Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: ji7Z7IQ22x5AFPGrDPyqQ3p7nF0DHw86oTK0K3AE35Q=
Subject key identifier: EA:BF:35:56:4B:5E:BD:5F:AA:02:4D:23:16:50:EA:78:07:26:B2:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 445DAF53136D0AB6F76AAC1793A7DD45D5F71B93
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Wed 05 Mar 2025 17:51:54 +0000
ROA not before: Wed 05 Mar 2025 17:51:54 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 18:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:5d:af:53:13:6d:0a:b6:f7:6a:ac:17:93:a7:dd:45:d5:f7:1b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:54 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:af:19:35:90:4a:e9:ff:bd:6c:5e:2b:32:ea:
7c:17:32:96:2b:8e:3a:61:87:f2:68:15:8a:45:d8:
a7:6e:cd:8c:4d:42:3b:b7:c9:7a:0a:02:7f:c3:12:
6f:16:5c:e9:40:88:0e:98:43:fc:cf:3d:ca:42:ca:
6d:14:3f:5e:7b:84:e2:3c:d2:bf:f7:8f:82:1b:9d:
ba:4e:3c:4a:91:90:38:0d:44:4e:19:b4:65:94:42:
f4:00:58:8c:a9:75:95:f9:d3:33:2b:d0:d6:e0:51:
60:1d:83:06:81:5c:49:3f:0d:ca:ca:79:56:f2:8a:
08:b5:20:92:88:84:f6:f5:eb:e7:ec:7f:29:72:6a:
80:81:29:8a:c1:eb:c3:02:d4:52:0d:79:95:13:84:
22:a7:2b:89:db:60:28:d4:f6:cb:8b:a1:43:62:5d:
55:4a:f4:5d:45:d7:95:d1:4a:1b:bd:43:63:39:b6:
9e:a4:d0:ce:de:f0:0b:cb:fd:f9:7d:96:37:b3:ee:
e2:5b:59:e0:db:f9:a4:ec:3d:31:97:1b:7e:ba:8b:
5f:1c:05:bf:ee:cb:51:a0:c0:72:f0:b8:7d:76:bc:
98:d8:ab:72:16:7c:41:89:f4:32:e8:c3:87:35:cc:
76:1b:50:00:e8:26:eb:94:57:3e:09:6a:bf:9d:4e:
ef:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:BF:35:56:4B:5E:BD:5F:AA:02:4D:23:16:50:EA:78:07:26:B2:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:02:d4:37:58:00:df:67:0e:e2:c3:d1:ab:d4:6d:3f:55:9f:
be:25:c8:63:3c:ba:a8:d0:4b:80:ab:8c:28:83:51:09:2f:ee:
e7:b0:86:49:6d:1a:86:f7:35:49:54:f2:f0:f5:3d:88:49:f7:
fe:aa:46:a9:c4:1f:6b:7c:dc:43:23:a2:7f:c0:94:2b:95:35:
6b:22:6c:c4:0d:9a:34:ce:16:92:37:1e:3a:3f:1b:26:b0:d3:
2a:8b:66:d8:d9:c2:b1:77:49:4b:4b:51:7f:11:9e:95:ff:bc:
0b:5c:e8:6c:9e:30:e7:12:70:72:ea:2d:4a:7c:17:43:01:8b:
3d:c8:36:88:84:2e:15:17:03:41:92:2a:cd:c9:e1:70:e1:9a:
21:c2:e8:19:80:8b:c0:80:2d:5b:9a:4c:8c:13:8a:a0:c0:69:
39:f6:0b:40:9d:b2:f3:9c:d4:ba:fb:6e:01:41:d4:f8:74:e3:
ec:5a:96:cf:2d:ac:0e:32:f7:43:58:0a:31:ba:f8:fc:4b:97:
31:0b:6e:5c:1d:0c:4d:1b:72:b4:3c:3a:4f:45:45:14:29:c2:
bb:1a:6e:b3:0e:96:f7:dc:52:0d:6e:79:c7:a8:80:3a:52:71:
ce:15:a8:0c:3b:15:26:41:4c:67:2e:2d:f5:37:58:14:02:fc:
8d:3f:0c:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURF2vUxNtCrb3aqwXk6fdRdX3G5MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxNTRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4YTQ4YWEzNzBmZGQ4Y2QxOGI4MjI3ZWU4ZTlmZTUxNWNkNTI1N2M0ZDVm
NzAwMDY2Njc3NWI2NDFmMTU3Y2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKvGTWQSun/vWxeKzLqfBcyliuOOmGH8mgVikXYp27NjE1CO7fJegoCf8MS
bxZc6UCIDphD/M89ykLKbRQ/XnuE4jzSv/ePghuduk48SpGQOA1EThm0ZZRC9ABY
jKl1lfnTMyvQ1uBRYB2DBoFcST8Nysp5VvKKCLUgkoiE9vXr5+x/KXJqgIEpisHr
wwLUUg15lROEIqcridtgKNT2y4uhQ2JdVUr0XUXXldFKG71DYzm2nqTQzt7wC8v9
+X2WN7Pu4ltZ4Nv5pOw9MZcbfrqLXxwFv+7LUaDAcvC4fXa8mNirchZ8QYn0MujD
hzXMdhtQAOgm65RXPglqv51O75ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTqvzVW
S169X6oCTSMWUOp4Byay1zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBiAtQ3WADfZw7iw9Gr1G0/VZ++JchjPLqo0EuAq4wo
g1EJL+7nsIZJbRqG9zVJVPLw9T2ISff+qkapxB9rfNxDI6J/wJQrlTVrImzEDZo0
zhaSNx46PxsmsNMqi2bY2cKxd0lLS1F/EZ6V/7wLXOhsnjDnEnBy6i1KfBdDAYs9
yDaIhC4VFwNBkirNyeFw4ZohwugZgIvAgC1bmkyME4qgwGk59gtAnbLznNS6+24B
QdT4dOPsWpbPLawOMvdDWAoxuvj8S5cxC25cHQxNG3K0PDpPRUUUKcK7Gm6zDpb3
3FINbnnHqIA6UnHOFagMOxUmQUxnLi31N1gUAvyNPwwr
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:52:48 2025 by rpki-client