Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: NH2GXkYtHqWE98dwn/TbDFOUKBAJjamWZqqjSHzzox0=
Subject key identifier: B0:93:3F:C6:93:FA:D2:DA:08:1E:C7:D4:92:95:2F:66:88:E3:87:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3450D4CED2ED5FA1B13F43ACC3340990B00F7102
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Mon 28 Apr 2025 15:50:18 +0000
ROA not before: Mon 28 Apr 2025 15:50:18 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:50:d4:ce:d2:ed:5f:a1:b1:3f:43:ac:c3:34:09:90:b0:0f:71:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:18 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=fae1c0807022c2b29e147b1e5d48c48eb8e21684cf647a50b9fe071b655457d1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fe:a8:41:aa:bd:25:c6:87:d3:f3:b4:59:f7:
3c:95:2b:7a:dc:f0:42:47:47:a7:88:b1:53:64:fe:
1e:55:1b:a5:a7:48:ed:04:2e:e0:d5:ce:e1:6d:c7:
11:62:e1:ea:9c:12:93:48:9a:e7:19:6e:22:61:b9:
d0:f7:f3:f6:4e:68:1f:fc:98:a2:5a:d3:a4:a6:5e:
79:45:1e:05:c4:f9:48:c0:67:cc:9f:fc:72:54:ab:
98:37:53:ad:85:64:f7:1f:04:58:ce:63:fd:06:94:
b1:aa:45:ce:bf:b2:0b:0f:8f:bc:ad:3f:85:9e:3d:
2f:2b:03:4a:6d:22:4e:b0:5a:76:14:7f:03:bc:cc:
a8:86:06:bf:8d:79:8b:f7:25:13:bd:2a:3f:98:a6:
cd:1a:01:3b:16:12:62:d2:74:41:d6:8f:b3:75:dc:
66:41:b0:e6:1d:a6:a1:1d:1a:77:50:37:f2:51:58:
07:fa:90:5c:25:a2:a1:c2:0c:7d:b2:27:a1:33:4b:
01:85:eb:26:0b:f1:71:cb:f4:5a:2e:7e:0d:99:08:
c0:d4:20:f1:b4:8e:ba:52:23:6c:9c:ae:fc:a6:d5:
6f:20:0e:c0:c0:53:1a:e0:0f:b1:f9:6e:68:ac:43:
63:70:e8:a8:da:cb:b5:2e:db:d8:c8:11:eb:68:25:
a7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:93:3F:C6:93:FA:D2:DA:08:1E:C7:D4:92:95:2F:66:88:E3:87:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
55:f1:36:54:93:14:cf:a4:9f:0d:52:4d:17:ba:5a:bd:0b:5e:
42:6a:49:b1:4e:38:ec:9b:7f:c0:5c:7d:bc:ba:b8:7c:c5:87:
2d:7a:2a:2a:aa:71:f5:b1:c9:45:bb:18:62:79:d0:7d:83:ea:
20:5f:89:85:a2:44:b3:53:fe:ba:c5:bd:4d:ef:61:82:44:ff:
0a:ac:ce:30:23:6f:ce:ce:5f:b6:91:98:e1:cd:64:a5:9f:e6:
35:5f:a6:f6:1e:81:17:a7:25:e1:c8:ed:f4:3e:43:66:cc:5e:
75:c6:4d:57:f4:d6:02:fa:86:4e:e7:53:f1:12:c2:ff:4e:5e:
68:3d:8c:10:7c:31:d8:b0:c2:2a:42:5a:82:a2:ab:83:a1:e4:
be:2a:e7:0d:98:64:e9:fd:f0:d7:3b:5e:0c:53:25:7c:a0:3e:
4e:6a:05:ec:ec:4e:3e:42:df:4f:6f:b8:4c:ce:2e:ec:1d:87:
12:d3:24:16:68:53:64:88:16:14:55:34:02:61:02:90:86:c8:
e2:1a:d7:22:ec:55:78:cd:dd:d8:fc:b9:39:b5:99:fb:eb:69:
0d:99:0d:d6:d3:96:4e:da:9b:bf:23:44:fc:a6:11:54:0b:69:
b3:c4:6a:9b:7b:20:12:3b:90:71:ba:55:74:69:12:a2:e0:6e:
72:04:3c:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNFDUztLtX6GxP0OswzQJkLAPcQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwMThaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhZTFjMDgwNzAyMmMyYjI5ZTE0N2IxZTVkNDhjNDhlYjhlMjE2ODRjZjY0
N2E1MGI5ZmUwNzFiNjU1NDU3ZDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMD+qEGqvSXGh9PztFn3PJUretzwQkdHp4ixU2T+HlUbpadI7QQu4NXO4W3H
EWLh6pwSk0ia5xluImG50Pfz9k5oH/yYolrTpKZeeUUeBcT5SMBnzJ/8clSrmDdT
rYVk9x8EWM5j/QaUsapFzr+yCw+PvK0/hZ49LysDSm0iTrBadhR/A7zMqIYGv415
i/clE70qP5imzRoBOxYSYtJ0QdaPs3XcZkGw5h2moR0ad1A38lFYB/qQXCWiocIM
fbInoTNLAYXrJgvxccv0Wi5+DZkIwNQg8bSOulIjbJyu/KbVbyAOwMBTGuAPsflu
aKxDY3DoqNrLtS7b2MgR62glp+UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSwkz/G
k/rS2ggex9SSlS9miOOHqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAVfE2VJMUz6SfDVJNF7pavQteQmpJsU447Jt/wFx9
vLq4fMWHLXoqKqpx9bHJRbsYYnnQfYPqIF+JhaJEs1P+usW9Te9hgkT/CqzOMCNv
zs5ftpGY4c1kpZ/mNV+m9h6BF6cl4cjt9D5DZsxedcZNV/TWAvqGTudT8RLC/05e
aD2MEHwx2LDCKkJagqKrg6HkvirnDZhk6f3w1zteDFMlfKA+TmoF7OxOPkLfT2+4
TM4u7B2HEtMkFmhTZIgWFFU0AmECkIbI4hrXIuxVeM3d2Py5ObWZ++tpDZkN1tOW
TtqbvyNE/KYRVAtps8Rqm3sgEjuQcbpVdGkSouBucgQ8tQ==
-----END CERTIFICATE-----
Generated at Mon May 5 09:22:11 2025 by rpki-client