Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
File: 97585122-fbed-4029-849a-162097054103.roa (raw, json)
Hash identifier: DuPvuR3Tg/9pFHNQumT2Rx51ALG3t/tmUp/vWMkfoW4=
Subject key identifier: 6A:3E:5E:BF:5A:88:5B:68:44:DD:E8:1D:A7:E3:36:C9:84:92:A4:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D7D110877B9B5C5414BED00B166EBF029996747
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
Signing time: Tue 06 May 2025 00:50:18 +0000
ROA not before: Tue 06 May 2025 00:50:18 +0000
ROA not after: Tue 10 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:7d:11:08:77:b9:b5:c5:41:4b:ed:00:b1:66:eb:f0:29:99:67:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 6 00:50:18 2025 GMT
Not After : Jun 10 23:59:59 2025 GMT
Subject: serialNumber=e3e136390f7f1c71d782a38c3551ac91c0da9411f6779838646e24d9d6efe671, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e5:ef:a8:2a:e8:aa:0c:ab:8e:0e:b0:2d:86:
a9:43:22:21:53:8f:2e:af:f6:74:74:58:6a:37:28:
a1:df:a1:2d:8e:0d:10:40:27:7c:61:6e:35:5b:0e:
4c:32:cf:bb:8c:42:cf:25:78:a0:68:ec:e3:7a:a0:
21:66:bb:d6:d2:47:f7:c8:5b:2c:1b:eb:9c:a0:95:
8c:c2:c6:f5:e4:a6:cc:67:61:8c:0c:22:f6:b8:06:
e6:ac:69:d3:38:a0:51:bf:c3:43:de:fe:20:66:4c:
48:17:cc:32:09:d8:03:df:b4:e4:fa:2c:67:83:c9:
65:56:de:7a:53:36:dc:d9:d0:16:18:69:38:e2:25:
06:04:fc:b5:17:a6:51:6b:68:af:d9:b9:14:26:67:
7f:be:90:77:2e:fb:bb:c5:43:47:7a:66:5a:fe:65:
f3:94:6d:64:f1:4f:31:5c:a7:bc:30:90:af:71:38:
a9:db:14:f1:12:1d:db:4a:f2:ca:2a:a6:2a:08:b7:
8c:b3:86:ba:c4:c8:88:dd:ad:73:60:21:29:b2:3c:
45:88:5c:6f:21:52:f2:9c:56:a0:f9:d7:ca:4f:7c:
0d:0e:e3:52:81:6c:98:df:f1:09:cd:b0:64:5a:4a:
fc:b6:2e:b1:b4:64:89:74:3c:76:f5:01:af:c8:2f:
0a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3E:5E:BF:5A:88:5B:68:44:DD:E8:1D:A7:E3:36:C9:84:92:A4:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
49:84:f6:4f:cb:8b:46:d2:8c:df:39:6b:87:f5:da:39:c2:cd:
23:0d:b7:39:c3:7c:04:24:19:2a:01:a0:4b:d1:92:61:6c:b5:
6b:12:da:e1:59:0a:3c:29:e5:60:47:c6:46:e6:be:7f:4e:dd:
29:32:48:31:4b:3d:6b:a5:38:33:e8:97:08:06:3f:5d:7a:30:
b9:65:90:0d:a5:64:56:78:9f:0c:95:12:a2:37:36:c7:a8:56:
4b:d6:5f:38:06:46:c8:87:1b:46:aa:ed:a1:4e:48:82:ff:57:
9b:69:0f:da:5c:b8:1f:b9:a8:86:ba:0b:9b:69:80:5b:6f:b5:
d5:1f:8b:f8:ca:87:ec:24:96:44:5d:9c:f3:e9:82:b6:26:6e:
19:a8:8a:23:51:b2:3a:4f:af:58:f3:b2:44:57:9e:41:e7:b7:
0f:ae:4a:dc:05:0d:42:fc:df:18:fa:3a:2c:2f:87:e2:e3:76:
dc:85:d9:b0:29:00:80:95:28:66:31:ff:f7:08:27:9e:74:61:
16:a2:72:ba:98:d3:14:6f:88:76:cc:6f:34:35:2c:fa:76:69:
ad:2a:1d:bc:56:9b:ca:49:83:f2:73:72:cb:f4:54:77:2a:ca:
21:ba:02:cb:3d:7e:58:1a:b3:ad:b9:0a:2e:a1:dc:ff:0f:66:
90:15:f1:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfX0RCHe5tcVBS+0AsWbr8CmZZ0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MDYwMDUwMThaFw0yNTA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzZTEzNjM5MGY3ZjFjNzFkNzgyYTM4YzM1NTFhYzkxYzBkYTk0MTFmNjc3
OTgzODY0NmUyNGQ5ZDZlZmU2NzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzl76gq6KoMq44OsC2GqUMiIVOPLq/2dHRYajcood+hLY4NEEAnfGFuNVsO
TDLPu4xCzyV4oGjs43qgIWa71tJH98hbLBvrnKCVjMLG9eSmzGdhjAwi9rgG5qxp
0zigUb/DQ97+IGZMSBfMMgnYA9+05PosZ4PJZVbeelM23NnQFhhpOOIlBgT8tRem
UWtor9m5FCZnf76Qdy77u8VDR3pmWv5l85RtZPFPMVynvDCQr3E4qdsU8RId20ry
yiqmKgi3jLOGusTIiN2tc2AhKbI8RYhcbyFS8pxWoPnXyk98DQ7jUoFsmN/xCc2w
ZFpK/LYusbRkiXQ8dvUBr8gvCgcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqPl6/
WohbaETd6B2n4zbJhJKkSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTc1ODUxMjItZmJlZC00MDI5LTg0OWEtMTYyMDk3MDU0MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQBJhPZPy4tG0ozfOWuH9do5ws0jDbc5w3wEJBkqAaBL
0ZJhbLVrEtrhWQo8KeVgR8ZG5r5/Tt0pMkgxSz1rpTgz6JcIBj9dejC5ZZANpWRW
eJ8MlRKiNzbHqFZL1l84BkbIhxtGqu2hTkiC/1ebaQ/aXLgfuaiGugubaYBbb7XV
H4v4yofsJJZEXZzz6YK2Jm4ZqIojUbI6T69Y87JEV55B57cPrkrcBQ1C/N8Y+jos
L4fi43bchdmwKQCAlShmMf/3CCeedGEWonK6mNMUb4h2zG80NSz6dmmtKh28VpvK
SYPyc3LL9FR3KsohugLLPX5YGrOtuQouodz/D2aQFfGV
-----END CERTIFICATE-----
Generated at Fri May 9 13:13:17 2025 by rpki-client