Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: Nb44HVSjdNT2XxqJHeUsI9gwmmjIyECufyqEfALEt0Q=
Subject key identifier: 77:6B:B5:D5:07:07:02:E2:50:A3:51:3E:80:8F:0B:8E:C0:94:DA:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: F2D25E3684A04E9E6D9E16972C8A54E6A75B43
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Fri 25 Apr 2025 20:40:34 +0000
ROA not before: Fri 25 Apr 2025 20:40:34 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f2:d2:5e:36:84:a0:4e:9e:6d:9e:16:97:2c:8a:54:e6:a7:5b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:34 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7298025f5592fb92e48ae7cd2b61079206a23d8427e9401200ae33dcabee9a41, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d6:6d:e8:76:c3:14:aa:f5:e3:ed:32:da:5c:
31:a8:df:aa:10:84:71:c9:a9:0e:ab:c6:31:a3:83:
7e:0d:2d:10:6e:27:c4:be:81:22:ab:44:e7:94:db:
f5:29:73:c9:e3:29:43:f5:e6:f6:e6:cf:56:ad:39:
89:d6:ef:e5:ef:8c:26:dc:d5:70:82:42:96:36:eb:
2f:dc:8e:92:ec:32:43:8d:86:69:c0:58:66:31:51:
1b:f6:43:27:f8:71:44:16:c9:ab:5b:e6:ee:8c:78:
65:f9:25:cc:cc:a2:a0:f4:81:fe:f4:40:6b:49:a8:
74:cd:c0:42:cb:b6:c6:aa:c0:33:ea:e5:5d:63:81:
e1:e8:0d:71:59:1f:16:19:5c:0e:21:3f:43:8c:12:
26:54:3b:e4:b6:0f:ab:ac:76:18:2f:d5:ad:55:a5:
26:63:f7:1e:de:bb:f6:55:80:03:c7:f6:77:b6:bf:
65:c0:9d:12:95:a5:f1:06:e6:43:5f:9c:3b:52:64:
12:0e:df:ce:28:9b:a2:47:20:30:ae:27:45:67:a7:
82:3f:1d:c5:c1:a7:85:a1:8f:5a:df:37:38:03:01:
ce:28:31:32:2a:21:12:30:29:7f:b2:8f:ad:3d:18:
e7:0f:3e:05:7e:66:fe:b2:98:ca:58:bd:e2:c2:07:
56:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6B:B5:D5:07:07:02:E2:50:A3:51:3E:80:8F:0B:8E:C0:94:DA:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:a7:21:85:cc:5b:49:76:c0:87:cd:8a:8c:5d:66:28:0c:24:
d8:35:1d:c6:77:5d:9f:4b:90:a6:10:b8:dc:aa:3c:29:42:95:
f9:b8:c8:24:ae:ca:6f:ec:54:ed:7c:af:ac:01:09:41:4b:1b:
f5:e9:77:2e:53:50:ef:ac:90:96:08:09:fc:6e:8d:7c:ff:d3:
0c:3d:87:c4:19:01:3d:5b:86:a9:0c:c4:55:5c:cf:33:3f:c2:
4c:64:52:4b:81:35:8d:c5:5c:37:c9:f3:be:18:84:6d:b6:72:
63:dc:13:a5:78:bc:fe:02:02:be:f0:bd:dd:14:87:1a:b3:83:
f2:44:15:51:d9:0c:68:98:c1:fd:e4:fa:e6:ab:03:a3:38:8a:
45:21:a3:28:e8:8e:04:b7:4e:20:6f:26:79:73:a0:c8:aa:4f:
b7:94:f8:24:af:e6:87:f3:ff:f1:70:2b:ad:7e:38:2b:ff:97:
da:e5:42:67:3b:a2:94:5d:a6:73:d7:51:0e:f3:c8:33:43:d4:
dd:d7:34:12:20:1c:d8:21:a5:c4:38:3c:8a:53:6f:21:1d:77:
4f:47:99:34:61:02:d5:54:a8:19:50:5a:e1:d6:4a:bc:41:77:
4a:39:dd:d1:c6:9f:a7:7d:1e:05:cb:34:4a:00:14:b8:85:8b:
48:b8:d3:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAPLSXjaEoE6ebZ4WlyyKVOanW0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMzRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyOTgwMjVmNTU5MmZiOTJlNDhhZTdjZDJiNjEwNzkyMDZhMjNkODQyN2U5
NDAxMjAwYWUzM2RjYWJlZTlhNDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOfWbeh2wxSq9ePtMtpcMajfqhCEccmpDqvGMaODfg0tEG4nxL6BIqtE55Tb
9SlzyeMpQ/Xm9ubPVq05idbv5e+MJtzVcIJCljbrL9yOkuwyQ42GacBYZjFRG/ZD
J/hxRBbJq1vm7ox4ZfklzMyioPSB/vRAa0modM3AQsu2xqrAM+rlXWOB4egNcVkf
FhlcDiE/Q4wSJlQ75LYPq6x2GC/VrVWlJmP3Ht679lWAA8f2d7a/ZcCdEpWl8Qbm
Q1+cO1JkEg7fziibokcgMK4nRWengj8dxcGnhaGPWt83OAMBzigxMiohEjApf7KP
rT0Y5w8+BX5m/rKYyli94sIHVrkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR3a7XV
BwcC4lCjUT6AjwuOwJTa+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQBcpyGFzFtJdsCHzYqMXWYoDCTYNR3Gd12fS5CmELjc
qjwpQpX5uMgkrspv7FTtfK+sAQlBSxv16XcuU1DvrJCWCAn8bo18/9MMPYfEGQE9
W4apDMRVXM8zP8JMZFJLgTWNxVw3yfO+GIRttnJj3BOleLz+AgK+8L3dFIcas4Py
RBVR2QxomMH95PrmqwOjOIpFIaMo6I4Et04gbyZ5c6DIqk+3lPgkr+aH8//xcCut
fjgr/5fa5UJnO6KUXaZz11EO88gzQ9Td1zQSIBzYIaXEODyKU28hHXdPR5k0YQLV
VKgZUFrh1kq8QXdKOd3Rxp+nfR4FyzRKABS4hYtIuNNe
-----END CERTIFICATE-----
Generated at Mon May 5 06:50:02 2025 by rpki-client