Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json)
Hash identifier: w6iUvKQ9eequn9d189lsE7u3PLwRJy5bJAtefEL1OQg=
Subject key identifier: 45:C7:02:B0:E2:0F:33:3A:CD:8F:F4:3F:31:C2:A5:0A:66:C7:23:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56362696BDEC2C18F75F91CD279887F664F42040
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
Signing time: Tue 01 Apr 2025 15:10:31 +0000
ROA not before: Tue 01 Apr 2025 15:10:31 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:36:26:96:bd:ec:2c:18:f7:5f:91:cd:27:98:87:f6:64:f4:20:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:10:31 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:56:4c:85:cd:c3:e0:4c:67:00:50:a9:70:
26:d5:03:d1:cc:ad:a5:ba:0e:71:34:d0:c6:5f:e2:
b2:ff:45:05:3a:62:67:2f:56:43:81:be:08:40:38:
52:dd:9a:f8:e4:0b:86:55:a8:c6:41:72:23:2c:95:
7a:aa:ba:27:4f:28:06:ba:42:23:d2:85:1d:1a:ad:
ee:64:bc:85:a3:87:e0:c1:f9:62:91:40:42:e8:7f:
db:3c:bb:96:88:56:b7:0e:13:31:f5:ee:06:97:be:
55:0c:89:1e:2b:65:4f:7d:26:cf:d9:bd:4a:b9:fd:
f5:00:39:91:23:ed:94:66:8e:29:66:fc:67:6e:67:
5c:9c:c9:d4:d8:5c:13:c5:e6:6f:bc:5c:8e:78:13:
a5:91:92:83:5e:37:42:b2:9d:0a:f1:cf:47:1c:59:
54:cc:8a:25:59:0f:4d:5a:8b:73:f8:dc:07:38:db:
85:b9:07:2b:7a:d8:5d:8d:b4:91:e3:77:e4:5e:eb:
ea:e7:b9:4f:8a:40:47:6c:08:2f:77:de:60:0b:a6:
ee:a8:65:15:ab:ca:93:5b:a7:ec:db:ab:ad:06:10:
10:41:f5:0e:f4:37:b6:98:f9:3b:f6:bd:3e:5f:d8:
01:04:28:b0:9e:a5:3b:9d:42:0d:3d:bf:58:06:eb:
a2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:C7:02:B0:E2:0F:33:3A:CD:8F:F4:3F:31:C2:A5:0A:66:C7:23:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.204.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c6:36:cf:2c:7c:13:7d:63:40:14:17:63:47:ae:2e:24:61:
0c:37:16:a8:5e:98:ab:57:df:20:5e:a4:0f:79:fe:85:5d:42:
03:7b:6c:98:9c:16:20:d9:76:42:cd:64:f8:0b:4f:aa:b9:72:
cf:97:ff:57:10:24:7d:1f:35:52:88:b4:c4:9a:99:ad:3d:6d:
d4:9b:cf:78:18:b4:7b:6c:2b:e9:42:12:97:a3:ca:1d:23:58:
a7:04:34:9d:70:f3:d6:54:ac:82:0e:f9:79:f3:74:95:fc:fb:
b4:1c:31:39:dd:45:7a:c5:dd:dd:cc:44:8c:5f:89:16:4d:50:
78:bf:50:16:7c:cd:85:71:68:0d:58:31:57:49:ae:d0:3c:55:
4c:dc:44:2b:fa:b9:c5:29:1e:ad:09:f4:f9:bc:79:83:dc:74:
53:1d:0b:06:bb:66:1c:52:36:06:38:fd:9b:de:7d:31:98:ec:
1f:dc:9c:3f:d6:d9:ec:be:c7:13:89:e4:31:c2:da:f6:8a:69:
7b:b9:e4:96:e5:49:29:80:0a:a6:db:f8:4c:3f:f1:6e:66:83:
2a:19:7a:fe:91:65:a2:ce:10:dd:91:90:a6:16:8e:82:65:81:
f2:09:0f:c2:3b:9d:8d:68:2f:6e:0c:48:48:25:5e:5f:e9:6e:
52:e9:90:37
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVjYmlr3sLBj3X5HNJ5iH9mT0IEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTEwMzFaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5ZGQ1ZTI5MzJjZGQwMTIwZGVhNTI5OTE1YmVlNDQ4NDgzNzdlMTQ3ZGMx
YmVlOTgwMWE0MjgxYzZiZGIyMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBCVkyFzcPgTGcAUKlwJtUD0cytpboOcTTQxl/isv9FBTpiZy9WQ4G+CEA4
Ut2a+OQLhlWoxkFyIyyVeqq6J08oBrpCI9KFHRqt7mS8haOH4MH5YpFAQuh/2zy7
lohWtw4TMfXuBpe+VQyJHitlT30mz9m9Srn99QA5kSPtlGaOKWb8Z25nXJzJ1Nhc
E8Xmb7xcjngTpZGSg143QrKdCvHPRxxZVMyKJVkPTVqLc/jcBzjbhbkHK3rYXY20
keN35F7r6ue5T4pAR2wIL3feYAum7qhlFavKk1un7NurrQYQEEH1DvQ3tpj5O/a9
Pl/YAQQosJ6lO51CDT2/WAbrokECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRFxwKw
4g8zOs2P9D8xwqUKZscjgjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN
BgkqhkiG9w0BAQsFAAOCAQEAk8Y2zyx8E31jQBQXY0euLiRhDDcWqF6Yq1ffIF6k
D3n+hV1CA3tsmJwWINl2Qs1k+AtPqrlyz5f/VxAkfR81Uoi0xJqZrT1t1JvPeBi0
e2wr6UISl6PKHSNYpwQ0nXDz1lSsgg75efN0lfz7tBwxOd1FesXd3cxEjF+JFk1Q
eL9QFnzNhXFoDVgxV0mu0DxVTNxEK/q5xSkerQn0+bx5g9x0Ux0LBrtmHFI2Bjj9
m959MZjsH9ycP9bZ7L7HE4nkMcLa9oppe7nkluVJKYAKptv4TD/xbmaDKhl6/pFl
os4Q3ZGQphaOgmWB8gkPwjudjWgvbgxISCVeX+luUumQNw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:24 2025 by rpki-client