Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json)
Hash identifier: laKDQeYE6i09NtBNKz06e6MOo1OP5deF+V+GAAhpSrA=
Subject key identifier: 1C:7C:EB:1F:FE:3F:06:8A:29:59:63:02:CD:FE:18:E4:83:52:A8:62
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3EC064B92A061B7BE64CB57D9F158F815E07EAB1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
Signing time: Mon 28 Apr 2025 15:50:10 +0000
ROA not before: Mon 28 Apr 2025 15:50:10 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:c0:64:b9:2a:06:1b:7b:e6:4c:b5:7d:9f:15:8f:81:5e:07:ea:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:10 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=0c63bd27cc6fb6e60ef383645e89c0c7fe75c5acb363a4429032e02e0aa2445e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:16:40:bd:ed:3e:a5:fd:71:7b:82:e5:49:26:
bc:37:db:dc:5f:58:43:60:4d:2c:8b:a0:ab:5f:10:
a0:67:fe:54:61:df:b6:4c:44:c0:54:fc:e7:3b:7b:
0c:27:63:db:9a:dd:6a:9e:60:8a:2a:35:8b:17:9d:
92:19:da:1e:bb:b6:71:ee:b6:bc:b5:3c:ee:29:74:
fb:6c:a1:2b:ee:dc:55:ac:6a:5c:b9:42:0a:36:16:
94:0b:a0:4f:60:f2:25:98:cf:da:98:c1:ee:2f:d8:
13:c1:fc:60:aa:d3:f2:70:4d:a2:ec:d4:07:51:7d:
23:c5:bd:bd:92:85:3e:05:4c:c8:ff:af:ca:10:0d:
49:3a:a2:3b:a3:34:02:6c:47:0e:31:bf:01:77:6f:
da:3a:5f:28:eb:37:77:c6:27:df:a1:1b:20:59:b0:
36:13:a4:57:c0:76:b8:e1:3e:25:91:66:b4:8a:f4:
2d:a3:19:bd:08:9d:3c:ba:aa:ea:ec:fc:61:af:f8:
b0:60:b6:c1:a6:18:48:c5:e2:d6:dc:b5:d6:b8:a6:
3c:e4:02:19:ba:0a:49:7c:62:af:fd:53:9a:2c:62:
23:37:c0:8e:52:17:af:e8:30:e7:60:78:dd:33:2e:
44:57:7c:99:46:06:32:c8:d6:a0:30:8e:7e:45:24:
32:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7C:EB:1F:FE:3F:06:8A:29:59:63:02:CD:FE:18:E4:83:52:A8:62
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
03:e1:b0:b2:79:11:51:84:82:02:a4:5a:1a:ff:2f:05:ec:a4:
a0:84:d4:13:ea:f1:70:51:0d:ac:98:31:b0:a9:e4:d5:00:9a:
00:8e:4f:06:03:67:6c:5e:73:2d:fd:76:c1:eb:f3:fb:b9:96:
37:cc:49:e6:93:da:f3:a6:39:2b:c2:37:e9:ed:df:4d:3e:96:
55:ac:7b:a9:b2:08:32:de:4a:87:0b:9f:12:fb:64:2a:f7:05:
a8:ca:dc:fd:28:5b:f9:99:bd:1c:31:3a:01:fe:a5:29:2c:a4:
3b:af:ae:08:b0:6d:db:e5:d1:5f:fb:2c:94:5f:90:86:9b:33:
07:14:3c:4d:93:5c:05:bb:1b:ce:3e:1d:98:d8:f8:e5:89:0a:
1e:a5:e8:c9:7c:16:8b:2f:9d:bc:0e:bb:14:23:6c:6a:b0:4e:
32:cb:c5:78:79:92:41:0a:5d:ae:85:8d:3c:0f:89:fb:a6:1f:
69:e6:e0:93:c2:58:a8:8d:32:78:e5:fd:dd:47:45:e3:c1:b7:
46:40:2f:b5:c9:7a:d1:99:6c:86:b3:5b:97:f1:ed:5d:19:67:
b4:56:ff:48:e1:17:6a:4f:91:bf:b6:e6:f2:7a:d9:8d:4e:82:
a5:1d:33:47:e5:8d:9d:36:60:af:a3:a2:be:7a:8d:85:bb:e2:
97:3d:ee:1a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPsBkuSoGG3vmTLV9nxWPgV4H6rEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwMTBaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjNjNiZDI3Y2M2ZmI2ZTYwZWYzODM2NDVlODljMGM3ZmU3NWM1YWNiMzYz
YTQ0MjkwMzJlMDJlMGFhMjQ0NWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMWQL3tPqX9cXuC5UkmvDfb3F9YQ2BNLIugq18QoGf+VGHftkxEwFT85zt7
DCdj25rdap5giio1ixedkhnaHru2ce62vLU87il0+2yhK+7cVaxqXLlCCjYWlAug
T2DyJZjP2pjB7i/YE8H8YKrT8nBNouzUB1F9I8W9vZKFPgVMyP+vyhANSTqiO6M0
AmxHDjG/AXdv2jpfKOs3d8Yn36EbIFmwNhOkV8B2uOE+JZFmtIr0LaMZvQidPLqq
6uz8Ya/4sGC2waYYSMXi1ty11rimPOQCGboKSXxir/1TmixiIzfAjlIXr+gw52B4
3TMuRFd8mUYGMsjWoDCOfkUkMmMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQcfOsf
/j8GiilZYwLN/hjkg1KoYjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEAA+GwsnkRUYSCAqRaGv8vBeykoITUE+rxcFENrJgx
sKnk1QCaAI5PBgNnbF5zLf12wevz+7mWN8xJ5pPa86Y5K8I36e3fTT6WVax7qbII
Mt5KhwufEvtkKvcFqMrc/Shb+Zm9HDE6Af6lKSykO6+uCLBt2+XRX/sslF+Qhpsz
BxQ8TZNcBbsbzj4dmNj45YkKHqXoyXwWiy+dvA67FCNsarBOMsvFeHmSQQpdroWN
PA+J+6Yfaebgk8JYqI0yeOX93UdF48G3RkAvtcl60ZlshrNbl/HtXRlntFb/SOEX
ak+Rv7bm8nrZjU6CpR0zR+WNnTZgr6OivnqNhbvilz3uGg==
-----END CERTIFICATE-----
Generated at Mon May 5 08:43:35 2025 by rpki-client