Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
File: 6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa (raw, json)
Hash identifier: rvXLsTMM9uA7vNKhbrBOKPWVXL2Xy1jeibVRyqBIlKs=
Subject key identifier: C6:E0:73:EB:E4:1E:8C:5B:36:7C:BF:F4:FD:7C:7C:1A:3C:44:34:77
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70598A383647CF6C3C965E0C4DCCDEA92821E53B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
Signing time: Mon 28 Apr 2025 15:50:52 +0000
ROA not before: Mon 28 Apr 2025 15:50:52 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:59:8a:38:36:47:cf:6c:3c:96:5e:0c:4d:cc:de:a9:28:21:e5:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:52 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=8ac47ab77a07a1eb03e16f0c2469b0dd8cf71292a036489c0dc2d0f0436e7203, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b3:9f:c9:01:fd:08:86:ae:e4:7b:b4:97:8c:
e2:a8:91:f0:56:b7:c0:78:91:0c:b8:66:1e:a1:1a:
3a:29:2b:16:e0:c6:80:eb:cd:2d:2a:47:13:ee:e4:
a0:7c:de:43:5d:14:4f:f0:1e:1d:ba:61:17:77:37:
19:56:0d:a0:63:d1:11:b8:a9:96:7c:d6:71:47:71:
dc:e6:1e:96:f7:ae:db:f4:41:55:67:1b:08:24:97:
a5:39:b0:35:e0:47:ae:99:e5:6d:08:34:f4:95:bb:
db:1f:04:2c:0e:e2:a1:f3:99:25:82:54:56:8b:9a:
b3:1d:52:1f:29:0a:6f:20:58:4b:d3:e6:25:65:72:
8a:de:03:d4:68:ad:1f:f8:2d:21:5d:09:ac:ed:e1:
02:4d:f2:38:e2:90:c5:79:0e:80:c4:21:35:a6:44:
80:72:b9:ea:94:aa:1f:17:b2:7a:9b:d6:a2:d3:70:
e6:7c:7c:14:45:9b:24:ba:2f:6c:06:0d:19:74:78:
d8:ad:b1:67:02:ea:6f:3f:7a:27:46:19:18:4c:4f:
b0:ea:2d:b1:30:18:e4:95:c9:e3:6f:65:c4:c9:a9:
0c:df:6a:86:75:f0:82:fd:fd:5c:33:61:35:b2:8d:
b2:63:36:48:08:3d:60:92:65:b2:b2:a5:54:0a:1b:
f2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E0:73:EB:E4:1E:8C:5B:36:7C:BF:F4:FD:7C:7C:1A:3C:44:34:77
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0d:51:e7:7f:c5:20:5b:2c:b8:7d:c9:c5:a6:10:67:39:4e:c9:
6e:9d:9a:31:f3:34:8c:b5:fa:fb:db:fb:e6:7e:c1:3f:ea:0a:
af:33:28:fc:4e:c3:33:7d:6b:d8:fd:b0:87:c8:c3:ba:a8:4a:
59:bb:7d:cf:f3:cc:d7:57:ad:82:98:db:f9:a0:49:8f:35:6d:
bc:61:64:9f:13:a6:da:b7:e5:cd:a8:41:13:2e:75:c6:c4:73:
46:a3:f1:8d:c9:31:28:e5:a4:b6:b3:e4:2b:91:1b:8d:f9:9b:
e4:77:cc:a2:e7:c1:65:0e:4b:bb:87:86:98:a6:70:ab:d2:32:
20:35:6f:05:9b:96:ac:c8:b8:96:46:e8:50:b0:59:a6:21:81:
cb:45:00:5a:f8:28:de:99:d8:cf:91:8f:00:a3:c4:5c:a4:01:
58:a3:b4:c3:2a:c3:b5:fe:28:59:a0:79:11:00:59:fd:1b:d0:
bb:8e:ed:04:23:35:04:04:b9:29:6b:39:76:94:93:50:53:ec:
56:56:5f:db:f8:a8:ba:20:9f:56:e2:29:de:ed:36:37:e7:eb:
44:26:6b:87:f5:1e:65:07:4d:cd:08:d4:79:03:7b:ec:de:ad:
10:81:6b:70:11:39:b9:d8:54:27:22:93:ef:11:df:2a:c0:2b:
8c:3f:b8:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcFmKODZHz2w8ll4MTczeqSgh5TswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNTJaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhYzQ3YWI3N2EwN2ExZWIwM2UxNmYwYzI0NjliMGRkOGNmNzEyOTJhMDM2
NDg5YzBkYzJkMGYwNDM2ZTcyMDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSzn8kB/QiGruR7tJeM4qiR8Fa3wHiRDLhmHqEaOikrFuDGgOvNLSpHE+7k
oHzeQ10UT/AeHbphF3c3GVYNoGPREbiplnzWcUdx3OYelveu2/RBVWcbCCSXpTmw
NeBHrpnlbQg09JW72x8ELA7iofOZJYJUVouasx1SHykKbyBYS9PmJWVyit4D1Git
H/gtIV0JrO3hAk3yOOKQxXkOgMQhNaZEgHK56pSqHxeyepvWotNw5nx8FEWbJLov
bAYNGXR42K2xZwLqbz96J0YZGExPsOotsTAY5JXJ429lxMmpDN9qhnXwgv39XDNh
NbKNsmM2SAg9YJJlsrKlVAob8tcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTG4HPr
5B6MWzZ8v/T9fHwaPEQ0dzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjI1MmU5YTMtNGZkYy00YzQzLWI5MWItZGViNThjYTJkZDdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G
CSqGSIb3DQEBCwUAA4IBAQANUed/xSBbLLh9ycWmEGc5TslunZox8zSMtfr72/vm
fsE/6gqvMyj8TsMzfWvY/bCHyMO6qEpZu33P88zXV62CmNv5oEmPNW28YWSfE6ba
t+XNqEETLnXGxHNGo/GNyTEo5aS2s+QrkRuN+Zvkd8yi58FlDku7h4aYpnCr0jIg
NW8Fm5asyLiWRuhQsFmmIYHLRQBa+CjemdjPkY8Ao8RcpAFYo7TDKsO1/ihZoHkR
AFn9G9C7ju0EIzUEBLkpazl2lJNQU+xWVl/b+Ki6IJ9W4ine7TY35+tEJmuH9R5l
B03NCNR5A3vs3q0QgWtwETm52FQnIpPvEd8qwCuMP7jv
-----END CERTIFICATE-----
Generated at Tue May 6 17:01:16 2025 by rpki-client