Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json)
Hash identifier: I0T8KCbKzbxn93RSG4OdjQKAoQKF1F4tFSn23cTTGp0=
Subject key identifier: 3E:1B:0E:13:C7:BB:A3:C5:90:C9:90:78:15:D5:1F:E4:05:4D:F8:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F9088787CEE0D47692A179EADB4AF852C30D538
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
Signing time: Mon 28 Apr 2025 15:50:18 +0000
ROA not before: Mon 28 Apr 2025 15:50:18 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:90:88:78:7c:ee:0d:47:69:2a:17:9e:ad:b4:af:85:2c:30:d5:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:18 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=665c1e4e166e538438c83d80cc328bc9bbcd1dbff2109fab45a8992374a56a62, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f4:61:9c:a0:1f:c6:7b:6c:4d:df:ed:97:17:
e1:c6:90:f3:09:0b:74:18:7c:e1:ac:e7:cb:8a:fd:
6a:a1:77:ac:80:73:3b:31:50:4a:69:bb:b7:1e:c4:
21:52:81:a4:11:e3:a0:4b:de:d7:68:bb:d1:cb:d4:
43:21:e7:fd:cf:81:6a:99:b2:ca:d6:cd:aa:3e:3e:
ce:8c:f2:f7:5f:c3:0e:dd:af:61:56:b4:16:5a:dd:
a2:67:b5:c5:38:68:46:d6:ee:a5:df:f9:87:91:71:
aa:22:7d:cf:59:c0:3c:7b:04:0b:23:6b:12:33:b5:
d9:0d:47:57:8a:1a:1f:23:ed:42:1d:d1:01:00:8c:
59:dd:bf:ad:6a:de:81:c6:6b:b1:0f:7a:aa:8c:c9:
ac:02:e9:85:8e:b5:86:ac:f1:d2:40:7a:29:88:a0:
a6:77:eb:c4:14:e2:41:a8:51:73:db:ce:03:e5:77:
ca:2e:95:01:0f:e9:35:5f:87:49:c6:97:82:34:c6:
ff:de:a4:b6:c0:1b:ef:6c:a5:9e:49:78:a8:97:e9:
96:45:26:25:91:d9:2a:71:59:e1:42:c5:b6:79:92:
2e:93:a9:08:7a:85:b2:80:d7:40:d9:34:7c:65:82:
bc:78:56:13:27:9f:70:79:70:d0:37:2e:80:42:33:
59:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:1B:0E:13:C7:BB:A3:C5:90:C9:90:78:15:D5:1F:E4:05:4D:F8:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
02:5e:61:5b:ab:ce:b3:6a:f6:00:33:84:4e:21:44:1e:40:99:
df:91:df:e5:2f:06:bd:6e:67:35:22:10:a3:3b:b9:5b:33:01:
4f:1c:60:4b:22:db:1d:2d:5c:f6:ae:76:91:e0:89:e6:a8:67:
3b:65:84:c6:7c:0f:ef:3c:0d:58:db:9e:09:2e:ef:5c:8d:48:
c0:0f:e9:1e:22:7a:24:df:c0:5c:0c:db:29:ad:9d:13:a9:fc:
72:93:59:3f:be:79:59:7d:87:a0:54:e4:90:80:de:d2:3b:05:
e1:a5:2a:02:1a:fc:31:27:8a:69:81:15:34:99:cd:55:de:57:
8a:e4:03:4d:a2:fa:42:e2:57:af:2f:d5:b9:7b:c4:2b:8e:d7:
d4:2a:79:d7:26:be:7d:25:cb:b3:31:4a:63:8b:eb:e8:29:99:
65:dc:3d:4e:ff:33:47:54:7a:f5:d3:d7:32:86:2f:14:72:79:
b6:37:ba:5d:a6:88:54:df:5e:b6:6f:d6:51:18:e1:28:02:1a:
6c:a7:90:21:35:52:63:8e:a9:65:52:37:12:af:c9:67:6f:45:
7e:14:2f:b1:06:a6:22:db:ec:36:16:21:9d:ad:f3:8e:e0:db:
22:26:f4:96:9e:3b:df:a9:6a:98:8a:6b:f8:60:df:86:8c:22:
54:a3:c8:f3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUT5CIeHzuDUdpKheerbSvhSww1TgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwMThaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2NWMxZTRlMTY2ZTUzODQzOGM4M2Q4MGNjMzI4YmM5YmJjZDFkYmZmMjEw
OWZhYjQ1YTg5OTIzNzRhNTZhNjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANT0YZygH8Z7bE3f7ZcX4caQ8wkLdBh84azny4r9aqF3rIBzOzFQSmm7tx7E
IVKBpBHjoEve12i70cvUQyHn/c+BapmyytbNqj4+zozy91/DDt2vYVa0Flrdome1
xThoRtbupd/5h5FxqiJ9z1nAPHsECyNrEjO12Q1HV4oaHyPtQh3RAQCMWd2/rWre
gcZrsQ96qozJrALphY61hqzx0kB6KYigpnfrxBTiQahRc9vOA+V3yi6VAQ/pNV+H
ScaXgjTG/96ktsAb72ylnkl4qJfplkUmJZHZKnFZ4ULFtnmSLpOpCHqFsoDXQNk0
fGWCvHhWEyefcHlw0DcugEIzWeECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ+Gw4T
x7ujxZDJkHgV1R/kBU34PjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAAl5hW6vOs2r2ADOETiFEHkCZ35Hf5S8GvW5nNSIQ
ozu5WzMBTxxgSyLbHS1c9q52keCJ5qhnO2WExnwP7zwNWNueCS7vXI1IwA/pHiJ6
JN/AXAzbKa2dE6n8cpNZP755WX2HoFTkkIDe0jsF4aUqAhr8MSeKaYEVNJnNVd5X
iuQDTaL6QuJXry/VuXvEK47X1Cp51ya+fSXLszFKY4vr6CmZZdw9Tv8zR1R69dPX
MoYvFHJ5tje6XaaIVN9etm/WURjhKAIabKeQITVSY46pZVI3Eq/JZ29FfhQvsQam
ItvsNhYhna3zjuDbIib0lp4736lqmIpr+GDfhowiVKPI8w==
-----END CERTIFICATE-----
Generated at Mon May 5 19:17:52 2025 by rpki-client