Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: DIzmuZEGA7japPkvyxVZHQC1p3bd7dVqAk65AlkP9RY=
Subject key identifier: E4:7E:FF:2F:BC:7F:55:7D:CE:72:54:B5:71:A4:F9:8A:BE:67:FB:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1065F4E845019BE91BAC1976054CDEB4E7A92B28
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Wed 05 Feb 2025 00:00:00 +0000
ROA not before: Wed 05 Feb 2025 00:00:00 +0000
ROA not after: Wed 12 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:65:f4:e8:45:01:9b:e9:1b:ac:19:76:05:4c:de:b4:e7:a9:2b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 5 00:00:00 2025 GMT
Not After : Mar 12 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5d:02:bc:6c:c1:ba:1a:75:70:a4:fd:af:8c:
99:3d:a0:40:cf:9c:6b:80:2b:fc:37:44:d2:6c:0f:
52:28:8d:72:68:10:c8:80:92:7b:1d:7e:9e:95:72:
c5:73:85:03:f0:2c:52:74:03:dc:b8:49:08:45:b7:
9f:a2:b7:76:de:38:61:d7:1d:fc:b1:a0:4d:2c:f9:
51:38:87:0e:4b:6f:bd:04:e0:6f:24:9f:0a:8e:96:
2c:92:04:80:0c:53:00:80:21:16:91:6a:46:75:ce:
bb:34:5b:b6:f3:1c:c8:7f:6c:44:9f:66:27:fa:03:
63:46:ef:3d:18:19:73:8e:a6:31:06:23:9d:1a:3b:
91:1c:36:f2:31:32:cf:59:09:6a:4c:61:74:70:af:
e4:f9:a3:9e:42:7e:46:f9:15:6d:15:f7:2a:86:7e:
db:e6:24:bc:cd:7b:af:10:1b:24:ab:1d:1e:a2:c2:
94:bf:61:22:77:e3:a3:c3:04:76:7e:c8:96:bc:ae:
11:8f:d8:91:34:2d:ba:71:03:dd:14:21:4d:7a:36:
f8:41:68:df:51:4c:09:65:ce:a5:18:96:2b:3c:76:
1d:80:4f:fb:80:41:7a:fb:80:9d:ce:f6:e7:15:f1:
47:c4:d5:7d:b3:9a:b1:88:97:04:5b:fc:f7:ac:2f:
a2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:7E:FF:2F:BC:7F:55:7D:CE:72:54:B5:71:A4:F9:8A:BE:67:FB:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
06:7d:4d:2d:2f:54:32:20:20:cd:24:80:6a:a1:45:fd:0b:40:
50:44:d6:09:df:84:80:cd:11:b0:3b:dd:9d:a1:9c:b9:ba:ea:
27:95:00:7d:cf:9a:62:47:a4:35:db:f1:98:b2:fd:d0:e3:03:
a9:4f:27:62:a9:ac:9c:11:9a:3c:25:d6:a0:b0:6f:9e:15:55:
0d:c1:41:3a:ba:18:4f:c2:12:bc:61:c6:f2:5b:06:74:ec:1e:
19:25:ed:cc:d1:8b:22:c2:76:34:a7:84:70:6d:4d:81:2b:0f:
ab:64:a4:39:18:c6:7b:82:15:27:c4:44:3c:0f:21:ae:ba:4a:
7e:78:08:68:7e:27:e1:76:d6:37:05:0f:06:40:8a:19:fb:c8:
7b:5c:d0:5c:3a:f3:78:87:a5:4a:1f:8c:70:f2:b4:46:cd:34:
81:45:ce:8f:a8:d7:5c:5d:dc:d0:94:5d:c8:fe:b4:0b:3c:f0:
50:55:2d:71:bb:cb:8c:cb:46:83:8e:7a:df:80:a3:90:ce:7c:
1c:72:14:9c:77:29:8d:7f:ea:0d:55:e7:26:c3:35:86:22:14:
d3:87:5a:1c:22:a3:14:3e:37:09:00:24:4d:62:5b:5b:0f:84:
ea:7d:0f:c1:94:6e:95:67:2f:ea:80:2d:f3:01:07:29:59:df:
fb:c0:38:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEGX06EUBm+kbrBl2BUzetOepKygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAyMDUwMDAwMDBaFw0yNTAzMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3ODhkMzg5NGRhNTE5NmQ3MTljNGVkNzBkZTAwMTBkOWQ3ZmY1ZWM3NTU2
YTNiMTQ3Y2JmMmJhMzUyNzI1OTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxdArxswboadXCk/a+MmT2gQM+ca4Ar/DdE0mwPUiiNcmgQyICSex1+npVy
xXOFA/AsUnQD3LhJCEW3n6K3dt44Ydcd/LGgTSz5UTiHDktvvQTgbySfCo6WLJIE
gAxTAIAhFpFqRnXOuzRbtvMcyH9sRJ9mJ/oDY0bvPRgZc46mMQYjnRo7kRw28jEy
z1kJakxhdHCv5PmjnkJ+RvkVbRX3KoZ+2+YkvM17rxAbJKsdHqLClL9hInfjo8ME
dn7IlryuEY/YkTQtunED3RQhTXo2+EFo31FMCWXOpRiWKzx2HYBP+4BBevuAnc72
5xXxR8TVfbOasYiXBFv896wvolECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTkfv8v
vH9Vfc5yVLVxpPmKvmf7jjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQAGfU0tL1QyICDNJIBqoUX9C0BQRNYJ34SAzRGwO92d
oZy5uuonlQB9z5piR6Q12/GYsv3Q4wOpTydiqaycEZo8JdagsG+eFVUNwUE6uhhP
whK8YcbyWwZ07B4ZJe3M0YsiwnY0p4RwbU2BKw+rZKQ5GMZ7ghUnxEQ8DyGuukp+
eAhofifhdtY3BQ8GQIoZ+8h7XNBcOvN4h6VKH4xw8rRGzTSBRc6PqNdcXdzQlF3I
/rQLPPBQVS1xu8uMy0aDjnrfgKOQznwcchScdymNf+oNVecmwzWGIhTTh1ocIqMU
PjcJACRNYltbD4TqfQ/BlG6VZy/qgC3zAQcpWd/7wDjj
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:12 2025 by rpki-client