Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: YYsaXHDEcJWDZwlmB4uCTkemP99De2s3IOaCrKvaplk=
Subject key identifier: DA:50:B1:EB:8B:F6:58:FB:7B:81:5F:E1:AC:8E:E6:9F:F2:DB:C4:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A1BEC15D394D0D45AC9E9C8EF010F314C56F786
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Fri 25 Apr 2025 20:30:06 +0000
ROA not before: Fri 25 Apr 2025 20:30:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:1b:ec:15:d3:94:d0:d4:5a:c9:e9:c8:ef:01:0f:31:4c:56:f7:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2c6f7082ed8feb864de24323da5e4593148ab893fc83ffae4699065d8a448e93, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:81:ac:67:84:41:b7:c0:e4:b6:fc:b0:b8:bd:
18:d4:19:f5:c3:79:ff:a2:ba:7e:23:09:f0:97:3e:
44:66:65:29:0f:fa:a1:12:2d:34:d2:e9:b5:0e:8f:
d2:77:48:b0:f4:ab:df:d9:dc:60:fc:d7:b2:5a:39:
19:02:1f:97:b2:8e:2c:67:d1:28:92:00:70:89:43:
dc:04:0d:dd:83:38:35:03:c7:09:c2:ca:37:9b:98:
24:7e:90:57:e8:d7:6f:54:9c:83:3c:52:c6:46:7a:
23:38:b7:38:d5:55:4d:af:69:06:a5:37:08:b1:5c:
ed:31:a4:d3:b2:1a:4c:37:31:79:0e:e3:69:73:7f:
7f:1b:93:b6:91:a4:dd:da:ed:fa:53:98:94:21:27:
74:ef:c2:88:35:b4:f1:44:b7:b6:61:7c:6e:c1:7b:
de:c2:3a:24:93:ca:e4:d7:59:c8:02:a3:05:1a:a3:
5c:fb:c6:dc:b3:18:a4:c7:86:83:56:c3:4c:ff:71:
19:83:72:f4:09:d6:82:bf:a4:26:8a:66:fa:a5:61:
de:75:03:d3:4b:88:c5:ef:2b:21:99:4a:2b:50:5a:
14:bd:98:30:7e:a8:27:96:ca:62:52:c9:bf:d3:ae:
56:af:2b:f7:7e:aa:fd:c7:a5:b2:66:15:26:d4:5e:
5a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:50:B1:EB:8B:F6:58:FB:7B:81:5F:E1:AC:8E:E6:9F:F2:DB:C4:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:96:5c:3d:1d:84:ed:27:6f:5b:95:9c:f8:20:50:a8:a2:cb:
9e:a2:72:d3:3a:e9:86:14:fd:fe:18:4c:e2:69:24:8f:64:54:
55:0b:76:48:29:f5:d7:97:3c:52:d7:f3:0b:b6:ab:b4:4a:b3:
ed:12:10:ab:7c:07:5f:b2:85:91:71:72:e3:d7:03:36:c2:44:
ff:c5:86:f6:68:65:7f:83:58:65:98:91:2f:39:07:8b:ab:60:
d1:34:80:dd:cb:84:98:8f:86:7b:f3:dc:14:50:18:e1:f5:12:
8d:aa:86:b4:f6:20:4a:f7:a9:ee:a9:12:c1:51:8c:bf:1c:1d:
6f:c3:78:4f:92:d8:a1:77:fb:4b:5d:30:a6:23:1b:d7:e8:dd:
f9:b4:33:ec:1d:87:77:3d:14:a9:38:d3:93:c3:fe:95:67:c2:
16:f6:b1:1b:f0:cc:2b:bb:60:d6:4d:f2:bc:69:1d:a4:b8:93:
f8:51:89:fc:9c:c6:a2:74:27:12:f6:44:54:b8:10:aa:78:e1:
33:fb:6d:18:d4:3e:68:e6:d2:66:8e:a9:7a:a4:74:a9:d1:c2:
7a:82:17:0d:28:e4:1a:f7:29:8d:43:89:a2:40:e6:b4:19:53:
05:b4:e7:ca:0c:9b:47:e8:ea:ca:b3:c0:24:17:30:e2:aa:43:
e3:6e:4b:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUChvsFdOU0NRayenI7wEPMUxW94YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNmY3MDgyZWQ4ZmViODY0ZGUyNDMyM2RhNWU0NTkzMTQ4YWI4OTNmYzgz
ZmZhZTQ2OTkwNjVkOGE0NDhlOTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqBrGeEQbfA5Lb8sLi9GNQZ9cN5/6K6fiMJ8Jc+RGZlKQ/6oRItNNLptQ6P
0ndIsPSr39ncYPzXslo5GQIfl7KOLGfRKJIAcIlD3AQN3YM4NQPHCcLKN5uYJH6Q
V+jXb1ScgzxSxkZ6Izi3ONVVTa9pBqU3CLFc7TGk07IaTDcxeQ7jaXN/fxuTtpGk
3drt+lOYlCEndO/CiDW08US3tmF8bsF73sI6JJPK5NdZyAKjBRqjXPvG3LMYpMeG
g1bDTP9xGYNy9AnWgr+kJopm+qVh3nUD00uIxe8rIZlKK1BaFL2YMH6oJ5bKYlLJ
v9OuVq8r936q/celsmYVJtReWo0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTaULHr
i/ZY+3uBX+Gsjuaf8tvEgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQCnllw9HYTtJ29blZz4IFCoosueonLTOumGFP3+GEzi
aSSPZFRVC3ZIKfXXlzxS1/MLtqu0SrPtEhCrfAdfsoWRcXLj1wM2wkT/xYb2aGV/
g1hlmJEvOQeLq2DRNIDdy4SYj4Z789wUUBjh9RKNqoa09iBK96nuqRLBUYy/HB1v
w3hPktihd/tLXTCmIxvX6N35tDPsHYd3PRSpONOTw/6VZ8IW9rEb8Mwru2DWTfK8
aR2kuJP4UYn8nMaidCcS9kRUuBCqeOEz+20Y1D5o5tJmjql6pHSp0cJ6ghcNKOQa
9ymNQ4miQOa0GVMFtOfKDJtH6OrKs8AkFzDiqkPjbkut
-----END CERTIFICATE-----
Generated at Fri May 9 10:32:52 2025 by rpki-client