Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: +Q7C2eedRrFUwho5BwTj57EbeLDG1G/2RAZC7r28jVw=
Subject key identifier: DD:FD:52:18:10:F7:EA:E0:F4:79:AE:8B:0C:BB:4F:AE:88:7B:53:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21F3E48D2EB78D39D46D1911239A43BFD709707D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Mon 28 Apr 2025 15:50:50 +0000
ROA not before: Mon 28 Apr 2025 15:50:50 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:f3:e4:8d:2e:b7:8d:39:d4:6d:19:11:23:9a:43:bf:d7:09:70:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:50 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=b4af5f3468735baa23fed11199c9d7075eb63c05f2fff00ddb928ce8c29163a9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0c:37:04:5f:49:df:1f:a2:87:2e:f0:89:43:
73:f4:ab:eb:14:ce:ec:57:b3:7d:f4:23:53:4a:96:
e7:51:fb:fd:f7:5c:85:40:c2:25:e9:05:85:aa:dd:
47:6f:be:18:ef:32:64:86:5f:2f:28:02:3b:b8:58:
c9:36:f1:d0:8c:cd:04:d2:75:c2:dc:6a:2e:1f:c7:
7e:7c:c1:96:c1:5c:8b:db:f5:e6:73:81:dc:3e:5f:
22:5c:e9:3d:9c:91:40:54:34:4b:03:ea:ac:ef:2f:
9f:f4:c3:ca:06:23:8a:c3:71:0a:42:fa:a4:b8:13:
17:69:1f:1d:62:78:79:af:f7:04:59:52:bb:75:e3:
6c:91:d0:7c:a2:b3:8e:e4:dd:59:9a:94:4f:16:eb:
a9:ee:90:80:09:70:e3:3a:71:11:77:5d:76:12:62:
6f:7d:81:2f:9d:b3:ab:3b:66:1f:f0:f9:3d:a0:2c:
5f:60:bd:4a:31:be:ad:3b:50:16:83:28:4e:96:da:
7e:e7:d4:67:36:99:10:8f:58:65:a8:1f:2b:25:9b:
3a:c2:6b:3c:a0:b0:0d:fc:81:59:f9:93:6e:37:65:
6e:ba:46:42:b1:82:18:0b:ee:05:83:57:1d:15:cf:
93:6b:f4:f2:3a:0c:7c:22:15:9f:1e:a8:0a:b8:ed:
ed:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FD:52:18:10:F7:EA:E0:F4:79:AE:8B:0C:BB:4F:AE:88:7B:53:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:55:c5:9f:07:3c:df:17:ac:42:a0:27:77:f2:cb:8a:fd:38:
12:21:93:aa:b5:38:b8:3d:fb:fc:80:8c:1e:4b:d9:92:41:b5:
2c:cd:df:3b:40:f7:5d:91:f1:b3:c9:fb:43:64:bc:28:c2:c2:
3c:45:ad:b0:12:37:ce:62:fc:b8:24:6d:9c:fd:3a:a4:f4:21:
a3:6e:d7:1f:e3:75:b2:91:0c:c3:15:b0:5e:6d:10:1b:91:99:
aa:6e:be:b5:d9:0b:e4:94:45:63:5d:54:78:14:21:a6:af:96:
60:80:a6:60:74:76:89:72:fc:aa:f6:19:22:aa:09:cb:1c:15:
b7:66:cd:e9:bd:e6:b8:72:8e:e8:18:59:cc:40:a4:00:e9:55:
a5:ac:2c:fa:c8:6f:f4:c6:35:e1:3d:ca:f8:31:8c:4e:47:af:
51:02:2e:60:a5:95:2a:3e:5a:37:79:a6:ad:45:77:62:f3:ec:
52:ad:ac:8d:46:6c:05:2a:6f:68:7a:ca:2c:0b:a2:fb:16:35:
72:b2:34:d0:51:97:06:d1:ad:3b:37:f9:91:22:1e:e9:7f:a9:
3e:13:d7:19:c2:b9:6e:de:af:e8:c0:d2:4c:a2:a8:2a:52:27:
c2:f3:9f:76:21:f9:6b:b2:50:b4:c0:b5:03:67:2e:48:7c:f1:
cd:29:dd:1c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIfPkjS63jTnUbRkRI5pDv9cJcH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNTBaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0YWY1ZjM0Njg3MzViYWEyM2ZlZDExMTk5YzlkNzA3NWViNjNjMDVmMmZm
ZjAwZGRiOTI4Y2U4YzI5MTYzYTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYMNwRfSd8foocu8IlDc/Sr6xTO7FezffQjU0qW51H7/fdchUDCJekFhard
R2++GO8yZIZfLygCO7hYyTbx0IzNBNJ1wtxqLh/HfnzBlsFci9v15nOB3D5fIlzp
PZyRQFQ0SwPqrO8vn/TDygYjisNxCkL6pLgTF2kfHWJ4ea/3BFlSu3XjbJHQfKKz
juTdWZqUTxbrqe6QgAlw4zpxEXdddhJib32BL52zqztmH/D5PaAsX2C9SjG+rTtQ
FoMoTpbafufUZzaZEI9YZagfKyWbOsJrPKCwDfyBWfmTbjdlbrpGQrGCGAvuBYNX
HRXPk2v08joMfCIVnx6oCrjt7S8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTd/VIY
EPfq4PR5rosMu0+uiHtTxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQC1VcWfBzzfF6xCoCd38suK/TgSIZOqtTi4Pfv8gIwe
S9mSQbUszd87QPddkfGzyftDZLwowsI8Ra2wEjfOYvy4JG2c/Tqk9CGjbtcf43Wy
kQzDFbBebRAbkZmqbr612QvklEVjXVR4FCGmr5ZggKZgdHaJcvyq9hkiqgnLHBW3
Zs3pvea4co7oGFnMQKQA6VWlrCz6yG/0xjXhPcr4MYxOR69RAi5gpZUqPlo3eaat
RXdi8+xSrayNRmwFKm9oesosC6L7FjVysjTQUZcG0a07N/mRIh7pf6k+E9cZwrlu
3q/owNJMoqgqUifC8592IflrslC0wLUDZy5IfPHNKd0c
-----END CERTIFICATE-----
Generated at Mon May 5 13:25:28 2025 by rpki-client