Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: qcj/vXTlL3BgWlnaBVZv2u6cBxPPTfXMDfik2jV6Fcg=
Subject key identifier: 5A:59:81:3D:51:94:02:87:63:A2:BA:6E:35:D8:6A:47:A5:F9:B0:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D30592E8F5F2F8D9B7906F4621E351D14746D51
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Fri 25 Apr 2025 20:30:24 +0000
ROA not before: Fri 25 Apr 2025 20:30:24 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:30:59:2e:8f:5f:2f:8d:9b:79:06:f4:62:1e:35:1d:14:74:6d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:24 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=23ae8fa4a215c8004f9a1214d6915e3c54d404b332c27cd977580b80c54a335a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4d:96:3a:76:8c:72:af:8e:4b:f8:21:ef:2d:
ad:47:65:82:5e:ad:ea:74:63:09:b4:7b:e2:36:90:
97:b0:b0:7d:0f:22:7b:05:5e:d3:c0:2e:98:26:48:
f4:18:a2:36:55:cd:62:7d:cc:f2:ee:17:d1:f6:35:
e9:60:be:70:68:5b:92:0d:81:40:f0:49:00:1f:91:
5e:a7:8b:d8:0c:b9:0a:e7:b8:c7:65:bb:2e:ce:c2:
4e:e0:f9:dc:c9:c1:04:be:20:f3:79:10:fa:cd:f4:
7f:85:d0:57:91:c6:64:d7:71:95:fc:46:01:86:b9:
c3:76:de:c2:04:ec:85:f2:cf:b8:87:87:63:59:33:
5a:2b:bd:7b:d2:d9:cf:c8:71:71:31:b0:97:2f:36:
be:c5:45:a2:13:39:ca:2a:e3:95:f1:15:b8:17:a7:
fa:6f:46:ed:35:46:9b:62:92:8b:d1:ba:20:91:a6:
e1:c9:0f:8e:85:66:ab:7f:82:40:64:7c:12:9d:8e:
68:1e:af:a2:fd:d3:f8:90:45:0b:dd:54:69:d4:ec:
e0:68:b8:be:7a:87:d1:fa:70:2e:64:6f:e2:9f:98:
c0:e9:63:7e:76:b4:bd:aa:b2:01:b3:77:fb:ba:b1:
94:03:eb:db:b2:eb:e5:ba:55:eb:67:a6:ae:1e:46:
bc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:59:81:3D:51:94:02:87:63:A2:BA:6E:35:D8:6A:47:A5:F9:B0:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ba:1a:5d:9b:42:5c:74:14:42:9c:06:ea:61:3b:f3:6b:fe:76:
eb:b9:0f:7c:28:f9:17:6d:48:81:bc:17:19:2f:61:e6:c9:c9:
bc:e7:cd:36:32:c2:78:bb:de:c6:6a:cb:22:22:80:0f:55:75:
8c:c3:02:64:b8:61:ae:b8:41:b0:95:bb:89:8b:99:b8:fd:90:
c0:34:3d:82:32:7a:36:4c:f4:4b:29:72:10:13:fd:99:aa:4c:
12:5d:d0:4c:65:4e:78:1a:29:d4:92:35:59:be:66:a1:f0:be:
dc:50:ed:5c:1e:42:df:65:13:89:b0:a3:54:a6:66:9d:b4:fc:
ea:8f:b1:f0:8c:38:d6:1a:19:4b:24:c6:37:8f:39:7a:5c:9a:
5d:09:b5:14:8e:ce:7d:11:2f:f2:de:8b:56:92:08:c9:5c:1e:
17:05:46:13:b9:37:03:a4:31:03:7e:f8:e9:01:3a:9f:97:7c:
c1:42:cf:aa:5f:d7:34:df:14:c2:d4:23:51:45:eb:52:e1:86:
73:52:6f:82:b5:fe:64:e4:42:df:b9:fb:be:9e:4a:62:1d:d2:
72:95:dc:de:25:a1:aa:5a:cc:1b:ae:50:95:14:3f:9b:aa:8e:
6f:80:93:0f:74:64:53:2b:67:04:7d:9d:62:f9:fc:97:80:d1:
0e:3b:96:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfTBZLo9fL42beQb0Yh41HRR0bVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMjRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzYWU4ZmE0YTIxNWM4MDA0ZjlhMTIxNGQ2OTE1ZTNjNTRkNDA0YjMzMmMy
N2NkOTc3NTgwYjgwYzU0YTMzNWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtNljp2jHKvjkv4Ie8trUdlgl6t6nRjCbR74jaQl7CwfQ8iewVe08AumCZI
9BiiNlXNYn3M8u4X0fY16WC+cGhbkg2BQPBJAB+RXqeL2Ay5Cue4x2W7Ls7CTuD5
3MnBBL4g83kQ+s30f4XQV5HGZNdxlfxGAYa5w3bewgTshfLPuIeHY1kzWiu9e9LZ
z8hxcTGwly82vsVFohM5yirjlfEVuBen+m9G7TVGm2KSi9G6IJGm4ckPjoVmq3+C
QGR8Ep2OaB6vov3T+JBFC91UadTs4Gi4vnqH0fpwLmRv4p+YwOljfna0vaqyAbN3
+7qxlAPr27Lr5bpV62emrh5GvM8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRaWYE9
UZQCh2Oium412GpHpfmwCTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQC6Gl2bQlx0FEKcBuphO/Nr/nbruQ98KPkXbUiBvBcZ
L2Hmycm85802MsJ4u97GassiIoAPVXWMwwJkuGGuuEGwlbuJi5m4/ZDAND2CMno2
TPRLKXIQE/2ZqkwSXdBMZU54GinUkjVZvmah8L7cUO1cHkLfZROJsKNUpmadtPzq
j7HwjDjWGhlLJMY3jzl6XJpdCbUUjs59ES/y3otWkgjJXB4XBUYTuTcDpDEDfvjp
ATqfl3zBQs+qX9c03xTC1CNRRetS4YZzUm+Ctf5k5ELfufu+nkpiHdJyldzeJaGq
WswbrlCVFD+bqo5vgJMPdGRTK2cEfZ1i+fyXgNEOO5bv
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:32 2025 by rpki-client