Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: 7G1ACASNrUgDcNw8W4zuV8teFYRdQgR/hddG2mjKT9Y=
Subject key identifier: 02:29:07:EA:32:BB:3B:C0:D2:5D:E8:84:5E:A9:C4:4D:7D:29:22:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35AB393472043343106D065560D3C41823C5A2EF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Fri 25 Apr 2025 20:30:26 +0000
ROA not before: Fri 25 Apr 2025 20:30:26 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:ab:39:34:72:04:33:43:10:6d:06:55:60:d3:c4:18:23:c5:a2:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:26 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b4a88f177c4f626578a2d6ee79dd65fb44c6575201113913dfb135cac68183fb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:98:05:c9:6c:f7:2a:36:23:f6:34:22:aa:fd:
27:4e:a1:83:db:0e:b9:4f:e3:2d:a8:0f:7a:56:37:
51:df:76:bf:8e:98:ca:6a:9f:cc:3d:d1:44:ce:1a:
8c:c6:a8:31:3f:d6:bb:26:39:b1:cf:51:d1:e7:03:
0f:3c:2a:e3:01:b0:da:b8:0a:ba:16:a2:70:95:7c:
4d:87:00:25:f2:3c:97:47:00:8a:d2:b8:5c:11:0d:
35:ce:87:78:38:91:f6:ac:ce:6b:8c:62:b4:94:94:
93:c1:aa:17:74:9c:9b:b2:4c:6f:de:06:5d:c0:ac:
4f:14:03:39:72:e4:ba:27:ae:3f:4a:b8:f1:3b:c9:
bc:d5:4b:d7:ad:ae:13:60:5a:e1:52:64:63:9f:91:
78:18:b8:b8:c6:2d:52:98:24:12:12:17:32:62:fe:
e9:b9:14:83:42:0d:62:93:fd:ff:20:7a:92:80:ec:
73:d9:ab:00:c6:89:66:4d:ed:48:58:ed:fa:53:8c:
e1:9f:f1:a1:45:fc:95:cb:05:55:e7:62:2e:a5:c4:
76:46:f0:b1:3b:2f:91:0b:42:66:2c:b6:d7:d7:1d:
b3:a7:e0:86:3d:6c:60:08:15:e6:ae:b7:31:70:f5:
dd:e1:4b:99:8e:8d:8c:4e:20:ec:d6:d3:4e:65:33:
d6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:29:07:EA:32:BB:3B:C0:D2:5D:E8:84:5E:A9:C4:4D:7D:29:22:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
46:5d:07:9a:49:bd:3d:71:75:c0:70:3d:18:3a:f0:51:f3:8f:
66:e0:8e:53:72:3a:b8:4a:ad:f9:04:1c:c6:f3:59:ce:70:6b:
13:d6:f6:89:5f:0c:69:ab:9f:7c:c6:fc:82:44:a6:8d:b8:62:
50:41:ed:cf:e2:f0:14:c6:67:30:ce:ab:13:8d:08:1f:3c:dc:
d3:89:b1:e7:3a:00:91:8c:2f:6f:ac:cd:a0:61:e6:d9:7e:db:
1c:84:e9:52:47:a2:fa:41:6f:b5:64:45:94:89:36:3a:1c:8e:
fa:e6:76:94:7b:47:4d:56:25:76:c6:05:63:b8:4f:53:b2:9f:
b0:ad:a1:24:66:a5:12:43:52:cb:84:4b:50:2e:37:14:c7:b4:
7a:08:ef:88:f2:fe:c4:0c:1a:e0:02:0a:87:27:61:9b:b2:9c:
83:85:38:46:82:a6:8e:d5:38:2f:78:1b:17:31:df:d3:16:91:
25:67:6d:43:af:06:8a:42:dd:63:63:62:e3:a6:af:80:2c:2a:
dd:68:08:75:ce:48:84:e8:fc:39:6f:57:b8:e0:a0:53:e2:34:
95:c8:e5:b4:00:2c:e9:6e:be:af:24:cd:72:64:d8:f3:33:45:
8d:92:59:33:0e:e9:b6:c8:43:d5:91:d4:22:8b:42:34:32:f7:
41:52:03:5b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNas5NHIEM0MQbQZVYNPEGCPFou8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMjZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0YTg4ZjE3N2M0ZjYyNjU3OGEyZDZlZTc5ZGQ2NWZiNDRjNjU3NTIwMTEx
MzkxM2RmYjEzNWNhYzY4MTgzZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKYBcls9yo2I/Y0Iqr9J06hg9sOuU/jLagPelY3Ud92v46YymqfzD3RRM4a
jMaoMT/WuyY5sc9R0ecDDzwq4wGw2rgKuhaicJV8TYcAJfI8l0cAitK4XBENNc6H
eDiR9qzOa4xitJSUk8GqF3Scm7JMb94GXcCsTxQDOXLkuieuP0q48TvJvNVL162u
E2Ba4VJkY5+ReBi4uMYtUpgkEhIXMmL+6bkUg0INYpP9/yB6koDsc9mrAMaJZk3t
SFjt+lOM4Z/xoUX8lcsFVediLqXEdkbwsTsvkQtCZiy219cds6fghj1sYAgV5q63
MXD13eFLmY6NjE4g7NbTTmUz1p0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQCKQfq
Mrs7wNJd6IReqcRNfSki4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQBGXQeaSb09cXXAcD0YOvBR849m4I5Tcjq4Sq35BBzG
81nOcGsT1vaJXwxpq598xvyCRKaNuGJQQe3P4vAUxmcwzqsTjQgfPNzTibHnOgCR
jC9vrM2gYebZftschOlSR6L6QW+1ZEWUiTY6HI765naUe0dNViV2xgVjuE9Tsp+w
raEkZqUSQ1LLhEtQLjcUx7R6CO+I8v7EDBrgAgqHJ2GbspyDhThGgqaO1TgveBsX
Md/TFpElZ21DrwaKQt1jY2Ljpq+ALCrdaAh1zkiE6Pw5b1e44KBT4jSVyOW0ACzp
br6vJM1yZNjzM0WNklkzDum2yEPVkdQii0I0MvdBUgNb
-----END CERTIFICATE-----
Generated at Fri May 9 12:36:26 2025 by rpki-client