Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
File: 9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa (raw, json)
Hash identifier: oF5Ol/WVHxiYDJTUb5k7N1QqL3pWtXCWAw+BhwZg6Eg=
Subject key identifier: 17:48:00:82:BB:1A:67:09:6E:99:20:84:09:BC:33:6B:2B:AA:4A:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2AE72D630F87FDA2B8F6D90A1F4F3BD0A160FE0F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
Signing time: Tue 06 May 2025 00:50:19 +0000
ROA not before: Tue 06 May 2025 00:50:19 +0000
ROA not after: Tue 10 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:e7:2d:63:0f:87:fd:a2:b8:f6:d9:0a:1f:4f:3b:d0:a1:60:fe:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 6 00:50:19 2025 GMT
Not After : Jun 10 23:59:59 2025 GMT
Subject: serialNumber=70018627e14ec9e405decbdc587edc4be460a7939806d82eecfd234dc675139a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e9:12:f0:5d:9e:16:b5:6d:42:3b:fc:e4:16:
53:b0:3e:b0:72:ee:58:50:9e:d8:c4:62:f5:0b:c1:
c7:c3:45:f9:54:b2:48:87:f4:3a:e6:3f:d7:a1:ba:
86:de:14:6a:b5:c2:1b:7a:be:62:90:2a:fb:60:10:
81:d5:27:f8:bb:54:27:e4:df:c2:13:70:6d:92:4c:
60:2a:8b:30:e8:ba:e0:a7:30:c5:f5:e7:fd:40:9c:
77:84:bd:e9:45:c6:00:0d:e7:04:f6:7f:c6:46:79:
73:17:36:84:74:f8:f7:d2:d9:5c:5f:84:90:b0:13:
8e:64:40:72:59:21:e2:c5:44:24:30:13:e4:29:13:
10:29:7a:be:77:3c:aa:66:79:c5:52:2b:63:67:b2:
36:be:af:ea:ff:11:66:18:fd:05:78:e8:04:40:6e:
c6:16:be:47:6d:d9:cb:76:44:5b:ce:09:6a:58:73:
44:02:34:b1:7c:a3:46:ef:47:25:33:9a:9b:fe:9a:
7c:31:13:a3:18:65:71:67:a1:e5:ac:2c:99:7a:99:
91:5a:b3:23:ef:c5:08:11:7c:05:d7:94:8f:35:86:
de:71:1c:30:a5:e8:7f:b7:81:1c:55:cb:76:e2:76:
86:a1:4d:b8:39:78:d1:5c:c4:18:68:d3:e7:95:39:
ea:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:48:00:82:BB:1A:67:09:6E:99:20:84:09:BC:33:6B:2B:AA:4A:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:6a:ae:0c:dc:88:c4:82:f4:08:6e:2f:49:a0:6c:9b:83:10:
e7:1b:2d:21:82:9b:d6:03:2e:75:c2:d2:56:df:71:9e:70:bd:
fb:69:86:39:53:db:fc:10:6e:95:1f:8d:26:a4:e9:db:2e:e9:
c5:e5:20:da:21:07:f8:36:98:8b:9f:a4:5f:6e:f6:95:74:dd:
4a:7a:21:54:a7:b5:60:84:55:08:a0:b3:76:60:81:27:ad:3d:
03:42:4b:16:de:eb:13:35:dd:20:2d:7c:1f:37:06:43:e4:54:
24:9e:5c:5b:76:76:f9:ba:ca:7e:1b:6d:74:a8:23:b9:6e:c5:
43:84:30:21:08:c1:83:f4:8b:c6:a8:c7:4e:4a:11:61:4c:3e:
e0:d8:81:48:10:24:23:40:1e:f7:6b:ef:89:77:14:c0:f0:00:
13:21:24:77:2f:45:46:57:d9:70:cd:78:30:91:d4:df:6e:73:
3c:e0:46:a3:c3:ee:02:40:32:fd:9c:37:56:fd:93:5b:42:d2:
4c:e6:9b:91:34:24:f4:90:6e:b1:ef:e6:e4:99:7a:e7:67:23:
7e:ef:67:f5:e1:8c:8e:49:d2:bf:b5:de:9e:0c:07:2e:90:53:
3d:6f:7f:11:12:16:aa:e6:43:04:b5:8e:06:76:22:46:f3:cc:
8c:c5:2c:58
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKuctYw+H/aK49tkKH0870KFg/g8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MDYwMDUwMTlaFw0yNTA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwMDE4NjI3ZTE0ZWM5ZTQwNWRlY2JkYzU4N2VkYzRiZTQ2MGE3OTM5ODA2
ZDgyZWVjZmQyMzRkYzY3NTEzOWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3pEvBdnha1bUI7/OQWU7A+sHLuWFCe2MRi9QvBx8NF+VSySIf0OuY/16G6
ht4UarXCG3q+YpAq+2AQgdUn+LtUJ+TfwhNwbZJMYCqLMOi64KcwxfXn/UCcd4S9
6UXGAA3nBPZ/xkZ5cxc2hHT499LZXF+EkLATjmRAclkh4sVEJDAT5CkTECl6vnc8
qmZ5xVIrY2eyNr6v6v8RZhj9BXjoBEBuxha+R23Zy3ZEW84JalhzRAI0sXyjRu9H
JTOam/6afDEToxhlcWeh5awsmXqZkVqzI+/FCBF8BdeUjzWG3nEcMKXof7eBHFXL
duJ2hqFNuDl40VzEGGjT55U56kkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXSACC
uxpnCW6ZIIQJvDNrK6pK8TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWU1NjUxMGItNWYxYy00N2Y2LThhNTQtMmVmOWM5NmM1NzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQDBaq4M3IjEgvQIbi9JoGybgxDnGy0hgpvWAy51wtJW
33GecL37aYY5U9v8EG6VH40mpOnbLunF5SDaIQf4NpiLn6RfbvaVdN1KeiFUp7Vg
hFUIoLN2YIEnrT0DQksW3usTNd0gLXwfNwZD5FQknlxbdnb5usp+G210qCO5bsVD
hDAhCMGD9IvGqMdOShFhTD7g2IFIECQjQB73a++JdxTA8AATISR3L0VGV9lwzXgw
kdTfbnM84Eajw+4CQDL9nDdW/ZNbQtJM5puRNCT0kG6x7+bkmXrnZyN+72f14YyO
SdK/td6eDAcukFM9b38REhaq5kMEtY4GdiJG88yMxSxY
-----END CERTIFICATE-----
Generated at Fri May 9 07:30:54 2025 by rpki-client