Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
File: 63e023f1-83fd-412f-8365-33afe1ac80af.roa (raw, json)
Hash identifier: FeMuZBuN4S1SURQuIVK3G83dHRsTYAHr86VG5hpyu1o=
Subject key identifier: F7:C8:61:FC:33:A2:F8:2A:CF:11:A0:2F:84:18:36:9E:29:15:EF:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C8D8E946A4211CCF86C8C2C923C4B1B2D732AD6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
Signing time: Fri 25 Apr 2025 20:30:18 +0000
ROA not before: Fri 25 Apr 2025 20:30:18 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:8d:8e:94:6a:42:11:cc:f8:6c:8c:2c:92:3c:4b:1b:2d:73:2a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:18 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=684b7780bf57441fd4ea958a6a619adb4d393f893f240ea4dc8161ba19ef6c47, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:67:e7:ab:10:bd:66:ee:a8:b3:44:23:13:95:
1f:9e:dc:83:43:f9:8f:d7:e3:e2:d9:63:aa:33:93:
75:c5:42:b4:b2:77:38:03:be:bf:78:92:dd:a7:0f:
6f:25:e0:44:cb:d4:69:48:27:4b:95:21:03:22:18:
49:a5:c2:64:f7:d2:ab:65:12:3d:4b:fe:e9:69:09:
ce:93:ff:5a:8f:70:0d:12:a7:bc:c1:e1:59:46:c4:
82:ed:9f:8c:11:a9:cb:67:cb:32:24:0e:7c:86:e6:
0e:e8:f5:02:44:35:fb:c3:e8:4a:f4:68:40:7b:fa:
f5:3c:02:68:7b:8d:76:29:a4:3c:97:69:e2:43:10:
13:e7:37:a4:c1:ac:4c:53:52:7d:85:82:56:c3:77:
09:54:39:51:74:59:6d:f1:78:00:37:98:d6:69:12:
fc:4c:cb:f3:4c:13:6c:bb:47:a0:99:fa:3b:22:a3:
43:eb:cf:40:d5:eb:a4:37:b5:c7:db:f1:30:a2:56:
45:12:13:6f:1f:9b:c7:69:ec:4d:58:1f:d4:a5:3c:
b6:df:8f:fb:26:79:2b:bc:28:eb:1e:01:c4:58:a6:
25:7a:fb:3f:f3:a0:f2:5d:bd:e3:16:be:6c:30:18:
ec:af:ad:3c:2c:3c:4a:4b:d9:b2:e1:33:ea:de:7f:
27:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C8:61:FC:33:A2:F8:2A:CF:11:A0:2F:84:18:36:9E:29:15:EF:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:95:80:6f:6b:06:e3:9d:d5:1e:0b:e6:0f:b5:7c:f7:03:f7:
40:b6:a4:cf:4b:23:88:37:b0:a3:54:b8:51:c1:22:88:56:5f:
81:bc:3d:e6:04:04:38:c6:1a:7b:68:1e:d3:81:4e:99:92:61:
55:70:93:7f:3c:e5:6f:99:e8:3b:05:ff:0c:13:a4:88:78:02:
31:21:78:43:94:73:b8:b2:bd:e0:9e:68:2e:d7:8c:12:37:df:
68:0d:ff:af:58:06:82:d6:8f:75:d9:b9:e5:89:c2:30:5d:6d:
dc:d5:39:b8:10:c9:0e:bd:b6:31:12:26:84:cc:27:40:16:f8:
e7:5f:1b:30:f8:d0:e8:a3:25:f5:b3:89:14:df:07:60:9b:b6:
08:9e:f1:bd:72:85:84:94:57:f8:8c:90:d2:c5:53:7a:f1:29:
e2:f4:03:ec:b0:14:b6:33:83:7e:97:3f:64:6b:54:66:64:84:
92:5c:53:c8:50:7a:60:b4:f2:ab:2c:2e:32:d1:e6:a3:3f:c0:
60:26:81:94:83:d4:ee:32:df:f3:63:1e:07:81:d5:d2:67:52:
99:c3:e1:a4:61:ec:97:ba:dd:1b:a9:95:ba:f3:21:6c:e1:9e:
53:d3:c3:4b:62:26:02:d8:10:74:8b:f0:6b:7d:2a:58:17:a5:
76:84:71:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTI2OlGpCEcz4bIwskjxLGy1zKtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4NGI3NzgwYmY1NzQ0MWZkNGVhOTU4YTZhNjE5YWRiNGQzOTNmODkzZjI0
MGVhNGRjODE2MWJhMTllZjZjNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMln56sQvWbuqLNEIxOVH57cg0P5j9fj4tljqjOTdcVCtLJ3OAO+v3iS3acP
byXgRMvUaUgnS5UhAyIYSaXCZPfSq2USPUv+6WkJzpP/Wo9wDRKnvMHhWUbEgu2f
jBGpy2fLMiQOfIbmDuj1AkQ1+8PoSvRoQHv69TwCaHuNdimkPJdp4kMQE+c3pMGs
TFNSfYWCVsN3CVQ5UXRZbfF4ADeY1mkS/EzL80wTbLtHoJn6OyKjQ+vPQNXrpDe1
x9vxMKJWRRITbx+bx2nsTVgf1KU8tt+P+yZ5K7wo6x4BxFimJXr7P/Og8l294xa+
bDAY7K+tPCw8SkvZsuEz6t5/Jy0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3yGH8
M6L4Ks8RoC+EGDaeKRXvJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjNlMDIzZjEtODNmZC00MTJmLTgzNjUtMzNhZmUxYWM4MGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQCSlYBvawbjndUeC+YPtXz3A/dAtqTPSyOIN7CjVLhR
wSKIVl+BvD3mBAQ4xhp7aB7TgU6ZkmFVcJN/POVvmeg7Bf8ME6SIeAIxIXhDlHO4
sr3gnmgu14wSN99oDf+vWAaC1o912bnlicIwXW3c1Tm4EMkOvbYxEiaEzCdAFvjn
Xxsw+NDooyX1s4kU3wdgm7YInvG9coWElFf4jJDSxVN68Sni9APssBS2M4N+lz9k
a1RmZISSXFPIUHpgtPKrLC4y0eajP8BgJoGUg9TuMt/zYx4HgdXSZ1KZw+GkYeyX
ut0bqZW68yFs4Z5T08NLYiYC2BB0i/BrfSpYF6V2hHH/
-----END CERTIFICATE-----
Generated at Fri May 9 08:21:37 2025 by rpki-client