Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: j7VWm4EgS8V2ulZIQzK6JjBc79bl5R1JNS5XoeDeEmI=
Subject key identifier: 1E:D7:3F:CA:8D:B8:61:AE:85:CF:A6:12:BE:7C:E0:51:44:94:3C:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49EA69E0B858FF0347AC2F7E38A047620ADB1753
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Fri 25 Apr 2025 20:40:12 +0000
ROA not before: Fri 25 Apr 2025 20:40:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ea:69:e0:b8:58:ff:03:47:ac:2f:7e:38:a0:47:62:0a:db:17:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=1c5f4521ba674c46dfe37c57605979f1ec04f06e84f36db0a5b0274c8ea2f4ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cd:a4:8f:64:fc:aa:2c:2f:be:7a:58:eb:a7:
b3:e9:c5:7d:e0:99:96:c9:4f:38:03:a3:fc:8e:b5:
1b:73:78:3c:e9:7c:6d:5b:20:c5:63:79:8d:03:14:
f1:37:eb:0f:f6:7c:79:83:8e:30:9f:61:79:31:b2:
f3:fb:ec:04:ab:6f:44:3f:ae:6f:58:fe:97:2f:85:
42:b1:97:6c:ef:ba:20:f8:68:21:e0:92:0d:85:66:
6f:39:00:ff:fb:71:55:d3:b4:1b:ff:74:64:f4:a2:
e2:64:4f:8c:43:cd:53:19:9a:e2:4c:7f:7f:61:1b:
99:9d:25:88:92:8c:6f:ff:c4:89:47:85:b7:a7:2a:
c1:37:23:c9:d4:6d:32:f6:40:94:ce:7d:a5:48:b4:
bb:49:fd:50:5a:c0:b3:e2:99:0f:c4:c5:ee:6a:f7:
ef:28:6f:eb:5f:4f:12:0d:16:ab:76:53:5b:24:6c:
06:05:05:5f:87:20:f0:21:f2:da:c0:62:67:18:df:
8f:51:72:e7:a0:a2:47:bc:67:0e:c1:23:eb:95:d1:
9d:ae:8c:b5:d6:c8:8a:e8:05:69:ef:93:0c:5b:58:
56:09:4d:0a:88:22:48:0d:66:ed:42:ea:65:31:f6:
57:46:16:db:97:3f:94:d4:a6:c8:c3:dd:20:22:3c:
47:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D7:3F:CA:8D:B8:61:AE:85:CF:A6:12:BE:7C:E0:51:44:94:3C:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
82:1f:d9:e4:55:b4:55:12:c7:17:e4:cf:52:16:84:c1:6a:33:
3b:98:a8:24:56:5a:6f:b5:dd:a6:44:f0:d2:1a:be:28:53:43:
0e:9b:57:45:a5:27:6e:c4:93:f2:12:4f:3a:a6:52:5e:5f:44:
62:9e:79:a4:fa:76:9d:5e:8d:b5:18:b8:59:ca:16:de:16:96:
d3:4c:cc:88:66:49:f4:c7:ce:ca:e1:aa:23:4b:dc:64:de:4a:
42:cc:77:8e:60:dc:b4:a7:8a:0e:4f:df:5e:c7:77:34:d7:d1:
0c:83:bf:15:5f:dc:b8:b4:5e:e8:9f:0a:c3:a8:b7:95:3b:ae:
75:1b:15:64:9f:53:b6:23:83:11:96:86:86:53:3d:76:b6:0d:
b0:f7:44:25:96:6b:36:f2:19:fe:f7:ae:f2:71:ce:d4:75:0a:
a6:92:db:13:41:73:c4:22:61:b0:61:fa:c2:74:ea:1b:03:32:
08:bd:20:86:9d:25:17:76:07:3b:bf:a4:e9:53:fd:22:bb:0c:
ec:76:51:be:af:69:6c:38:23:a7:22:24:69:70:d5:a8:71:52:
e8:c2:09:9d:99:aa:01:74:b9:24:53:35:36:28:53:b3:64:f9:
63:c1:c1:96:d9:15:9c:3c:c0:d6:32:f0:ac:67:f8:8a:6b:ac:
56:23:8c:3e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSepp4LhY/wNHrC9+OKBHYgrbF1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjNWY0NTIxYmE2NzRjNDZkZmUzN2M1NzYwNTk3OWYxZWMwNGYwNmU4NGYz
NmRiMGE1YjAyNzRjOGVhMmY0YmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvNpI9k/KosL756WOuns+nFfeCZlslPOAOj/I61G3N4POl8bVsgxWN5jQMU
8TfrD/Z8eYOOMJ9heTGy8/vsBKtvRD+ub1j+ly+FQrGXbO+6IPhoIeCSDYVmbzkA
//txVdO0G/90ZPSi4mRPjEPNUxma4kx/f2EbmZ0liJKMb//EiUeFt6cqwTcjydRt
MvZAlM59pUi0u0n9UFrAs+KZD8TF7mr37yhv619PEg0Wq3ZTWyRsBgUFX4cg8CHy
2sBiZxjfj1Fy56CiR7xnDsEj65XRna6MtdbIiugFae+TDFtYVglNCogiSA1m7ULq
ZTH2V0YW25c/lNSmyMPdICI8RxMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQe1z/K
jbhhroXPphK+fOBRRJQ86jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQCCH9nkVbRVEscX5M9SFoTBajM7mKgkVlpvtd2mRPDS
Gr4oU0MOm1dFpSduxJPyEk86plJeX0Rinnmk+nadXo21GLhZyhbeFpbTTMyIZkn0
x87K4aojS9xk3kpCzHeOYNy0p4oOT99ex3c019EMg78VX9y4tF7onwrDqLeVO651
GxVkn1O2I4MRloaGUz12tg2w90Qllms28hn+967ycc7UdQqmktsTQXPEImGwYfrC
dOobAzIIvSCGnSUXdgc7v6TpU/0iuwzsdlG+r2lsOCOnIiRpcNWocVLowgmdmaoB
dLkkUzU2KFOzZPljwcGW2RWcPMDWMvCsZ/iKa6xWI4w+
-----END CERTIFICATE-----
Generated at Fri May 9 12:43:03 2025 by rpki-client