Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: 3n4bb1k/t7MzgPkelgTdxh4WF6vUMc4UyE9TMc6JsgA=
Subject key identifier: 4B:E4:27:34:FA:6B:75:A4:14:2E:F0:9A:FE:93:52:39:F2:E7:6E:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 251CAB4DFB30135CB7D9A435FF2803D87AF74C79
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Fri 25 Apr 2025 20:31:37 +0000
ROA not before: Fri 25 Apr 2025 20:31:37 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:1c:ab:4d:fb:30:13:5c:b7:d9:a4:35:ff:28:03:d8:7a:f7:4c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:37 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b8d1ede541a706b4d54dcab6bf2bc7cd7c382b693bb252cdb23aab3efc7463da, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:87:fc:d9:ab:ed:a6:d7:6c:f3:51:1a:eb:96:
40:0b:a1:b3:98:03:3d:d5:0a:fa:50:d2:f0:91:51:
38:cd:64:8a:ce:c3:ea:c1:89:3f:30:77:f3:a8:9f:
10:d3:e4:25:48:39:41:27:da:46:34:db:4a:c3:04:
33:f7:6c:2a:08:18:ad:db:57:be:ee:16:1d:fc:8e:
75:f7:bb:d4:a2:e8:1a:a2:fd:83:b7:2e:16:a0:62:
20:19:e3:1c:ab:be:68:4c:8d:e2:1b:05:68:a2:97:
c2:eb:30:66:7f:ff:63:86:f2:b3:b8:af:2c:59:c7:
c5:15:a8:27:71:40:61:ed:35:47:ec:2d:b2:6e:60:
f0:04:69:d9:fa:5d:92:66:66:2a:c7:9c:5a:f6:e5:
49:70:e5:5c:c6:fa:b2:67:ae:6d:82:04:77:ef:c7:
95:12:a9:78:3f:fe:f8:0d:fb:64:41:1e:d9:37:37:
d6:c8:e2:d8:f6:dd:65:29:8f:41:b6:ef:72:36:58:
61:20:20:f4:17:d2:76:f8:69:f9:38:68:5d:30:80:
42:ce:14:09:92:99:cc:4d:14:d7:d8:7f:6b:b9:6e:
9d:99:4d:ae:a4:57:b4:70:78:a4:15:6a:96:41:8f:
d9:78:a7:be:b4:f7:06:bd:6d:0c:2e:d1:d0:8e:a1:
30:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E4:27:34:FA:6B:75:A4:14:2E:F0:9A:FE:93:52:39:F2:E7:6E:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:f0:ad:89:fc:63:55:85:95:a9:a2:ab:57:67:db:03:45:89:
c4:d2:84:6c:d4:a8:72:40:d0:7b:b4:c2:c0:b7:d3:3f:1a:b3:
65:18:44:ea:91:ad:42:8b:a5:23:ab:3e:c9:91:db:0c:01:2f:
63:18:0f:52:2c:cb:15:b8:c6:af:10:bf:e0:ad:15:31:ae:c3:
2b:1a:5d:ed:92:cf:70:df:86:1d:46:b3:1f:53:4e:8c:a4:5c:
9b:75:e3:a5:38:9b:87:bb:24:0a:d9:2a:fa:66:88:81:8b:77:
28:e9:15:bd:28:93:e2:14:d5:24:ef:36:d4:09:fd:da:b8:41:
37:75:b9:2a:e8:8a:cc:a0:a3:93:e0:af:d7:be:ee:51:b8:40:
e0:e3:07:cb:4f:19:f3:c8:f0:27:03:ec:5d:82:dc:b3:9d:bd:
ea:69:29:4a:14:02:31:d6:7a:07:d4:fa:fb:18:34:a7:07:83:
f6:7f:90:97:cb:9a:ba:4d:c8:48:e0:54:c8:f2:94:e4:dd:a5:
eb:f6:96:ab:9f:48:c8:1d:f1:5a:65:18:5d:45:47:dd:e2:3e:
82:1a:cd:7f:8c:0f:87:78:fe:4a:f7:c4:ab:cc:37:d9:7a:04:
28:49:01:e1:5c:c8:38:26:9a:b5:2e:ca:cd:94:64:d3:5c:5c:
12:db:83:9d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJRyrTfswE1y32aQ1/ygD2Hr3THkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMzdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4ZDFlZGU1NDFhNzA2YjRkNTRkY2FiNmJmMmJjN2NkN2MzODJiNjkzYmIy
NTJjZGIyM2FhYjNlZmM3NDYzZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCH/Nmr7abXbPNRGuuWQAuhs5gDPdUK+lDS8JFROM1kis7D6sGJPzB386if
ENPkJUg5QSfaRjTbSsMEM/dsKggYrdtXvu4WHfyOdfe71KLoGqL9g7cuFqBiIBnj
HKu+aEyN4hsFaKKXwuswZn//Y4bys7ivLFnHxRWoJ3FAYe01R+wtsm5g8ARp2fpd
kmZmKsecWvblSXDlXMb6smeubYIEd+/HlRKpeD/++A37ZEEe2Tc31sji2PbdZSmP
QbbvcjZYYSAg9BfSdvhp+ThoXTCAQs4UCZKZzE0U19h/a7lunZlNrqRXtHB4pBVq
lkGP2XinvrT3Br1tDC7R0I6hMNkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRL5Cc0
+mt1pBQu8Jr+k1I58uduuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQA+8K2J/GNVhZWpoqtXZ9sDRYnE0oRs1KhyQNB7tMLA
t9M/GrNlGETqka1Ci6Ujqz7JkdsMAS9jGA9SLMsVuMavEL/grRUxrsMrGl3tks9w
34YdRrMfU06MpFybdeOlOJuHuyQK2Sr6ZoiBi3co6RW9KJPiFNUk7zbUCf3auEE3
dbkq6IrMoKOT4K/Xvu5RuEDg4wfLTxnzyPAnA+xdgtyznb3qaSlKFAIx1noH1Pr7
GDSnB4P2f5CXy5q6TchI4FTI8pTk3aXr9parn0jIHfFaZRhdRUfd4j6CGs1/jA+H
eP5K98SrzDfZegQoSQHhXMg4Jpq1LsrNlGTTXFwS24Od
-----END CERTIFICATE-----
Generated at Mon May 5 06:21:27 2025 by rpki-client