Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: IcWVJDqF2Oykut9Q/2jfrLZvmW/x/bLwpqXXOUNr8fc=
Subject key identifier: 79:19:A4:11:20:5F:A3:F9:51:4F:29:14:EC:24:B1:44:20:35:14:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 663E800C93F09E86EDB5D89170ECE549B51A8235
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Fri 25 Apr 2025 20:40:21 +0000
ROA not before: Fri 25 Apr 2025 20:40:21 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:3e:80:0c:93:f0:9e:86:ed:b5:d8:91:70:ec:e5:49:b5:1a:82:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:21 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7cba1b1aa0f5cbbb865b1dc367b17916f7d981b3c10d98ec16d444af8b917fb7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:32:1e:b9:f3:9b:b3:e8:96:55:68:44:73:d1:
16:21:d6:e9:a4:47:88:ca:a9:d3:c8:cf:1f:28:6e:
9a:ef:15:f1:fb:35:ae:96:5a:6b:cc:83:71:e8:75:
97:45:9a:f6:d1:81:ce:57:7e:f6:49:90:55:1e:99:
d6:2e:dd:27:83:eb:7f:f5:43:d5:6e:31:77:db:27:
af:c8:90:13:c3:a3:92:13:76:7e:8c:7b:2f:83:8d:
0f:8a:bd:47:2a:5c:ca:62:fd:b3:98:62:8b:f5:24:
f1:93:0e:3c:b8:13:4a:47:ab:63:f3:9b:a9:47:17:
90:07:49:71:a2:03:7f:d5:61:a4:a5:e7:c7:44:2e:
50:b2:e9:6d:a2:30:51:a0:65:ea:1d:68:42:9e:e3:
51:d8:9c:b1:97:43:2f:06:12:2e:0b:e4:6f:f6:3b:
e2:b7:9b:e0:90:4c:a7:9a:96:92:8e:7e:1b:a7:43:
7c:f2:41:d3:ad:82:5b:26:d3:88:0b:d0:3d:fd:df:
bf:4b:10:ad:5f:19:22:fa:10:26:45:18:45:3f:cf:
14:9f:6e:dd:35:86:8c:25:bd:88:03:c2:2d:f2:fb:
7b:77:fb:f0:a6:f7:31:38:e5:6c:bf:cd:03:3d:86:
e9:85:b5:72:7b:87:a2:a5:61:52:51:c8:81:15:da:
94:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:19:A4:11:20:5F:A3:F9:51:4F:29:14:EC:24:B1:44:20:35:14:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:7e:b0:84:55:d4:e4:9c:d8:00:54:19:76:9b:08:85:51:fe:
0d:17:ae:67:2d:90:d5:ee:39:ea:21:c1:81:6f:62:2c:bc:7e:
8b:1f:b1:7f:59:d8:5b:09:41:1a:3b:dd:9e:d4:e1:f7:90:a3:
81:67:06:1e:f4:92:b0:15:f8:43:aa:94:fe:62:17:78:a6:96:
e0:5b:44:ea:8b:61:06:66:0b:fb:43:04:64:d4:da:e7:39:3d:
56:13:de:93:9c:ca:5e:0b:e3:90:15:6c:35:c2:7a:83:5a:ad:
70:86:c3:d4:a5:ea:a3:53:a3:fe:30:01:da:c7:62:d3:f4:6b:
d1:e4:89:69:04:8e:fa:db:27:80:0c:f7:e5:ab:a5:4b:d4:d6:
61:3e:4d:29:e5:0a:90:0a:e9:13:75:38:dc:49:f3:ca:9f:97:
7d:36:83:d2:f4:01:60:f6:4c:6d:5b:ee:a5:f0:91:0c:c6:e8:
8f:9b:0a:39:ba:b3:83:e6:56:64:47:46:2d:7d:27:7a:6a:1e:
c1:7c:4e:66:a2:6d:84:99:c4:22:05:5f:90:5e:42:29:9c:04:
af:91:2f:3d:2b:da:77:2a:24:fc:38:15:80:e6:bb:2e:9f:8c:
b5:51:60:1a:16:29:80:cc:19:43:af:89:94:87:14:43:2f:1c:
eb:1b:fe:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZj6ADJPwnobttdiRcOzlSbUagjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMjFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjYmExYjFhYTBmNWNiYmI4NjViMWRjMzY3YjE3OTE2ZjdkOTgxYjNjMTBk
OThlYzE2ZDQ0NGFmOGI5MTdmYjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0yHrnzm7PollVoRHPRFiHW6aRHiMqp08jPHyhumu8V8fs1rpZaa8yDceh1
l0Wa9tGBzld+9kmQVR6Z1i7dJ4Prf/VD1W4xd9snr8iQE8OjkhN2fox7L4OND4q9
RypcymL9s5hii/Uk8ZMOPLgTSkerY/ObqUcXkAdJcaIDf9VhpKXnx0QuULLpbaIw
UaBl6h1oQp7jUdicsZdDLwYSLgvkb/Y74reb4JBMp5qWko5+G6dDfPJB062CWybT
iAvQPf3fv0sQrV8ZIvoQJkUYRT/PFJ9u3TWGjCW9iAPCLfL7e3f78Kb3MTjlbL/N
Az2G6YW1cnuHoqVhUlHIgRXalPkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR5GaQR
IF+j+VFPKRTsJLFEIDUU8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBBfrCEVdTknNgAVBl2mwiFUf4NF65nLZDV7jnqIcGB
b2IsvH6LH7F/WdhbCUEaO92e1OH3kKOBZwYe9JKwFfhDqpT+Yhd4ppbgW0Tqi2EG
Zgv7QwRk1NrnOT1WE96TnMpeC+OQFWw1wnqDWq1whsPUpeqjU6P+MAHax2LT9GvR
5IlpBI762yeADPflq6VL1NZhPk0p5QqQCukTdTjcSfPKn5d9NoPS9AFg9kxtW+6l
8JEMxuiPmwo5urOD5lZkR0YtfSd6ah7BfE5mom2EmcQiBV+QXkIpnASvkS89K9p3
KiT8OBWA5rsun4y1UWAaFimAzBlDr4mUhxRDLxzrG/7Z
-----END CERTIFICATE-----
Generated at Fri May 9 10:08:09 2025 by rpki-client