Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
File: fd04a54b-459a-491a-a013-59d0ed55825f.roa (raw, json)
Hash identifier: tRE+AxywcPm2PP7Pt2ur2W0vR2wyZldFVDi9BL5fsbI=
Subject key identifier: FE:B2:D4:F8:4F:08:3E:92:2F:23:45:BF:D2:67:C2:9F:B1:24:8B:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BC9D9D3E8D4FE7D7BA70F5F70F22FF5EF022A28
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
Signing time: Wed 05 Feb 2025 00:00:00 +0000
ROA not before: Wed 05 Feb 2025 00:00:00 +0000
ROA not after: Wed 12 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:c9:d9:d3:e8:d4:fe:7d:7b:a7:0f:5f:70:f2:2f:f5:ef:02:2a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 5 00:00:00 2025 GMT
Not After : Mar 12 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d0:ef:52:da:ce:a0:d6:7d:3c:fb:6f:d6:2f:
cc:49:c7:30:60:ac:3a:49:02:cc:81:cb:2c:b5:1a:
24:b5:b6:a7:8c:f6:f8:6d:9f:d8:27:08:38:aa:83:
3a:b9:cc:d5:71:90:2c:e6:cc:66:4a:45:3c:e1:65:
5f:7e:67:e9:79:27:c9:be:94:e2:d6:18:02:cd:48:
7c:33:55:db:8f:ad:93:0d:f6:06:9b:ee:c2:82:52:
08:97:7b:df:87:3a:90:f4:9d:0e:37:c6:f2:e1:2c:
bc:74:68:99:d1:22:01:35:30:16:14:c1:70:d4:81:
e3:0e:e5:c6:cc:61:00:fd:4a:85:28:ef:6d:a9:9d:
4e:b9:d0:25:60:5c:67:74:e4:60:0d:dc:1a:9b:29:
34:f0:b4:56:07:16:58:74:4d:14:88:70:5d:84:fb:
0f:69:0a:37:e2:71:93:30:31:10:50:8b:65:04:9f:
c6:80:16:53:f0:05:89:7c:84:a2:37:cc:5e:9d:3c:
0d:1b:54:b4:15:a8:d7:24:e9:7c:3b:d8:14:01:e1:
19:e9:f5:32:8e:6c:86:d5:8a:2d:fe:0e:35:87:2f:
d5:13:1c:27:20:16:ab:ac:08:2b:e2:8c:14:6a:26:
3a:0e:11:0b:fe:28:51:16:df:2a:3e:6f:6e:14:a2:
40:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B2:D4:F8:4F:08:3E:92:2F:23:45:BF:D2:67:C2:9F:B1:24:8B:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:53:66:66:13:80:52:c8:d0:d8:76:ee:d5:44:63:52:88:32:
b3:4b:65:70:2a:87:5f:ba:07:a5:30:9f:5d:dc:d5:eb:93:76:
8c:98:18:ab:ba:40:ed:b8:20:d1:5a:9c:f9:e7:1b:51:8a:80:
aa:9e:89:fd:35:83:fc:09:a0:7b:17:44:0c:c6:c7:1f:8d:62:
9e:c6:97:20:14:71:74:79:82:c6:83:fb:00:b1:eb:e3:78:89:
6d:4b:de:3b:07:ff:5d:4d:e0:18:f8:fd:6a:b6:12:11:d7:95:
13:34:23:26:cf:bf:a4:c7:a5:03:c6:c4:6f:a8:37:2f:e1:c1:
6d:2f:38:37:11:6d:d1:cc:48:4a:3a:58:51:c7:68:4f:24:9e:
4e:48:ce:b8:26:87:13:2a:f6:e4:a7:5e:93:31:13:b1:36:21:
15:52:49:15:64:fc:12:90:7f:c4:ea:44:96:71:03:b9:b2:4c:
98:77:62:e0:5a:0a:fb:fa:f0:9e:96:eb:b5:d4:16:6e:f4:3a:
37:47:b9:11:5f:f6:6a:53:77:e3:d8:66:c1:ed:f5:05:b2:59:
e6:d6:5b:93:02:bf:b8:af:f7:8a:e1:b7:46:1b:9b:b8:31:ef:
87:15:93:d5:17:6b:44:8f:5d:81:83:8f:69:39:d3:c6:f1:9b:
c2:55:cf:ac
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa8nZ0+jU/n17pw9fcPIv9e8CKigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAyMDUwMDAwMDBaFw0yNTAzMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiYWI2YzY5YjcxZWFjODM4OWM0MGNjZDAxMTAxY2NkYWM2MzRlZDAwZGI1
ZjUxMDRiYTcxODhkNDUwNTBlNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/Q71LazqDWfTz7b9YvzEnHMGCsOkkCzIHLLLUaJLW2p4z2+G2f2CcIOKqD
OrnM1XGQLObMZkpFPOFlX35n6Xknyb6U4tYYAs1IfDNV24+tkw32BpvuwoJSCJd7
34c6kPSdDjfG8uEsvHRomdEiATUwFhTBcNSB4w7lxsxhAP1KhSjvbamdTrnQJWBc
Z3TkYA3cGpspNPC0VgcWWHRNFIhwXYT7D2kKN+JxkzAxEFCLZQSfxoAWU/AFiXyE
ojfMXp08DRtUtBWo1yTpfDvYFAHhGen1Mo5shtWKLf4ONYcv1RMcJyAWq6wIK+KM
FGomOg4RC/4oURbfKj5vbhSiQPMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+stT4
Twg+ki8jRb/SZ8KfsSSLhTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmQwNGE1NGItNDU5YS00OTFhLWEwMTMtNTlkMGVkNTU4MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQDJU2ZmE4BSyNDYdu7VRGNSiDKzS2VwKodfugelMJ9d
3NXrk3aMmBirukDtuCDRWpz55xtRioCqnon9NYP8CaB7F0QMxscfjWKexpcgFHF0
eYLGg/sAsevjeIltS947B/9dTeAY+P1qthIR15UTNCMmz7+kx6UDxsRvqDcv4cFt
Lzg3EW3RzEhKOlhRx2hPJJ5OSM64JocTKvbkp16TMROxNiEVUkkVZPwSkH/E6kSW
cQO5skyYd2LgWgr7+vCeluu11BZu9Do3R7kRX/ZqU3fj2GbB7fUFslnm1luTAr+4
r/eK4bdGG5u4Me+HFZPVF2tEj12Bg49pOdPG8ZvCVc+s
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:41 2025 by rpki-client