Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: N0mwe+uykdWOxgU3KWiUDstI7iycffEjNigWY/GfVnk=
Subject key identifier: 52:9E:AB:3E:27:CC:E0:F9:7A:08:30:5A:F2:56:EF:03:6D:B2:CB:15
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 296F2002288971BCDC39D9CDE7FBFEE90ED56A32
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Mon 17 Mar 2025 15:40:52 +0000
ROA not before: Mon 17 Mar 2025 15:40:52 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:6f:20:02:28:89:71:bc:dc:39:d9:cd:e7:fb:fe:e9:0e:d5:6a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:40:52 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7b:8f:85:e9:bd:31:e5:5a:29:5a:f5:0f:e6:
d9:2d:96:7c:fc:86:3d:9b:11:ee:45:3c:03:08:33:
d2:1c:0d:8f:9c:c9:13:9b:0c:fa:bd:7d:89:72:bf:
f1:e3:94:63:c8:9e:7f:e0:b7:e5:4b:12:60:40:37:
65:0e:ee:2f:83:9a:a7:54:7d:21:b3:83:9a:01:55:
10:04:ba:fe:ef:cf:68:51:a5:44:84:10:f0:c1:86:
b7:97:9a:75:71:10:c2:c1:2e:6e:84:b1:fb:d9:47:
d3:76:40:5c:f7:d3:60:23:95:dd:ea:c2:17:8b:39:
15:29:14:42:39:08:b9:87:09:89:d5:b8:66:e5:68:
a0:c9:d4:86:9d:b8:c1:4d:bf:56:c3:ed:64:fa:76:
75:7f:81:58:d3:81:b4:42:62:58:fd:86:34:8b:13:
04:87:1b:2f:9c:84:3a:48:19:90:a5:db:8f:03:7a:
ac:3e:9f:c0:50:64:b6:de:fb:2b:0d:43:7a:da:3a:
41:1a:d6:ee:64:2c:5b:5c:17:8c:7f:cd:7f:ea:c3:
33:e7:1c:24:25:5c:9f:c1:dc:64:67:b2:73:62:fa:
a9:d3:50:f8:d2:81:46:be:38:50:24:79:64:2c:ac:
d2:04:f0:38:be:46:eb:63:de:83:b7:2f:8f:47:e0:
21:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9E:AB:3E:27:CC:E0:F9:7A:08:30:5A:F2:56:EF:03:6D:B2:CB:15
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:ae:4b:b8:a6:fc:92:5f:e5:46:93:b1:04:3e:5e:85:81:2a:
62:f3:5b:d1:cc:27:90:13:6f:c5:67:a7:f7:7a:a9:d8:2c:5a:
9c:26:32:7d:30:d7:7e:14:99:13:15:7d:39:bb:16:b6:42:73:
b4:84:46:54:f2:f9:1e:0f:b6:8a:be:77:ea:33:d4:38:a8:d5:
d4:ec:f7:62:f0:6e:8d:71:c2:97:ca:6f:ef:21:20:26:ea:a8:
c1:e1:c0:51:82:e4:de:ea:72:18:4a:b3:ac:94:e6:d6:99:05:
24:8f:d6:b0:47:da:3a:2e:3a:f9:06:5f:06:3c:8d:f8:f4:b6:
73:a5:8d:de:f5:8b:86:50:01:84:e2:ad:a3:46:ad:ec:1b:7b:
79:af:2e:e7:af:d1:b7:ab:e3:f1:22:73:73:77:5c:b7:a1:50:
1e:82:7a:eb:b2:de:2e:27:0a:4f:53:7c:4f:ac:28:0b:e8:95:
26:ca:91:8c:e2:1a:c2:be:56:6e:9e:f2:7e:49:67:3e:94:50:
9e:52:aa:23:4e:99:a7:6e:23:c6:4a:95:d0:dc:4b:ed:1a:6c:
0c:ad:5e:cf:d5:fb:d9:f1:e1:d2:e6:15:b6:41:d0:05:ce:9c:
66:8e:ac:c7:94:8b:bc:e3:11:49:00:0c:a8:b8:a8:2d:94:26:
74:e4:26:06
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKW8gAiiJcbzcOdnN5/v+6Q7VajIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQwNTJaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0OTg4MDg4YWVmOTQ4OGNhZmFjMGU0MzkwM2I2MTdjNDkyNWRhNzY4YjBh
ZTBkMTkxN2Q2YjA2ZTg0NGVmYWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALF7j4XpvTHlWila9Q/m2S2WfPyGPZsR7kU8Awgz0hwNj5zJE5sM+r19iXK/
8eOUY8ief+C35UsSYEA3ZQ7uL4Oap1R9IbODmgFVEAS6/u/PaFGlRIQQ8MGGt5ea
dXEQwsEuboSx+9lH03ZAXPfTYCOV3erCF4s5FSkUQjkIuYcJidW4ZuVooMnUhp24
wU2/VsPtZPp2dX+BWNOBtEJiWP2GNIsTBIcbL5yEOkgZkKXbjwN6rD6fwFBktt77
Kw1Deto6QRrW7mQsW1wXjH/Nf+rDM+ccJCVcn8HcZGeyc2L6qdNQ+NKBRr44UCR5
ZCys0gTwOL5G62Peg7cvj0fgIYMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSnqs+
J8zg+XoIMFryVu8DbbLLFTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQBSrku4pvySX+VGk7EEPl6FgSpi81vRzCeQE2/FZ6f3
eqnYLFqcJjJ9MNd+FJkTFX05uxa2QnO0hEZU8vkeD7aKvnfqM9Q4qNXU7Pdi8G6N
ccKXym/vISAm6qjB4cBRguTe6nIYSrOslObWmQUkj9awR9o6Ljr5Bl8GPI349LZz
pY3e9YuGUAGE4q2jRq3sG3t5ry7nr9G3q+PxInNzd1y3oVAegnrrst4uJwpPU3xP
rCgL6JUmypGM4hrCvlZunvJ+SWc+lFCeUqojTpmnbiPGSpXQ3EvtGmwMrV7P1fvZ
8eHS5hW2QdAFzpxmjqzHlIu84xFJAAyouKgtlCZ05CYG
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:23 2025 by rpki-client