Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: f2RdPYa1+mHmEMN/VbDpiv748VUARP9X8RVpjkvBcq0=
Subject key identifier: 1D:65:7A:36:F6:53:EB:8C:D8:36:01:41:3C:FB:46:2A:75:74:41:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64B72D2827C36D924C60DDEABB776E6860496559
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Fri 25 Apr 2025 20:40:12 +0000
ROA not before: Fri 25 Apr 2025 20:40:12 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:b7:2d:28:27:c3:6d:92:4c:60:dd:ea:bb:77:6e:68:60:49:65:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:12 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ba00ed4eaa841a4d5d6a2c0fea90c034a2ee99609546a7a1076ffa0e85858b7e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8c:26:9f:4a:c2:d4:25:24:78:23:78:69:0b:
61:dd:aa:47:ad:8e:72:19:06:cd:db:a5:9b:ce:98:
c0:66:1f:6b:06:45:3d:df:70:cf:c2:de:ab:fa:37:
ee:cc:66:1b:0b:d4:98:7d:ff:7b:5c:13:a9:39:87:
bf:ef:93:38:75:f2:0f:9f:2c:49:a3:19:cb:60:23:
81:52:6e:20:ef:dd:01:0a:8a:26:2b:bd:04:9b:ac:
89:28:5a:d5:7a:28:d7:d4:1e:85:f1:62:a6:12:d2:
0a:81:cb:cb:8f:3a:8b:11:9c:d7:98:7a:b7:16:1c:
9a:c0:d5:c7:94:81:b1:16:e0:0f:65:d8:9b:aa:ce:
ee:18:6e:76:44:e4:4a:ea:fc:d9:4c:9a:1e:8b:c9:
87:ac:b6:7c:6b:c0:1d:d1:ff:ad:3d:78:6b:1d:1b:
b9:8b:45:d4:07:24:12:af:3e:9a:23:f2:08:e0:23:
c0:f3:46:65:cc:c4:73:e9:e2:3c:af:7c:fa:fb:b8:
03:58:4b:4b:84:15:4c:f8:25:55:6f:68:cb:b0:8f:
ce:38:d1:1a:ea:4f:89:3a:8c:c3:d8:0c:60:c7:f7:
13:72:85:3f:27:e9:91:2b:dd:f4:b9:cd:f2:75:dd:
75:7a:e5:98:c4:47:0e:74:e9:d4:11:cd:aa:f9:c5:
29:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:65:7A:36:F6:53:EB:8C:D8:36:01:41:3C:FB:46:2A:75:74:41:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bf:61:90:50:ae:0c:b6:f2:53:f0:76:7f:50:84:d0:9f:b9:42:
45:6d:a5:8e:c5:2e:ae:00:42:c8:61:67:08:2d:67:f9:59:86:
d2:d5:59:82:81:f5:b7:ad:50:9d:73:ec:15:c7:f4:56:1f:b9:
7e:8d:84:47:5b:c3:9f:0e:03:27:a6:a6:96:1b:cd:55:ed:10:
32:96:73:11:89:f6:4c:67:f9:23:68:36:a4:68:5f:41:4a:86:
f3:2d:9d:a4:72:8c:9e:6e:37:99:31:95:24:67:6c:d7:51:60:
f7:1f:26:ae:b4:7f:2c:92:b2:ea:79:e5:cf:ac:79:4c:c3:3e:
fa:04:a6:b1:be:0f:95:0e:89:e3:99:50:86:43:95:eb:e9:b9:
61:28:44:fc:ab:7e:ca:1b:eb:43:72:0f:c8:7f:ca:5b:e5:f6:
22:ae:9c:04:db:29:b9:e6:b1:e2:87:12:37:d6:f6:77:97:88:
ac:fc:90:f2:9c:9b:35:d0:02:6f:88:33:e3:d5:cf:4a:db:3c:
36:d9:be:a4:fc:3b:bc:3a:db:f2:7e:cb:7e:e4:69:de:bb:e0:
b6:8d:d5:0a:23:63:c3:de:ce:a5:9c:2c:5f:8b:13:92:87:12:
48:76:21:6c:aa:64:f3:4b:74:39:4a:94:fb:f0:dc:46:d0:0c:
e5:53:75:cd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZLctKCfDbZJMYN3qu3duaGBJZVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhMDBlZDRlYWE4NDFhNGQ1ZDZhMmMwZmVhOTBjMDM0YTJlZTk5NjA5NTQ2
YTdhMTA3NmZmYTBlODU4NThiN2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGMJp9KwtQlJHgjeGkLYd2qR62OchkGzdulm86YwGYfawZFPd9wz8Leq/o3
7sxmGwvUmH3/e1wTqTmHv++TOHXyD58sSaMZy2AjgVJuIO/dAQqKJiu9BJusiSha
1Xoo19QehfFiphLSCoHLy486ixGc15h6txYcmsDVx5SBsRbgD2XYm6rO7hhudkTk
Sur82UyaHovJh6y2fGvAHdH/rT14ax0buYtF1AckEq8+miPyCOAjwPNGZczEc+ni
PK98+vu4A1hLS4QVTPglVW9oy7CPzjjRGupPiTqMw9gMYMf3E3KFPyfpkSvd9LnN
8nXddXrlmMRHDnTp1BHNqvnFKeMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQdZXo2
9lPrjNg2AUE8+0YqdXRBzjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQC/YZBQrgy28lPwdn9QhNCfuUJFbaWOxS6uAELIYWcI
LWf5WYbS1VmCgfW3rVCdc+wVx/RWH7l+jYRHW8OfDgMnpqaWG81V7RAylnMRifZM
Z/kjaDakaF9BSobzLZ2kcoyebjeZMZUkZ2zXUWD3HyautH8skrLqeeXPrHlMwz76
BKaxvg+VDonjmVCGQ5Xr6blhKET8q37KG+tDcg/If8pb5fYirpwE2ym55rHihxI3
1vZ3l4is/JDynJs10AJviDPj1c9K2zw22b6k/Du8Otvyfst+5Gneu+C2jdUKI2PD
3s6lnCxfixOShxJIdiFsqmTzS3Q5SpT78NxG0AzlU3XN
-----END CERTIFICATE-----
Generated at Tue May 6 01:52:35 2025 by rpki-client