a4:91:e0:bd:44:93:f3:f9:72:25:
2c:88:bd:d4:a9:7c:3d:e3:37:e2:e0:d0:a8:57:c3:38:96:56:
9d:b3:72:c8:ef:73:3a:a2:ec:4d:6d:ed:4a:32:a5:1f:98:0e:
2d:f8:06:62:d0:39:ee:6d:fc:22:c4:4b:a1:ad:18:b0:65:23:
eb:c0:e0:f3:96:81:f2:b1:99:3c:d0:e3:6f:21:b0:06:42:a2:
f6:e5:4b:f7:e7:09:d6:ba:80:22:1f:2e:1f:13:2f:5d:66:f7:
be:d6:58:0d:f0:8f:e7:9b:4d:df:2b:de:25:eb:dd:95:43:55:
96:fe:25:86:aa:89:9c:6e:5e:77:86:dc:b5:39:68:b8:4d:9a:
88:d6:96:97:d6:48:87:98:3b:65:f0:f7:c7:41:e1:c7:b4:5c:
ce:39:4f:7c:bc:f4:f4:b3:c7:e2:a4:7d:49:61:bc:94:c9:42:
2a:e5:5b:e7:ea:fa:c8:d2:b8:90:27:04:ec:2f:7c:d4:47:8d:
14:7c:3f:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUab2S1w7LeNO3o6FVbx6mEjIXnSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMzlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZTkzY2NmNmVmMjA3ZDg1N2VmYTFlOGRiNzI4MDlhZjdmMDE3NWFiMWJi
YjgxMmRiNmYxNWFjYzM1MGI4YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFfc0MVBnlN8he4aIQgyCFXBSRizv/NZXTh88D5i1DhArhR8YqZA9CeJOiO
2Qctb5jJn6bysK/HNN4Ul3BObqcAPx5Bpj0KpkblQcxxkTkmdhsmaM2nbBEhSkXk
VMX0UHCv5rtn9qzwcmOPn4lpPtPr0cv+8GGERVJnzZgKP8nqKrPNCFOTtKP8dUkQ
hVHAw3jksGfltWIc21Cr/+rmsddzauNu3A+qB5Latq9VKfnBFWc1eaUZ3Y5qh/Cy
gbTohIydBlY296/RnC84ARURFg1qOYnUCU0TiEl46veG7EVVFbiZ6PoD+TTrHG/R
W4woyHt4ZRD6V8gU1y47WxUD4IcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSLBcAK
t3/57IEIi2zqY0+n0t2YUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQAyUUBEGnRaiHFbO3MDs/frGMJq/UMtqmllVgu3agNK
NE5hjju8W7sp5v1WM9mW5VHH3ojN2D239OX9IMZz5qSR4L1Ek/P5ciUsiL3UqXw9
4zfi4NCoV8M4llads3LI73M6ouxNbe1KMqUfmA4t+AZi0DnubfwixEuhrRiwZSPr
wODzloHysZk80ONvIbAGQqL25Uv35wnWuoAiHy4fEy9dZve+1lgN8I/nm03fK94l
692VQ1WW/iWGqomcbl53hty1OWi4TZqI1paX1kiHmDtl8PfHQeHHtFzOOU98vPT0
s8fipH1JYbyUyUIq5Vvn6vrI0riQJwTsL3zUR40UfD+m
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:52:50 2025 by rpki-client