Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: mTyi37D3ifMFI/Xb3hmZTd5iJ1oES4JncQERDFJg5MA=
Subject key identifier: EC:C1:E4:05:78:11:3B:BA:14:4E:95:0F:68:5D:EB:22:F2:60:5B:21
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7329E904342D4971D4E6EF2957304C040125D308
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Tue 20 May 2025 20:41:29 +0000
ROA not before: Tue 20 May 2025 20:41:29 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:29:e9:04:34:2d:49:71:d4:e6:ef:29:57:30:4c:04:01:25:d3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:29 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cc246542e2ca1abdbf6d7f24493c386b5c20bc0ecece0542a6cf979e7fdd02cf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:47:3a:4b:b5:9c:a1:cc:96:1c:6b:5d:48:28:
3d:ef:0a:25:89:b7:df:7f:3e:4c:8c:72:b5:fd:76:
9c:80:77:30:3b:3a:01:5a:70:f3:0b:9e:cb:3b:94:
92:49:b8:e1:23:47:fd:d5:5b:5c:38:ac:07:a4:a4:
1b:b2:f9:70:5a:f3:97:69:24:59:12:5f:7a:cc:8f:
62:41:bf:2c:c3:f3:e4:7f:ca:28:fa:b1:32:37:67:
e2:fe:05:ae:4d:25:54:d9:6d:35:e8:0c:51:6a:48:
1b:88:e8:8b:68:2f:48:82:0a:25:f9:c7:0d:2e:8d:
01:7b:1e:8a:c9:ac:ab:89:0c:e5:4b:94:d8:00:eb:
53:ee:e3:d6:d7:49:db:c6:83:3f:43:9e:f1:79:e3:
5b:11:8f:7e:f9:d2:08:be:21:98:07:a6:7f:f2:d1:
f6:50:82:61:99:28:c4:86:20:44:04:5a:e0:97:63:
37:a6:6c:67:6d:d4:1e:3e:49:a7:60:86:da:52:a9:
64:94:8e:ab:58:48:88:ac:9e:5c:df:09:c0:95:67:
bc:f8:66:ab:4a:c6:dc:67:75:a6:63:e8:47:72:cd:
f4:02:0d:1d:8c:96:15:31:49:c1:e7:41:44:38:4c:
d5:fd:a2:32:3a:3b:f4:ea:34:78:e3:23:7f:b9:fb:
f7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C1:E4:05:78:11:3B:BA:14:4E:95:0F:68:5D:EB:22:F2:60:5B:21
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
1b:ba:e6:12:ba:25:8c:46:7a:24:5c:a6:8f:6b:ce:c8:f2:25:
5c:b3:06:b4:1e:82:aa:6b:61:a9:d2:5a:26:ac:26:07:ef:ee:
8c:05:5a:6d:e5:08:d6:f6:29:61:5d:34:c6:4b:40:be:f6:28:
a4:2c:48:ed:2b:9b:df:f2:58:d5:99:13:ee:4a:06:5e:b5:56:
25:6d:b8:ac:36:e9:87:f8:13:2f:f3:ed:1c:0e:10:6a:18:a2:
93:29:6c:87:63:12:67:a2:df:94:f9:fc:f8:e4:6d:e8:0e:59:
ed:ed:5c:0c:fd:ed:9f:a7:b3:6d:9e:fa:d4:f9:b2:d4:4b:99:
65:33:f1:ab:31:d6:a0:8d:5c:84:62:dc:26:54:ae:07:12:ef:
ea:b1:1d:70:e0:2b:04:bc:86:eb:31:f5:db:cf:55:12:ba:68:
96:05:cb:b6:4d:09:7b:90:19:c1:02:33:fb:14:ca:91:b4:74:
ac:b9:a9:09:92:ca:82:c2:49:c4:6b:8c:de:38:01:b3:5c:3d:
17:6c:14:62:5e:29:b7:c6:6a:ba:b8:77:b6:5d:50:23:10:6b:
ed:d8:d2:9c:fb:2d:c3:79:47:5e:32:a1:04:ba:2e:4d:b6:18:
42:c0:47:a9:26:e1:65:e5:f7:49:2c:f2:ef:3f:e2:4b:32:0e:
6a:e8:f3:77
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcynpBDQtSXHU5u8pVzBMBAEl0wgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjMjQ2NTQyZTJjYTFhYmRiZjZkN2YyNDQ5M2MzODZiNWMyMGJjMGVjZWNl
MDU0MmE2Y2Y5NzllN2ZkZDAyY2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBHOku1nKHMlhxrXUgoPe8KJYm3338+TIxytf12nIB3MDs6AVpw8wueyzuU
kkm44SNH/dVbXDisB6SkG7L5cFrzl2kkWRJfesyPYkG/LMPz5H/KKPqxMjdn4v4F
rk0lVNltNegMUWpIG4joi2gvSIIKJfnHDS6NAXseismsq4kM5UuU2ADrU+7j1tdJ
28aDP0Oe8XnjWxGPfvnSCL4hmAemf/LR9lCCYZkoxIYgRARa4JdjN6ZsZ23UHj5J
p2CG2lKpZJSOq1hIiKyeXN8JwJVnvPhmq0rG3Gd1pmPoR3LN9AINHYyWFTFJwedB
RDhM1f2iMjo79Oo0eOMjf7n7998CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTsweQF
eBE7uhROlQ9oXesi8mBbITAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAG7rmEroljEZ6JFymj2vOyPIlXLMGtB6CqmthqdJa
JqwmB+/ujAVabeUI1vYpYV00xktAvvYopCxI7Sub3/JY1ZkT7koGXrVWJW24rDbp
h/gTL/PtHA4Qahiikylsh2MSZ6LflPn8+ORt6A5Z7e1cDP3tn6ezbZ761Pmy1EuZ
ZTPxqzHWoI1chGLcJlSuBxLv6rEdcOArBLyG6zH1289VErpolgXLtk0Je5AZwQIz
+xTKkbR0rLmpCZLKgsJJxGuM3jgBs1w9F2wUYl4pt8Zqurh3tl1QIxBr7djSnPst
w3lHXjKhBLouTbYYQsBHqSbhZeX3SSzy7z/iSzIOaujzdw==
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:36:53 2025 by rpki-client