Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: jsfakoyipcnSrsW+dfMjFQOP8Y3/f/6rd9J5lAKIJgw=
Subject key identifier: 26:0E:64:8F:74:57:DC:EB:43:7B:81:F2:0C:96:BA:88:38:6D:EA:71
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41F663C2887AD6502425016881954DC660A8E5BB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Fri 25 Apr 2025 20:40:14 +0000
ROA not before: Fri 25 Apr 2025 20:40:14 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:f6:63:c2:88:7a:d6:50:24:25:01:68:81:95:4d:c6:60:a8:e5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:14 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=2dc71d528fc04a6b0673fcfcfcfb577121d56d3ecff8f2a1c4139a190312ccbf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a8:a0:ff:d8:a1:4a:87:13:be:e7:e0:c3:5b:
04:a4:24:52:8c:c6:d5:ee:17:4c:d9:5b:ae:ae:37:
53:da:e2:1b:0b:a9:95:e6:c4:71:36:72:1e:97:1f:
0f:51:7c:8e:c7:26:f5:5c:e9:a6:68:e0:c6:a9:ba:
a8:df:f3:87:62:b4:85:c7:e9:37:a5:17:ae:2c:da:
9b:86:cd:5c:ef:13:42:38:71:4e:de:e7:bf:fc:6d:
c3:51:9b:92:e8:7f:a7:05:89:a9:e6:74:ac:c1:3a:
70:97:d8:ec:4d:88:be:41:f8:91:7d:91:9f:9f:22:
7b:c8:bc:53:ee:ee:8b:f7:ed:25:cb:dc:a5:1a:67:
df:df:73:94:57:74:b7:10:3a:07:24:ff:89:36:a0:
c3:d6:7a:c4:72:be:58:01:35:0b:78:58:b4:74:2e:
12:e3:2f:70:88:4a:79:23:42:50:8a:69:7c:f3:67:
fe:c1:28:2b:39:d4:56:06:9e:5a:77:cd:d7:5c:63:
f8:41:94:94:9a:a0:da:dd:c7:6a:4e:e2:85:86:b7:
03:87:9c:5d:0b:a1:98:13:5e:02:ce:1f:2f:bb:fd:
ac:f3:85:53:d6:54:c6:9c:fc:ae:18:3a:50:b2:47:
b7:c0:ec:72:6d:90:98:41:3b:6d:16:ad:54:cc:2c:
3c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:0E:64:8F:74:57:DC:EB:43:7B:81:F2:0C:96:BA:88:38:6D:EA:71
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:4b:0e:80:58:49:17:41:ee:46:7a:f2:35:fc:b3:ac:db:d7:
d8:95:e3:3e:e7:a7:ae:ce:dd:09:b4:4e:4a:cc:a9:78:98:91:
7f:35:9e:87:f0:3d:eb:0e:c8:34:fd:a4:50:a5:5b:7f:8f:c7:
d8:d3:87:ea:1b:24:93:ab:04:dd:e1:f8:4e:7a:36:6d:6a:26:
b3:fc:bd:bb:fe:99:43:86:7c:72:22:03:60:b2:81:78:ac:5d:
d5:1e:d0:40:1d:5a:63:e3:41:50:75:9f:ed:93:da:8f:f8:68:
eb:88:70:89:b9:15:64:cd:e4:df:44:03:a3:11:75:34:e2:31:
18:87:7e:77:fa:30:cd:75:64:47:ad:de:8a:95:79:ba:c3:e2:
42:6e:ec:bc:16:66:38:55:c7:31:f7:21:10:75:1e:de:f1:86:
4f:27:00:e1:39:cd:44:62:41:0e:63:30:43:f3:b7:a4:5e:8f:
94:57:c2:56:13:11:b6:cb:70:24:c5:84:67:f8:12:a1:6c:d6:
c8:b5:26:65:66:72:96:1f:5e:56:92:07:05:f9:2a:6c:d8:aa:
09:55:6b:ba:6c:b5:ab:43:b4:33:73:fa:47:9a:84:e6:6e:8e:
23:2f:fa:4b:89:c1:7b:37:38:fd:57:42:20:ca:28:44:73:d4:
91:7e:08:d6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQfZjwoh61lAkJQFogZVNxmCo5bswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMTRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkYzcxZDUyOGZjMDRhNmIwNjczZmNmY2ZjZmI1NzcxMjFkNTZkM2VjZmY4
ZjJhMWM0MTM5YTE5MDMxMmNjYmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuooP/YoUqHE77n4MNbBKQkUozG1e4XTNlbrq43U9riGwuplebEcTZyHpcf
D1F8jscm9Vzppmjgxqm6qN/zh2K0hcfpN6UXrizam4bNXO8TQjhxTt7nv/xtw1Gb
kuh/pwWJqeZ0rME6cJfY7E2IvkH4kX2Rn58ie8i8U+7ui/ftJcvcpRpn399zlFd0
txA6ByT/iTagw9Z6xHK+WAE1C3hYtHQuEuMvcIhKeSNCUIppfPNn/sEoKznUVgae
WnfN11xj+EGUlJqg2t3Hak7ihYa3A4ecXQuhmBNeAs4fL7v9rPOFU9ZUxpz8rhg6
ULJHt8Dscm2QmEE7bRatVMwsPNsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQmDmSP
dFfc60N7gfIMlrqIOG3qcTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQC7Sw6AWEkXQe5GevI1/LOs29fYleM+56euzt0JtE5K
zKl4mJF/NZ6H8D3rDsg0/aRQpVt/j8fY04fqGySTqwTd4fhOejZtaiaz/L27/plD
hnxyIgNgsoF4rF3VHtBAHVpj40FQdZ/tk9qP+GjriHCJuRVkzeTfRAOjEXU04jEY
h353+jDNdWRHrd6KlXm6w+JCbuy8FmY4Vccx9yEQdR7e8YZPJwDhOc1EYkEOYzBD
87ekXo+UV8JWExG2y3AkxYRn+BKhbNbItSZlZnKWH15WkgcF+Sps2KoJVWu6bLWr
Q7Qzc/pHmoTmbo4jL/pLicF7Nzj9V0IgyihEc9SRfgjW
-----END CERTIFICATE-----
Generated at Mon May 5 05:57:13 2025 by rpki-client