Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: 3+ezJ/lN+AoTG+m46U01ryUHf2eQzHrVeXJsoc+d+jc=
Subject key identifier: 30:D8:11:E5:9B:74:74:C2:5B:C6:02:D9:8A:56:2B:0F:BD:A6:92:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3214209ED200AF7765AB5C4F0A7AE60E85B209B5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Fri 25 Apr 2025 20:40:40 +0000
ROA not before: Fri 25 Apr 2025 20:40:40 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:14:20:9e:d2:00:af:77:65:ab:5c:4f:0a:7a:e6:0e:85:b2:09:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:40 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=82c46a12b987ca3e4461224bca0a739107e534b6985e700f361d5ad75e294881, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:71:bd:d2:78:35:c4:89:0f:59:1e:fd:24:c6:
ab:ab:4d:45:ff:cb:51:e5:f1:c3:68:72:d3:c2:be:
a7:fe:15:d3:26:83:c5:62:52:a3:5f:69:a1:ed:e3:
fd:8d:e5:85:bc:d3:c8:b9:a9:da:03:34:52:bc:33:
b3:db:88:60:2d:5c:2e:88:c5:b7:4b:73:bc:ee:14:
54:22:b5:46:02:43:bf:2e:dc:63:37:e2:56:37:7f:
d3:57:13:18:d7:b1:58:f4:a4:c9:f4:69:7e:b9:ee:
ae:29:f4:7d:03:4c:85:bd:32:1d:25:f5:e7:05:cc:
97:b3:26:c9:7e:9e:98:6f:e6:12:2a:1c:fa:83:31:
46:08:03:6a:f6:33:59:a8:94:80:c3:3d:08:16:11:
d8:6c:0f:c7:4e:d8:e4:0a:34:3e:fa:37:38:7c:9c:
dd:1f:e7:7d:34:99:11:34:fc:38:d5:85:fa:cb:0a:
5e:01:ac:7d:18:37:7f:e6:c9:f8:2f:2e:43:e2:2c:
12:b0:05:ae:f8:52:25:99:0d:6f:9d:a8:ec:4a:47:
01:3b:b9:eb:0f:a9:54:65:e7:d2:11:f8:58:53:52:
69:24:3e:b4:93:69:92:e4:5d:2b:67:75:c4:53:47:
ac:59:40:52:fa:49:9b:c9:23:e9:89:06:65:22:23:
7c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D8:11:E5:9B:74:74:C2:5B:C6:02:D9:8A:56:2B:0F:BD:A6:92:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:11:aa:3e:e3:09:9c:7d:63:31:62:6c:b5:3c:22:53:45:42:
ed:55:f5:cf:ff:ad:75:65:54:09:bd:24:89:43:25:7d:33:f1:
a6:87:ca:5c:32:59:ed:fc:2c:bd:e5:18:3a:bd:3a:7d:e7:1f:
b1:b4:72:01:06:cc:b6:7c:7f:75:49:26:ce:23:43:4b:9c:4d:
d8:60:02:75:f9:c7:50:76:a8:2b:3b:9f:03:da:7b:6e:f4:3e:
19:47:7f:83:73:ba:fc:27:52:0c:8e:93:1a:30:0e:0d:f0:5f:
54:ca:fd:bb:e9:30:95:57:15:4e:c2:8f:94:10:1b:3a:18:f0:
20:de:c0:bc:65:7e:c7:7b:69:3e:ed:9a:12:09:c7:71:4c:88:
a8:4c:37:3d:8f:8b:a6:5e:78:a7:54:1a:f3:de:0a:96:d5:8b:
99:00:49:5e:63:74:d8:19:43:50:0c:e2:73:be:7f:35:9f:f0:
10:d8:2d:db:fd:68:75:ae:b0:15:aa:d6:b3:7b:8a:fa:5e:9c:
da:39:0f:71:b8:a5:5d:7d:1b:b0:6c:b1:8d:65:74:32:1c:93:
3a:16:ad:55:b8:f5:93:b0:f8:1e:09:0a:d0:00:14:50:f9:6a:
ad:f9:59:3e:66:cb:07:11:9d:90:7d:4c:06:d1:a1:e3:57:95:
ce:41:02:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMhQgntIAr3dlq1xPCnrmDoWyCbUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwNDBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYzQ2YTEyYjk4N2NhM2U0NDYxMjI0YmNhMGE3MzkxMDdlNTM0YjY5ODVl
NzAwZjM2MWQ1YWQ3NWUyOTQ4ODExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9xvdJ4NcSJD1ke/STGq6tNRf/LUeXxw2hy08K+p/4V0yaDxWJSo19poe3j
/Y3lhbzTyLmp2gM0Urwzs9uIYC1cLojFt0tzvO4UVCK1RgJDvy7cYzfiVjd/01cT
GNexWPSkyfRpfrnurin0fQNMhb0yHSX15wXMl7MmyX6emG/mEioc+oMxRggDavYz
WaiUgMM9CBYR2GwPx07Y5Ao0Pvo3OHyc3R/nfTSZETT8ONWF+ssKXgGsfRg3f+bJ
+C8uQ+IsErAFrvhSJZkNb52o7EpHATu56w+pVGXn0hH4WFNSaSQ+tJNpkuRdK2d1
xFNHrFlAUvpJm8kj6YkGZSIjfDsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQw2BHl
m3R0wlvGAtmKVisPvaaS4DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQBqEao+4wmcfWMxYmy1PCJTRULtVfXP/611ZVQJvSSJ
QyV9M/Gmh8pcMlnt/Cy95Rg6vTp95x+xtHIBBsy2fH91SSbOI0NLnE3YYAJ1+cdQ
dqgrO58D2ntu9D4ZR3+Dc7r8J1IMjpMaMA4N8F9Uyv276TCVVxVOwo+UEBs6GPAg
3sC8ZX7He2k+7ZoSCcdxTIioTDc9j4umXninVBrz3gqW1YuZAEleY3TYGUNQDOJz
vn81n/AQ2C3b/Wh1rrAVqtaze4r6XpzaOQ9xuKVdfRuwbLGNZXQyHJM6Fq1VuPWT
sPgeCQrQABRQ+Wqt+Vk+ZssHEZ2QfUwG0aHjV5XOQQKa
-----END CERTIFICATE-----
Generated at Tue May 6 13:08:55 2025 by rpki-client