Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
File: b39e8644-b3a5-4477-b7b6-d340235a9010.roa (raw, json)
Hash identifier: 9TjGiuqZGHJXddM/bps1LPmbLhv02+6oTwkAju6I5+o=
Subject key identifier: 56:C8:E6:88:5A:FE:E0:47:28:75:8E:29:9E:04:DE:E4:98:A9:0E:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1925026C2980B8564C06CAF34AB75280152B51DE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
Signing time: Fri 16 May 2025 17:40:03 +0000
ROA not before: Fri 16 May 2025 17:40:03 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:25:02:6c:29:80:b8:56:4c:06:ca:f3:4a:b7:52:80:15:2b:51:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 16 17:40:03 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=44b5cdb38c2625da76459ef5a0bd5f3c0c136401aca87f36cfc839a68fbc061b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:86:43:02:f7:e7:57:62:b1:54:ca:89:44:5c:
39:13:14:02:21:bf:55:94:28:7c:0c:6d:cf:ac:39:
30:0d:11:d4:6c:ba:6d:2d:8d:0a:ec:6d:3f:07:ee:
3a:85:45:75:22:65:c6:79:69:0d:28:2d:51:2b:45:
d9:ac:d5:f5:6c:ae:c7:90:b3:f2:9e:83:87:41:ac:
de:79:0c:70:12:7a:c5:92:92:ee:d4:13:11:a0:a7:
7a:36:1a:aa:ae:8d:28:68:65:26:d6:93:2f:fb:94:
79:ad:ba:b8:19:53:8c:d3:35:33:3e:fe:d4:6e:22:
81:7f:d5:c0:2e:ef:36:71:11:9d:ab:2c:60:2b:e3:
64:1a:bc:21:e7:5b:d4:18:57:36:96:80:98:3a:e0:
d6:3f:f9:2b:40:7e:30:89:72:22:54:5c:59:a7:60:
4a:fe:94:2f:96:c1:41:56:d3:52:ba:bf:70:c4:41:
41:b6:f4:2a:8d:cf:2e:bd:1c:50:9a:a5:ae:7f:ee:
31:df:ee:dc:00:e6:b1:c3:5d:d5:0f:de:c8:dc:f0:
1c:69:49:ac:5c:31:b9:8e:b7:fb:bb:f0:d1:7e:5c:
6f:08:8c:65:18:08:73:7a:9a:88:26:2b:01:9f:fb:
0e:7c:14:81:a6:5b:86:81:9a:1e:7f:8f:e0:07:fd:
1a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C8:E6:88:5A:FE:E0:47:28:75:8E:29:9E:04:DE:E4:98:A9:0E:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2d:36:7b:df:d0:4a:ad:c8:62:33:cd:45:6a:ba:8e:0d:a1:89:
09:97:0b:ec:8a:b7:2b:fd:88:16:f6:8c:47:80:20:5c:15:5c:
1b:c1:51:d5:1e:32:f7:68:13:5a:2a:62:30:78:8b:bb:54:d6:
68:f3:a1:bf:af:dd:6d:86:f5:b6:65:40:c4:9d:1c:d7:6b:71:
24:e7:54:58:04:a4:bd:4a:09:f2:41:13:29:61:0b:79:5f:90:
f8:04:ac:37:54:aa:2c:c5:1a:d2:9f:d4:85:81:78:68:19:af:
b2:35:e3:c4:df:c2:ba:cd:73:11:b1:c8:89:87:ca:9f:b6:74:
b1:36:4d:e5:1d:c0:fc:c7:3a:89:8a:30:1e:e9:65:81:9b:8a:
e5:b4:ee:84:e1:6c:59:9c:cf:e7:80:a8:1d:7d:b1:7b:a2:87:
05:b4:aa:0c:e0:cd:d9:b7:31:66:02:b6:45:6c:21:27:4b:f2:
e0:2e:3c:4b:d7:ec:f3:5d:14:b9:19:26:6d:6f:8b:2a:fb:39:
eb:0d:fe:0a:60:ea:aa:a9:0a:11:eb:97:ca:15:8d:dc:9d:8c:
b6:13:33:e7:c6:3a:67:4e:a0:09:22:f7:7a:0b:a0:d6:99:f3:
a0:b8:34:10:de:aa:22:94:2b:72:f1:ee:0e:da:c1:3d:a3:d4:
9f:64:17:39
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGSUCbCmAuFZMBsrzSrdSgBUrUd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MTYxNzQwMDNaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0YjVjZGIzOGMyNjI1ZGE3NjQ1OWVmNWEwYmQ1ZjNjMGMxMzY0MDFhY2E4
N2YzNmNmYzgzOWE2OGZiYzA2MWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuGQwL351disVTKiURcORMUAiG/VZQofAxtz6w5MA0R1Gy6bS2NCuxtPwfu
OoVFdSJlxnlpDSgtUStF2azV9Wyux5Cz8p6Dh0Gs3nkMcBJ6xZKS7tQTEaCnejYa
qq6NKGhlJtaTL/uUea26uBlTjNM1Mz7+1G4igX/VwC7vNnERnassYCvjZBq8Iedb
1BhXNpaAmDrg1j/5K0B+MIlyIlRcWadgSv6UL5bBQVbTUrq/cMRBQbb0Ko3PLr0c
UJqlrn/uMd/u3ADmscNd1Q/eyNzwHGlJrFwxuY63+7vw0X5cbwiMZRgIc3qaiCYr
AZ/7DnwUgaZbhoGaHn+P4Af9Gm0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRWyOaI
Wv7gRyh1jimeBN7kmKkOHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjM5ZTg2NDQtYjNhNS00NDc3LWI3YjYtZDM0MDIzNWE5MDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQAtNnvf0EqtyGIzzUVquo4NoYkJlwvsircr/YgW9oxH
gCBcFVwbwVHVHjL3aBNaKmIweIu7VNZo86G/r91thvW2ZUDEnRzXa3Ek51RYBKS9
SgnyQRMpYQt5X5D4BKw3VKosxRrSn9SFgXhoGa+yNePE38K6zXMRsciJh8qftnSx
Nk3lHcD8xzqJijAe6WWBm4rltO6E4WxZnM/ngKgdfbF7oocFtKoM4M3ZtzFmArZF
bCEnS/LgLjxL1+zzXRS5GSZtb4sq+znrDf4KYOqqqQoR65fKFY3cnYy2EzPnxjpn
TqAJIvd6C6DWmfOguDQQ3qoilCty8e4O2sE9o9SfZBc5
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:29:58 2025 by rpki-client