Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: f2dTVquHdCFSWmLa7hf7JMCdXRnMSNPh/f+WtRqTeSo=
Subject key identifier: 65:55:C7:70:BD:A5:07:35:D3:BC:A4:75:8E:65:78:48:B9:E0:BE:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5A27A2F828CCA9D532E134BD443B096F18C42816
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Wed 05 Mar 2025 17:52:00 +0000
ROA not before: Wed 05 Mar 2025 17:52:00 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 18:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:27:a2:f8:28:cc:a9:d5:32:e1:34:bd:44:3b:09:6f:18:c4:28:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:52:00 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:06:4d:99:60:ed:c3:b6:22:b9:cd:aa:19:
1f:da:64:2f:90:39:74:12:f3:2b:ce:c6:2c:cd:f5:
39:42:7b:f9:a2:2b:f6:41:95:d8:a1:40:12:b8:c5:
9f:cb:0b:7b:6d:27:08:a4:cc:e2:44:14:ee:e4:74:
b2:84:70:df:5e:30:a0:ff:4b:f0:51:79:d1:f4:2c:
3e:aa:17:b7:e1:2c:a9:1c:b9:af:a4:0e:20:d1:f3:
9a:72:e4:fb:9f:c2:79:03:6b:92:d8:81:3c:c3:a1:
bf:e8:05:84:8c:40:db:61:df:20:5a:db:c1:b3:6e:
42:a5:bf:9b:09:22:60:ee:fd:f0:50:fd:3d:fc:7f:
19:f1:b3:3f:2a:4c:12:99:ee:be:c0:fd:13:19:d1:
27:72:c0:a7:83:b9:90:b9:40:32:49:d9:a9:d2:59:
fb:05:75:b7:78:9e:50:eb:cf:8f:ec:2b:f3:88:44:
d1:d1:b9:12:21:0f:81:d0:ee:c4:f4:e6:f6:71:92:
80:66:07:9c:61:ba:53:af:12:f0:6e:9c:a5:54:4e:
46:c0:02:25:b4:38:91:e4:56:2a:b4:ce:d0:30:b3:
22:09:d0:ea:63:54:d0:1f:ac:59:e7:08:ed:ef:40:
97:3a:a7:db:fe:2c:67:ed:6f:97:fc:ba:57:4c:9d:
a9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:55:C7:70:BD:A5:07:35:D3:BC:A4:75:8E:65:78:48:B9:E0:BE:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:f8:c2:28:b2:2e:da:6f:8e:5b:45:d9:52:1d:52:d6:ec:0e:
67:9d:43:41:5a:47:d0:2d:5f:67:e2:f1:0c:e4:63:78:72:e8:
24:27:c4:44:21:17:44:77:4b:fa:a0:d3:3a:36:b3:35:3d:93:
15:64:f6:12:3b:93:22:18:5c:a1:14:56:39:b7:99:89:c6:63:
af:c1:6f:47:11:ce:37:52:77:bd:c2:ba:13:4a:1c:2d:fc:f9:
63:93:ba:dd:06:f7:6d:e3:08:e2:1b:d0:1a:d2:ef:36:76:be:
ce:63:71:50:75:ed:9c:b7:61:1e:d6:78:9e:78:db:52:72:65:
fb:d0:a6:ef:85:5d:fe:5c:c2:6e:6f:f5:14:02:ad:cd:8c:64:
85:e9:11:d4:f2:bc:5a:25:de:83:04:fa:34:3e:0f:3b:9f:4e:
8f:e5:dc:f7:27:10:e0:1c:f7:ab:6e:26:1b:3d:d2:84:92:b8:
03:17:64:2e:4c:6a:3c:ec:43:4a:56:dd:58:4d:d4:9f:38:b9:
75:df:69:1e:8b:5c:8c:cd:30:b2:75:35:00:c0:92:c0:1f:7b:
dc:4d:c9:28:e8:09:05:57:d4:9f:e2:4f:82:e7:ee:e4:fd:b9:
f6:b8:32:90:11:46:4c:20:5e:2d:3a:a5:82:bb:d9:0d:32:b5:
50:34:78:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWiei+CjMqdUy4TS9RDsJbxjEKBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUyMDBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhMGZkM2RlZjUyMGU3ZDYyOTE4NTMxZGMzM2QxODQ0ZmFkN2E2NjJmMTYy
MmJmZjIwZTQ1ZTc4NDhiMDRjOWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWnBk2ZYO3DtiK5zaoZH9pkL5A5dBLzK87GLM31OUJ7+aIr9kGV2KFAErjF
n8sLe20nCKTM4kQU7uR0soRw314woP9L8FF50fQsPqoXt+EsqRy5r6QOINHzmnLk
+5/CeQNrktiBPMOhv+gFhIxA22HfIFrbwbNuQqW/mwkiYO798FD9Pfx/GfGzPypM
EpnuvsD9ExnRJ3LAp4O5kLlAMknZqdJZ+wV1t3ieUOvPj+wr84hE0dG5EiEPgdDu
xPTm9nGSgGYHnGG6U68S8G6cpVRORsACJbQ4keRWKrTO0DCzIgnQ6mNU0B+sWecI
7e9Alzqn2/4sZ+1vl/y6V0ydqQ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRlVcdw
vaUHNdO8pHWOZXhIueC+ATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQBf+MIosi7ab45bRdlSHVLW7A5nnUNBWkfQLV9n4vEM
5GN4cugkJ8REIRdEd0v6oNM6NrM1PZMVZPYSO5MiGFyhFFY5t5mJxmOvwW9HEc43
Une9wroTShwt/Pljk7rdBvdt4wjiG9Aa0u82dr7OY3FQde2ct2Ee1nieeNtScmX7
0KbvhV3+XMJub/UUAq3NjGSF6RHU8rxaJd6DBPo0Pg87n06P5dz3JxDgHPerbiYb
PdKEkrgDF2QuTGo87ENKVt1YTdSfOLl132kei1yMzTCydTUAwJLAH3vcTcko6AkF
V9Sf4k+C5+7k/bn2uDKQEUZMIF4tOqWCu9kNMrVQNHj2
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:49:16 2025 by rpki-client