Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: uPhjX0hr+aSysI9LTMfMBdG6BCZyr07ulDRmMFORrNI=
Subject key identifier: 9E:74:42:E7:D1:18:EF:8B:B2:6C:29:16:C3:08:92:87:45:DB:6B:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 468349702A2748538938F010C14C10C95C89BE37
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Mon 28 Apr 2025 15:50:56 +0000
ROA not before: Mon 28 Apr 2025 15:50:56 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:83:49:70:2a:27:48:53:89:38:f0:10:c1:4c:10:c9:5c:89:be:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:56 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=bbe07eb6b923b6779e30d3519240143d0f1e1bd3a37565034beb5b59b255f6c9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:63:75:24:06:cb:73:66:5b:87:ee:ed:18:39:
7a:b6:56:ba:0a:a8:4a:9c:66:98:a7:37:33:d3:76:
fb:2d:f1:11:9f:2c:67:d6:b2:5d:97:31:96:d8:95:
69:90:fd:09:21:aa:c4:72:5f:df:6d:ce:43:de:c0:
80:4b:e6:9a:71:c5:fe:77:de:37:1f:af:5d:85:fe:
81:53:b3:6c:7a:5d:e0:fe:e5:eb:98:70:ef:e5:fe:
6c:c5:53:d1:4a:36:fc:a5:b5:cb:25:21:58:d0:e1:
12:71:d2:b6:53:0f:01:d2:3f:8f:e7:e4:03:a5:59:
ac:08:0d:88:ca:90:8a:33:c1:1b:b0:ba:6d:bf:63:
e6:69:05:75:ad:35:8a:8a:a0:3b:eb:00:31:b3:b6:
8b:a5:76:21:e3:6e:d4:0e:5e:b2:7e:f0:4e:b8:87:
4f:da:00:23:4e:1b:79:a5:6d:d0:e7:7f:a2:17:da:
1f:d4:b8:2f:3a:80:1a:24:94:f6:22:8d:24:85:f4:
65:92:47:0c:bf:51:df:bb:b7:43:0b:a2:c8:d9:0c:
a5:ee:27:00:9a:5f:c3:a4:d9:57:06:ea:61:ed:5e:
55:3c:02:39:67:1f:64:c9:a4:b3:2b:35:db:b0:55:
06:4a:82:f1:98:0e:f1:db:fa:af:62:17:51:39:0a:
10:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:74:42:E7:D1:18:EF:8B:B2:6C:29:16:C3:08:92:87:45:DB:6B:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:0e:45:40:71:a9:97:78:65:e2:3b:2c:70:a0:bb:ad:78:df:
2f:c6:e5:5d:da:87:c8:31:db:b2:be:a0:dc:6d:d4:15:d9:37:
cf:5c:13:59:79:5d:c9:f6:9f:23:a4:ff:f8:11:a5:7d:37:2b:
c5:ba:61:f9:66:68:80:f5:07:59:44:e9:e5:a3:40:50:be:a0:
82:ab:d7:8e:0f:46:09:56:d4:6b:31:26:99:2b:e8:22:64:66:
aa:e4:95:9e:e3:fe:b6:76:73:85:51:50:de:47:41:21:b1:5d:
ff:cc:08:db:c5:50:04:4e:39:85:3e:d4:9e:67:b2:76:fe:19:
29:e5:74:7b:28:f7:5f:40:fe:52:84:11:be:c5:ec:e1:67:25:
0e:fa:8b:5d:2e:fa:0e:ab:a9:0f:d2:84:74:7c:50:17:fe:8c:
89:3a:55:3e:e4:0b:86:98:bc:b1:8c:de:b1:22:54:4b:05:43:
2f:44:6e:b4:b3:ae:84:01:a1:e7:38:7a:22:8e:1f:c7:6f:0a:
c9:62:ff:14:37:5a:b1:33:8a:18:2b:28:d4:12:67:a1:bc:ea:
50:83:8a:83:07:e7:e2:01:5d:fa:10:85:c2:63:63:dd:0e:5d:
4d:72:74:47:5e:7a:21:85:ad:1c:e1:02:d9:0e:5a:ad:fa:04:
3f:4f:0a:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURoNJcConSFOJOPAQwUwQyVyJvjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNTZaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZTA3ZWI2YjkyM2I2Nzc5ZTMwZDM1MTkyNDAxNDNkMGYxZTFiZDNhMzc1
NjUwMzRiZWI1YjU5YjI1NWY2YzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAONjdSQGy3NmW4fu7Rg5erZWugqoSpxmmKc3M9N2+y3xEZ8sZ9ayXZcxltiV
aZD9CSGqxHJf323OQ97AgEvmmnHF/nfeNx+vXYX+gVOzbHpd4P7l65hw7+X+bMVT
0Uo2/KW1yyUhWNDhEnHStlMPAdI/j+fkA6VZrAgNiMqQijPBG7C6bb9j5mkFda01
ioqgO+sAMbO2i6V2IeNu1A5esn7wTriHT9oAI04beaVt0Od/ohfaH9S4LzqAGiSU
9iKNJIX0ZZJHDL9R37u3QwuiyNkMpe4nAJpfw6TZVwbqYe1eVTwCOWcfZMmksys1
27BVBkqC8ZgO8dv6r2IXUTkKEB0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSedELn
0Rjvi7JsKRbDCJKHRdtr3zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQAoDkVAcamXeGXiOyxwoLuteN8vxuVd2ofIMduyvqDc
bdQV2TfPXBNZeV3J9p8jpP/4EaV9NyvFumH5ZmiA9QdZROnlo0BQvqCCq9eOD0YJ
VtRrMSaZK+giZGaq5JWe4/62dnOFUVDeR0EhsV3/zAjbxVAETjmFPtSeZ7J2/hkp
5XR7KPdfQP5ShBG+xezhZyUO+otdLvoOq6kP0oR0fFAX/oyJOlU+5AuGmLyxjN6x
IlRLBUMvRG60s66EAaHnOHoijh/HbwrJYv8UN1qxM4oYKyjUEmehvOpQg4qDB+fi
AV36EIXCY2PdDl1NcnRHXnohha0c4QLZDlqt+gQ/Twqe
-----END CERTIFICATE-----
Generated at Mon May 5 03:42:42 2025 by rpki-client