Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
File: 94c2a36e-245b-439a-bf61-04132c5df5a4.roa (raw, json)
Hash identifier: Xz63HMi7lpkt1SmtQdDhloHBgSyW3+m58cRGCCxNAZw=
Subject key identifier: 1C:62:E0:B2:41:19:4C:1A:00:46:3A:C9:3D:0F:0A:00:A6:84:A1:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19ACC9B95920F60540439C3BD5A10EF83733EA37
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
Signing time: Mon 31 Mar 2025 21:31:11 +0000
ROA not before: Mon 31 Mar 2025 21:31:11 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:ac:c9:b9:59:20:f6:05:40:43:9c:3b:d5:a1:0e:f8:37:33:ea:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 31 21:31:11 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6d:4e:48:1a:10:07:79:da:59:5e:26:d9:6b:
b6:d3:34:b6:87:c5:f9:2d:cb:b2:26:ff:b6:4a:52:
4e:e4:7e:90:f5:08:6d:ca:38:0e:e8:ad:67:86:86:
2a:03:2b:7d:9f:da:57:62:4d:73:1d:42:17:a6:f2:
16:2a:61:4b:a5:f2:69:2b:2d:7b:62:2a:14:b1:26:
11:58:fb:3b:ea:03:6c:c6:83:29:e3:95:05:8a:5c:
63:ac:dd:f5:ff:a6:d1:39:49:47:9f:a7:a8:a2:3f:
d9:aa:22:3a:c6:99:f1:ab:85:ba:dc:85:04:3b:bb:
f9:e3:f3:f4:ae:cb:7d:e8:ea:dd:d7:5a:8a:58:c3:
c5:d8:2a:d1:37:6c:40:38:53:89:c1:59:fb:10:99:
fd:43:a6:1f:10:5a:9b:ed:ae:2e:3d:a4:00:41:a6:
ed:9a:be:88:c3:c6:55:dd:4e:38:d5:cd:b7:bf:f3:
cb:17:08:26:ea:4e:1c:ca:a7:2a:7d:d0:d2:ea:d6:
2a:a1:0d:a0:08:e9:41:ba:26:12:ec:db:c7:89:a8:
25:a9:50:18:f8:cb:94:b3:c0:a3:93:21:a0:dd:84:
ed:98:23:f6:83:f7:93:5f:07:34:e9:fe:d4:95:d6:
9e:66:52:8d:fd:27:7d:65:13:b6:b3:e9:1d:34:de:
46:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:62:E0:B2:41:19:4C:1A:00:46:3A:C9:3D:0F:0A:00:A6:84:A1:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d3:ec:d4:34:76:2c:6f:e6:49:a9:23:13:86:b9:0f:1b:26:71:
f4:dc:93:c3:a6:83:2c:6e:41:e7:58:71:02:8f:6e:09:bf:d9:
97:29:49:b8:a3:d7:31:c7:1f:28:db:21:f0:db:99:ed:08:db:
8c:b8:13:c7:e4:22:00:88:8c:da:f5:1d:98:12:8d:a4:bf:07:
ce:39:e3:d2:b2:42:37:57:da:e1:6a:df:50:f6:03:ac:78:e7:
2e:ca:48:b6:d4:88:dc:25:e2:c8:7b:51:9b:ab:7c:a7:e0:8c:
52:c6:1c:7e:1f:20:f8:10:85:71:f8:23:22:6f:f5:9f:01:77:
3f:2f:23:59:df:c6:46:44:59:78:b0:84:f3:b9:af:be:ea:4d:
f9:bb:bf:7c:a4:ff:4d:31:d3:a1:fc:03:f4:99:ca:8d:5b:45:
be:28:38:0a:99:ee:71:6c:d6:5d:08:b3:f5:2b:f9:61:6f:ba:
ef:d4:70:45:db:3f:a8:63:6e:41:f0:3b:a0:44:59:8e:3f:37:
37:46:9d:e0:bb:51:00:39:6e:14:66:74:3b:42:d2:49:6e:42:
f1:a0:02:f8:fd:b7:2d:c3:f1:7c:c0:32:f9:93:01:7d:b9:3b:
56:d4:e9:94:58:40:ef:79:f2:67:ae:aa:e6:ef:6c:01:2f:c5:
0e:ea:74:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGazJuVkg9gVAQ5w71aEO+Dcz6jcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMzEyMTMxMTFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhZDE4OTI3NWRjMGM4OTUyYmUzYTM0MDlkYTM1MTM2ZTM0NzM5ZTFlOTgz
ODdjNTIzY2Y5MzM4ZjBhYmFmZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5tTkgaEAd52lleJtlrttM0tofF+S3Lsib/tkpSTuR+kPUIbco4DuitZ4aG
KgMrfZ/aV2JNcx1CF6byFiphS6XyaSste2IqFLEmEVj7O+oDbMaDKeOVBYpcY6zd
9f+m0TlJR5+nqKI/2aoiOsaZ8auFutyFBDu7+ePz9K7Lfejq3ddailjDxdgq0Tds
QDhTicFZ+xCZ/UOmHxBam+2uLj2kAEGm7Zq+iMPGVd1OONXNt7/zyxcIJupOHMqn
Kn3Q0urWKqENoAjpQbomEuzbx4moJalQGPjLlLPAo5MhoN2E7Zgj9oP3k18HNOn+
1JXWnmZSjf0nfWUTtrPpHTTeRvUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQcYuCy
QRlMGgBGOsk9DwoApoShlTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTRjMmEzNmUtMjQ1Yi00MzlhLWJmNjEtMDQxMzJjNWRmNWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G
CSqGSIb3DQEBCwUAA4IBAQDT7NQ0dixv5kmpIxOGuQ8bJnH03JPDpoMsbkHnWHEC
j24Jv9mXKUm4o9cxxx8o2yHw25ntCNuMuBPH5CIAiIza9R2YEo2kvwfOOePSskI3
V9rhat9Q9gOseOcuyki21IjcJeLIe1Gbq3yn4IxSxhx+HyD4EIVx+CMib/WfAXc/
LyNZ38ZGRFl4sITzua++6k35u798pP9NMdOh/AP0mcqNW0W+KDgKme5xbNZdCLP1
K/lhb7rv1HBF2z+oY25B8DugRFmOPzc3Rp3gu1EAOW4UZnQ7QtJJbkLxoAL4/bct
w/F8wDL5kwF9uTtW1OmUWEDvefJnrqrm72wBL8UO6nSe
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:09 2025 by rpki-client