Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
File: fd04a54b-459a-491a-a013-59d0ed55825f.roa (raw, json)
Hash identifier: rwT6R3vguFZpc70Ha8mtaePqATpIufH3NduFib1vlw8=
Subject key identifier: 17:60:26:7D:52:31:4D:BE:A8:3C:6C:FE:8D:E7:07:19:00:32:5A:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E956A3283F9A3B2A848C83E34AB719683DFCB9C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
Signing time: Fri 25 Apr 2025 20:30:10 +0000
ROA not before: Fri 25 Apr 2025 20:30:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:95:6a:32:83:f9:a3:b2:a8:48:c8:3e:34:ab:71:96:83:df:cb:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d4bcac8338a6ee1573e5bc1fc496d2be32879d25fd3743ec58cf43784f3e9ed0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a9:56:11:e9:6f:a5:d5:a6:e7:4b:fb:b9:23:
48:e4:9d:63:55:bd:d1:f7:a0:8c:8b:8f:ba:9e:be:
1f:65:0b:b4:15:e6:4d:f9:4a:32:fc:af:6a:2a:98:
3a:43:2c:ce:5c:b4:82:2e:e8:a1:e6:e7:f5:6b:26:
d9:32:00:d1:9b:c6:7c:58:5c:51:23:72:8c:77:2a:
df:f2:b5:ae:6f:84:a5:86:dc:f9:96:7f:21:30:40:
ea:4c:bd:d7:8c:0a:95:58:04:d5:0f:98:a4:31:ec:
43:46:9d:de:ef:d2:c2:6f:14:95:8e:78:4d:e0:c6:
c6:95:f0:19:c4:bb:39:4c:58:fd:8a:ef:41:5e:f9:
79:0b:fd:38:40:4a:23:1c:e8:8f:8d:98:d6:f7:e9:
c9:94:38:47:a3:b1:50:29:3c:40:1e:a5:9e:98:7e:
c7:6b:f6:8c:b6:52:72:4d:66:9f:d5:f4:c9:8f:e3:
fc:39:5d:b3:ea:33:7b:4e:07:b0:32:da:04:f6:3a:
bb:4e:14:dc:94:d9:b3:ea:97:77:65:9c:b7:ed:b6:
71:e1:f6:05:32:6c:66:dc:0b:d6:b4:c7:61:be:bb:
b4:b3:71:38:13:29:47:aa:fa:82:87:96:95:df:48:
ce:95:2f:ae:6c:b9:d8:35:29:a5:df:e9:d9:f3:e0:
bf:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:60:26:7D:52:31:4D:BE:A8:3C:6C:FE:8D:E7:07:19:00:32:5A:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:0e:d1:83:39:e1:ec:d3:cb:b1:0e:3c:58:11:53:38:4a:01:
19:f7:0d:ef:b5:a6:ae:45:76:63:2e:f7:32:d6:c4:8f:e8:bd:
ca:de:48:9d:19:b2:fb:9c:0f:38:97:88:b2:b3:00:0c:21:6d:
7e:00:1d:76:41:d3:ae:a4:70:c1:a6:c2:15:d0:eb:6d:8d:01:
98:bb:5f:c7:ca:b8:c7:c9:9b:ec:85:fc:b6:de:a8:01:98:2f:
70:af:20:93:eb:13:f8:d1:91:c1:f4:1d:25:60:a8:cf:13:a9:
fa:39:1a:d9:bd:d5:81:dd:84:c0:88:25:14:67:5b:b1:2f:09:
99:c8:6b:f6:10:f0:e5:43:5d:f4:a8:f1:81:97:9a:91:8a:98:
e9:4a:b7:3c:0f:f1:52:a1:5b:fe:91:59:1f:de:74:58:df:38:
7b:16:3c:b7:86:5e:f6:67:be:ac:ef:e9:3e:06:5e:c4:42:4d:
7f:2d:02:ff:8c:95:a2:42:75:8f:0a:06:78:4d:5e:cd:1b:a4:
ff:bb:47:cc:c6:c7:9b:9c:b5:34:65:a3:a6:59:87:73:9e:9b:
fc:01:b3:51:cf:ea:f0:03:0a:6a:0a:3e:0b:eb:a1:79:fd:05:
5f:e7:45:f9:4c:bc:c9:37:b7:aa:33:01:5d:72:ec:dd:7a:b5:
cd:c4:b9:19
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTpVqMoP5o7KoSMg+NKtxloPfy5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0YmNhYzgzMzhhNmVlMTU3M2U1YmMxZmM0OTZkMmJlMzI4NzlkMjVmZDM3
NDNlYzU4Y2Y0Mzc4NGYzZTllZDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmpVhHpb6XVpudL+7kjSOSdY1W90fegjIuPup6+H2ULtBXmTflKMvyvaiqY
OkMszly0gi7ooebn9Wsm2TIA0ZvGfFhcUSNyjHcq3/K1rm+EpYbc+ZZ/ITBA6ky9
14wKlVgE1Q+YpDHsQ0ad3u/Swm8UlY54TeDGxpXwGcS7OUxY/YrvQV75eQv9OEBK
Ixzoj42Y1vfpyZQ4R6OxUCk8QB6lnph+x2v2jLZSck1mn9X0yY/j/Dlds+oze04H
sDLaBPY6u04U3JTZs+qXd2Wct+22ceH2BTJsZtwL1rTHYb67tLNxOBMpR6r6goeW
ld9IzpUvrmy52DUppd/p2fPgvx0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXYCZ9
UjFNvqg8bP6N5wcZADJamDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmQwNGE1NGItNDU5YS00OTFhLWEwMTMtNTlkMGVkNTU4MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQB4DtGDOeHs08uxDjxYEVM4SgEZ9w3vtaauRXZjLvcy
1sSP6L3K3kidGbL7nA84l4iyswAMIW1+AB12QdOupHDBpsIV0OttjQGYu1/HyrjH
yZvshfy23qgBmC9wryCT6xP40ZHB9B0lYKjPE6n6ORrZvdWB3YTAiCUUZ1uxLwmZ
yGv2EPDlQ130qPGBl5qRipjpSrc8D/FSoVv+kVkf3nRY3zh7Fjy3hl72Z76s7+k+
Bl7EQk1/LQL/jJWiQnWPCgZ4TV7NG6T/u0fMxsebnLU0ZaOmWYdznpv8AbNRz+rw
AwpqCj4L66F5/QVf50X5TLzJN7eqMwFdcuzderXNxLkZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:06 2025 by rpki-client