Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json)
Hash identifier: lyP4bn6BvCCTHyh0KfOQ9SbO/H9xlJtHsq41tNNrKcw=
Subject key identifier: 66:3E:AE:3E:8F:22:54:44:77:C7:2F:03:77:10:B7:AB:B9:5D:BF:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C8098D12B6CE7468CDB3EFF072FFBBE99AFDBB0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
Signing time: Wed 05 Feb 2025 00:00:00 +0000
ROA not before: Wed 05 Feb 2025 00:00:00 +0000
ROA not after: Wed 12 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:80:98:d1:2b:6c:e7:46:8c:db:3e:ff:07:2f:fb:be:99:af:db:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 5 00:00:00 2025 GMT
Not After : Mar 12 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0a:dd:83:44:9b:c4:e6:f5:99:40:22:e1:09:
7d:72:4c:49:ea:16:54:46:1e:73:bd:02:09:8f:9f:
03:ce:f8:2a:50:1a:4b:bc:f2:ee:6a:58:83:dc:21:
af:bc:00:55:ee:9b:66:82:94:d3:20:2b:bf:d2:41:
a2:77:89:29:ed:3b:1b:04:57:d8:2e:73:39:72:7e:
0f:48:8d:4f:aa:b8:9d:19:4a:fc:b6:9e:cb:ce:60:
53:7b:1f:87:7c:de:f6:b2:4f:0e:97:1e:ea:7f:a8:
8c:83:05:31:f8:97:d8:c9:de:48:16:49:3d:e3:ac:
84:14:18:e6:dd:f1:6c:77:e6:0f:7a:d3:26:d2:dd:
cb:ae:61:ed:cf:0d:3b:1c:b4:85:c5:cd:b6:00:ed:
7e:56:dc:ca:62:66:72:7b:c3:0b:0e:82:d5:f8:02:
a6:19:47:5f:4e:85:ec:d2:d9:8e:f2:6f:d0:26:30:
c2:3f:fb:43:3e:ef:54:2a:8d:dc:d6:22:54:ca:e6:
32:71:62:1d:da:43:8e:43:b7:d8:4a:e8:92:0d:11:
2b:10:3b:25:1f:6b:f1:57:a2:54:a7:78:4e:cc:05:
2f:18:87:65:1f:cf:0f:b7:aa:3b:e2:6b:96:45:a7:
d5:87:9b:00:6c:14:97:e8:91:4d:d7:32:57:72:37:
80:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3E:AE:3E:8F:22:54:44:77:C7:2F:03:77:10:B7:AB:B9:5D:BF:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b0:d8:aa:1d:66:40:31:b8:d2:10:24:50:4d:9f:2b:46:47:58:
52:96:70:f7:0f:c0:bf:9a:7e:ba:4e:7d:35:6c:0e:96:93:55:
72:86:e7:b0:61:bc:be:4d:5c:e0:fe:46:a1:88:7b:48:fe:98:
ee:d7:10:00:6c:5f:ae:e5:5e:99:9c:69:bf:29:2e:39:6e:9f:
69:6d:5d:3c:98:f5:23:20:ac:30:96:5d:0d:89:f2:7a:9e:b4:
ae:af:de:9c:f0:56:75:bd:3b:bb:f5:14:51:06:34:72:ec:10:
c3:c6:51:1c:c6:a8:42:a8:f2:6c:65:17:de:50:89:25:13:66:
e2:98:2b:a4:88:95:81:87:6a:14:69:9b:15:19:43:07:d7:7d:
46:04:f6:d4:e8:e2:ea:cb:a2:05:e9:54:f1:8c:f9:f5:37:df:
ff:2f:05:76:93:9f:f1:c1:b0:99:3e:75:d8:5b:58:7e:5f:e9:
69:f3:e9:03:e1:7a:35:6f:8e:f1:68:d6:23:4d:aa:1a:19:f3:
50:bd:13:57:62:af:2f:64:5a:bf:99:7c:d1:aa:fa:b8:42:b9:
c5:d6:e2:68:35:b5:27:6a:19:86:83:e4:4c:e8:a7:e1:70:8e:
4f:4e:ff:e9:b6:91:a5:08:74:7a:49:34:f7:05:16:8f:59:ac:
94:56:28:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHICY0Sts50aM2z7/By/7vpmv27AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAyMDUwMDAwMDBaFw0yNTAzMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1YzUyNDI1ZTViZDEzYTEyNDU5ZThhMTgxMjc5YjMyZmJmMTVjZTExYWY5
NDRmOTcyNDRkOTg0MTVlYmJhM2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwK3YNEm8Tm9ZlAIuEJfXJMSeoWVEYec70CCY+fA874KlAaS7zy7mpYg9wh
r7wAVe6bZoKU0yArv9JBoneJKe07GwRX2C5zOXJ+D0iNT6q4nRlK/Laey85gU3sf
h3ze9rJPDpce6n+ojIMFMfiX2MneSBZJPeOshBQY5t3xbHfmD3rTJtLdy65h7c8N
Oxy0hcXNtgDtflbcymJmcnvDCw6C1fgCphlHX06F7NLZjvJv0CYwwj/7Qz7vVCqN
3NYiVMrmMnFiHdpDjkO32Erokg0RKxA7JR9r8VeiVKd4TswFLxiHZR/PD7eqO+Jr
lkWn1YebAGwUl+iRTdcyV3I3gGMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmPq4+
jyJURHfHLwN3ELeruV2/PjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQCw2KodZkAxuNIQJFBNnytGR1hSlnD3D8C/mn66Tn01
bA6Wk1VyhuewYby+TVzg/kahiHtI/pju1xAAbF+u5V6ZnGm/KS45bp9pbV08mPUj
IKwwll0NifJ6nrSur96c8FZ1vTu79RRRBjRy7BDDxlEcxqhCqPJsZRfeUIklE2bi
mCukiJWBh2oUaZsVGUMH131GBPbU6OLqy6IF6VTxjPn1N9//LwV2k5/xwbCZPnXY
W1h+X+lp8+kD4Xo1b47xaNYjTaoaGfNQvRNXYq8vZFq/mXzRqvq4QrnF1uJoNbUn
ahmGg+RM6KfhcI5PTv/ptpGlCHR6STT3BRaPWayUViiG
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:40 2025 by rpki-client