Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
File: 70bc7703-020e-4153-b340-cced3a436951.roa (raw, json)
Hash identifier: S2/EJ7wlARbPe8rTpObEx+TQJaFfwrmNGNGSHQAPfzY=
Subject key identifier: 3B:81:0F:9D:31:6A:9B:9A:62:A8:FF:01:79:52:C1:76:D9:7A:6D:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0317F31FC291C0B7C62D492982205F3BB2AF3078
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
Signing time: Mon 28 Apr 2025 15:51:00 +0000
ROA not before: Mon 28 Apr 2025 15:51:00 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:17:f3:1f:c2:91:c0:b7:c6:2d:49:29:82:20:5f:3b:b2:af:30:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:51:00 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=603e72914d4a2d2217d22effd5d06586cbaffbbf41ad8388b6dba0dc35e7e511, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:2f:6c:dd:70:1a:a2:d0:1a:2f:58:d7:f7:
47:26:86:8c:fc:89:7c:c1:05:8c:cf:93:20:38:70:
52:62:e3:77:dc:81:b2:d9:64:40:89:ab:c2:46:38:
c7:a0:c5:4b:5a:30:ed:f2:18:25:1b:44:0b:71:37:
c9:7b:37:65:41:3d:13:b5:92:8f:e2:09:4e:72:d6:
51:4b:fe:5c:06:4b:18:97:eb:33:9b:74:60:60:6d:
33:52:7e:3c:7b:72:5e:96:61:29:b6:45:44:ac:a0:
46:93:b5:7e:d4:23:8e:18:85:61:81:a5:cf:f6:59:
c5:ec:56:68:2c:b7:93:98:18:44:2f:ca:9c:5f:94:
0d:5f:96:3b:50:f0:04:ae:e4:4c:db:0a:b9:8e:31:
67:e7:2a:32:8a:01:03:e4:3b:51:8c:b1:af:10:5f:
b3:ed:50:2d:74:ae:c2:af:b2:57:f2:af:79:00:05:
d9:96:7d:3c:9f:db:d4:c3:73:0e:f0:bb:78:32:25:
85:1c:71:eb:ab:0c:04:e6:54:7e:ca:16:e2:1a:28:
d2:d2:ef:6f:13:71:43:d9:44:d0:91:a0:09:58:af:
84:6f:df:92:d4:8b:72:6b:69:e6:17:93:61:b7:a5:
5c:20:a8:1d:03:eb:0f:de:a8:e4:3a:6c:b0:d7:58:
e4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:81:0F:9D:31:6A:9B:9A:62:A8:FF:01:79:52:C1:76:D9:7A:6D:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:6d:e6:08:ea:3f:25:48:64:27:ad:ac:9d:77:39:39:1d:38:
5c:3e:0a:34:a3:e9:22:65:8b:1d:0a:39:71:57:3a:7a:83:fb:
e0:97:61:5b:cd:43:aa:55:d4:97:42:15:0a:fa:fb:a8:67:f6:
87:f0:dd:e2:09:e4:04:21:a1:1b:ac:4c:86:78:0e:02:cf:0d:
f4:8c:8e:69:b3:d2:ed:73:01:15:5b:9f:dd:f4:b9:56:b8:16:
8b:01:25:e2:25:2a:56:8a:10:eb:58:27:39:59:ce:47:9f:bc:
a9:ca:ea:09:65:d7:6a:cf:b1:ae:b6:74:89:15:df:62:36:84:
23:e8:f6:58:70:af:3e:b6:e9:fd:46:24:16:a7:fc:b6:59:a8:
87:de:83:f4:e0:5d:ca:5a:d2:cc:bb:6a:aa:7d:24:46:f9:76:
0c:d2:70:d5:50:aa:b5:54:d7:86:36:b9:e7:bf:a6:12:f8:9d:
2a:de:84:7e:38:4e:a4:78:b5:34:ac:65:96:8d:15:d8:c6:19:
dd:d0:80:97:eb:59:f9:32:c6:f8:96:55:a9:fa:bd:5e:ec:ac:
75:2a:ec:84:4a:53:77:04:74:a1:17:46:80:db:a7:67:b2:60:
11:50:51:15:4f:6d:fc:25:ee:8b:17:a7:e5:c8:f6:0f:3f:8e:
2f:cc:b1:fc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAxfzH8KRwLfGLUkpgiBfO7KvMHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUxMDBaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwM2U3MjkxNGQ0YTJkMjIxN2QyMmVmZmQ1ZDA2NTg2Y2JhZmZiYmY0MWFk
ODM4OGI2ZGJhMGRjMzVlN2U1MTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgWL2zdcBqi0BovWNf3RyaGjPyJfMEFjM+TIDhwUmLjd9yBstlkQImrwkY4
x6DFS1ow7fIYJRtEC3E3yXs3ZUE9E7WSj+IJTnLWUUv+XAZLGJfrM5t0YGBtM1J+
PHtyXpZhKbZFRKygRpO1ftQjjhiFYYGlz/ZZxexWaCy3k5gYRC/KnF+UDV+WO1Dw
BK7kTNsKuY4xZ+cqMooBA+Q7UYyxrxBfs+1QLXSuwq+yV/KveQAF2ZZ9PJ/b1MNz
DvC7eDIlhRxx66sMBOZUfsoW4hoo0tLvbxNxQ9lE0JGgCVivhG/fktSLcmtp5heT
YbelXCCoHQPrD96o5DpssNdY5H8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ7gQ+d
MWqbmmKo/wF5UsF22XptmDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzBiYzc3MDMtMDIwZS00MTUzLWIzNDAtY2NlZDNhNDM2OTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G
CSqGSIb3DQEBCwUAA4IBAQB6beYI6j8lSGQnrayddzk5HThcPgo0o+kiZYsdCjlx
Vzp6g/vgl2FbzUOqVdSXQhUK+vuoZ/aH8N3iCeQEIaEbrEyGeA4Czw30jI5ps9Lt
cwEVW5/d9LlWuBaLASXiJSpWihDrWCc5Wc5Hn7ypyuoJZddqz7GutnSJFd9iNoQj
6PZYcK8+tun9RiQWp/y2WaiH3oP04F3KWtLMu2qqfSRG+XYM0nDVUKq1VNeGNrnn
v6YS+J0q3oR+OE6keLU0rGWWjRXYxhnd0ICX61n5Msb4llWp+r1e7Kx1KuyESlN3
BHShF0aA26dnsmARUFEVT238Je6LF6flyPYPP44vzLH8
-----END CERTIFICATE-----
Generated at Thu May 8 09:28:17 2025 by rpki-client