Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
File: 24601d85-ac6e-46b6-a0d2-d35342ccc951.roa (raw, json)
Hash identifier: VDjW4mfMO59oc3w6qiT7wixqiCl72uIojQOdgT0uqzw=
Subject key identifier: F6:E6:AB:98:C4:23:58:FC:9A:8B:9B:B3:C5:7D:EE:04:EF:09:DF:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E35D32CA0F3B10563A76843AC797959465CDB4D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
Signing time: Mon 28 Apr 2025 15:50:58 +0000
ROA not before: Mon 28 Apr 2025 15:50:58 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:35:d3:2c:a0:f3:b1:05:63:a7:68:43:ac:79:79:59:46:5c:db:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:58 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=413e6f2d4a05f5e24115d463808137fc28bc001742c617e8812b8f3b5b9c77d0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:38:0a:66:3a:65:b3:be:aa:ed:8a:cd:2d:47:
f9:43:f6:6e:f1:30:c4:6f:cf:a5:b1:f0:60:df:57:
f7:a7:3f:61:3b:5c:8e:96:44:48:7a:1b:2a:47:fd:
62:b5:f9:5b:14:37:55:ef:4e:69:a8:3d:67:9b:e6:
d6:ee:12:43:83:7d:bd:8c:4f:53:a6:8f:70:9e:70:
b8:df:2f:bf:1e:89:7c:b5:e0:7a:7a:1d:9a:2e:21:
b1:c1:65:2c:2c:87:cf:15:88:23:a1:06:f4:fd:2f:
a0:6b:5e:f8:e8:34:0f:c7:18:5b:1e:99:a2:d3:3c:
a4:9e:8e:d2:e8:b5:ee:4f:c0:34:d7:d6:47:9f:c2:
5d:81:ff:b1:83:70:4f:12:a5:85:6b:28:31:3b:0b:
08:ad:3a:af:2f:74:6c:3a:94:ac:69:54:84:0a:f7:
7a:89:60:f4:ab:ad:e4:f7:c4:15:36:90:d6:51:89:
ad:73:0c:70:b4:d4:eb:e5:b2:9f:ec:06:51:5c:f1:
f2:d9:2e:72:b1:b7:0b:e3:c1:96:6d:9a:6a:d0:77:
c7:a9:d9:76:4d:3e:65:d3:c2:e1:6c:43:85:18:5d:
5c:d7:c3:b0:f2:1c:1a:c2:e6:7a:09:98:2c:65:35:
26:81:ba:ea:2e:ec:d3:77:ea:d2:15:96:6e:e1:ee:
ea:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E6:AB:98:C4:23:58:FC:9A:8B:9B:B3:C5:7D:EE:04:EF:09:DF:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:77:bf:3d:67:5b:37:c1:ee:17:17:87:84:c0:e5:82:d9:fe:
2f:d3:0d:91:25:a8:7b:e2:76:37:de:fa:0a:4d:12:47:11:39:
6b:0e:98:cf:a7:5d:92:af:af:0f:42:37:af:12:62:e8:d9:cc:
dd:eb:eb:dd:3f:cd:03:c7:e4:1a:02:dc:d0:ef:f6:a8:3f:b1:
69:93:bc:41:2d:ba:da:2e:a5:db:7c:a5:39:a0:2f:fe:72:6e:
0f:2a:f6:d2:c9:a7:6b:ec:b7:82:3d:ce:68:1b:78:61:77:9f:
b2:16:e7:68:69:cc:53:cb:2a:83:70:91:3c:36:8a:53:3d:e0:
48:51:1a:b6:db:ba:a3:cf:a7:5a:d2:fd:b5:9c:4a:7d:bc:e2:
56:d0:7e:d4:c6:0b:32:2f:1c:0a:f4:c2:af:b1:74:d3:4e:3a:
4f:40:f1:7e:94:46:26:c6:86:3f:37:d8:1f:f9:7e:69:5e:df:
7e:cb:10:33:57:cb:88:81:9a:a7:da:43:2c:7e:43:63:2f:08:
36:cf:f3:8e:89:6b:5c:e7:df:82:0b:80:b6:43:5a:d9:9c:39:
2e:a3:c2:8c:c3:55:b2:8f:d2:8c:5d:47:b4:aa:e4:73:91:bb:
94:0e:eb:24:02:62:18:07:a2:cf:5a:34:ce:be:19:08:14:91:
ed:53:92:79
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbjXTLKDzsQVjp2hDrHl5WUZc200wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNThaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxM2U2ZjJkNGEwNWY1ZTI0MTE1ZDQ2MzgwODEzN2ZjMjhiYzAwMTc0MmM2
MTdlODgxMmI4ZjNiNWI5Yzc3ZDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJo4CmY6ZbO+qu2KzS1H+UP2bvEwxG/PpbHwYN9X96c/YTtcjpZESHobKkf9
YrX5WxQ3Ve9Oaag9Z5vm1u4SQ4N9vYxPU6aPcJ5wuN8vvx6JfLXgenodmi4hscFl
LCyHzxWII6EG9P0voGte+Og0D8cYWx6ZotM8pJ6O0ui17k/ANNfWR5/CXYH/sYNw
TxKlhWsoMTsLCK06ry90bDqUrGlUhAr3eolg9Kut5PfEFTaQ1lGJrXMMcLTU6+Wy
n+wGUVzx8tkucrG3C+PBlm2aatB3x6nZdk0+ZdPC4WxDhRhdXNfDsPIcGsLmegmY
LGU1JoG66i7s03fq0hWWbuHu6qkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT25quY
xCNY/JqLm7PFfe4E7wnfUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ2MDFkODUtYWM2ZS00NmI2LWEwZDItZDM1MzQyY2NjOTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQC0d789Z1s3we4XF4eEwOWC2f4v0w2RJah74nY33voK
TRJHETlrDpjPp12Sr68PQjevEmLo2czd6+vdP80Dx+QaAtzQ7/aoP7Fpk7xBLbra
LqXbfKU5oC/+cm4PKvbSyadr7LeCPc5oG3hhd5+yFudoacxTyyqDcJE8NopTPeBI
URq227qjz6da0v21nEp9vOJW0H7UxgsyLxwK9MKvsXTTTjpPQPF+lEYmxoY/N9gf
+X5pXt9+yxAzV8uIgZqn2kMsfkNjLwg2z/OOiWtc59+CC4C2Q1rZnDkuo8KMw1Wy
j9KMXUe0quRzkbuUDuskAmIYB6LPWjTOvhkIFJHtU5J5
-----END CERTIFICATE-----
Generated at Mon May 5 03:46:47 2025 by rpki-client