Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
File: bad59de4-adad-41c5-bcd9-10599419c7b5.roa (raw, json)
Hash identifier: VAoWYhhDuF0GUhi60bvkp6BmYjUK1zPRooFUfnFCJ5g=
Subject key identifier: 92:A4:93:97:F1:4E:8D:A3:55:FC:90:8B:18:95:B1:E5:54:86:F6:F5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 602EB43D08FEFAEB6FA579896E555CE8156F94F4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
Signing time: Mon 28 Apr 2025 15:50:09 +0000
ROA not before: Mon 28 Apr 2025 15:50:09 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:2e:b4:3d:08:fe:fa:eb:6f:a5:79:89:6e:55:5c:e8:15:6f:94:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:09 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=9eb9fb999af428448afc638f0abfefb62af7872cf005697b126760e2e6f6b07d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9d:1d:4c:1f:68:02:0f:96:37:db:db:c8:c6:
10:76:f5:69:b6:3d:75:90:18:d5:7e:66:6a:80:7c:
21:5e:39:ad:3c:a4:61:f4:09:e6:a0:ea:46:0c:8d:
c3:6d:aa:f5:88:8e:97:e7:d0:2a:85:47:35:d9:91:
64:bf:51:4f:ff:eb:16:f7:37:d2:98:ae:5a:b5:17:
e4:4a:be:5e:f3:28:fd:36:d1:7f:d4:5e:0d:93:99:
27:1a:c3:c4:62:a3:3a:4b:ab:c8:25:37:ea:a7:f0:
cc:a9:2b:0e:6e:a4:28:ed:e8:e4:ea:8b:fe:32:67:
12:a4:53:af:f0:91:ce:0f:51:b7:24:69:9d:9a:2e:
05:6c:df:7d:a1:07:46:7a:bb:c4:4d:20:b9:5e:ef:
3b:14:2b:44:f4:c8:26:0e:27:b8:f6:1b:22:f5:de:
28:5e:a0:d0:9e:fd:81:4e:b3:ba:9f:28:e2:0d:86:
3c:46:fe:31:60:d1:2e:eb:78:a9:f7:da:5c:e3:72:
97:fc:ce:60:12:8d:a7:df:b1:b2:bd:12:c6:99:c7:
ab:e6:35:b1:73:1f:ed:c2:87:25:8f:3b:bc:d0:84:
8c:ad:0a:01:6d:e0:c3:99:7c:b6:20:46:43:4e:f7:
32:fa:c3:55:89:7a:9a:61:3e:6d:bf:1d:10:41:99:
76:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A4:93:97:F1:4E:8D:A3:55:FC:90:8B:18:95:B1:E5:54:86:F6:F5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
88:01:1d:6b:c0:0e:8d:e0:e9:20:f3:54:63:d2:74:c3:3c:58:
d0:00:8b:f8:73:4e:db:18:1b:81:b2:7f:e1:3e:1e:68:20:9d:
da:23:ff:1e:a9:7d:2e:74:7c:3e:d1:57:f1:9b:b1:ef:c6:8b:
d6:5e:0c:0b:b8:b7:cb:ae:50:be:b9:e5:1c:03:63:d2:50:11:
d9:42:28:51:48:ed:25:dd:b3:e7:ac:d5:34:03:41:51:94:47:
ac:94:6e:a1:15:64:d3:ea:47:9a:3a:31:05:b1:da:4d:ce:be:
95:c5:6f:9b:ff:cf:de:48:05:5c:00:f3:78:21:70:2d:51:0e:
32:09:ea:35:f4:77:f4:00:57:fd:ca:c7:93:27:9b:74:f6:00:
52:3c:5b:ac:ab:99:13:ad:ce:75:f5:8f:54:a7:1f:d0:d0:0f:
6b:ef:31:c9:0b:e4:3e:9a:2f:fd:fa:69:a1:5e:97:01:bd:c1:
29:26:81:a6:cd:d6:d3:aa:4d:50:ea:94:b7:17:e2:04:07:52:
d9:56:e2:65:7d:f1:45:2a:1f:01:d7:41:2e:1e:0f:39:22:75:
a2:be:16:40:86:b1:55:c6:e3:47:b1:b5:7e:38:d2:2a:03:4d:
32:24:a2:07:89:1d:52:cc:dc:b5:68:da:32:86:76:c3:5b:28:
06:12:56:5d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYC60PQj++utvpXmJblVc6BVvlPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwMDlaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDllYjlmYjk5OWFmNDI4NDQ4YWZjNjM4ZjBhYmZlZmI2MmFmNzg3MmNmMDA1
Njk3YjEyNjc2MGUyZTZmNmIwN2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKedHUwfaAIPljfb28jGEHb1abY9dZAY1X5maoB8IV45rTykYfQJ5qDqRgyN
w22q9YiOl+fQKoVHNdmRZL9RT//rFvc30piuWrUX5Eq+XvMo/TbRf9ReDZOZJxrD
xGKjOkuryCU36qfwzKkrDm6kKO3o5OqL/jJnEqRTr/CRzg9RtyRpnZouBWzffaEH
Rnq7xE0guV7vOxQrRPTIJg4nuPYbIvXeKF6g0J79gU6zup8o4g2GPEb+MWDRLut4
qffaXONyl/zOYBKNp9+xsr0SxpnHq+Y1sXMf7cKHJY87vNCEjK0KAW3gw5l8tiBG
Q073MvrDVYl6mmE+bb8dEEGZdscCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSSpJOX
8U6No1X8kIsYlbHlVIb29TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFkNTlkZTQtYWRhZC00MWM1LWJjZDktMTA1OTk0MTljN2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAiAEda8AOjeDpIPNUY9J0wzxY0ACL+HNO2xgbgbJ/
4T4eaCCd2iP/Hql9LnR8PtFX8Zux78aL1l4MC7i3y65QvrnlHANj0lAR2UIoUUjt
Jd2z56zVNANBUZRHrJRuoRVk0+pHmjoxBbHaTc6+lcVvm//P3kgFXADzeCFwLVEO
MgnqNfR39ABX/crHkyebdPYAUjxbrKuZE63OdfWPVKcf0NAPa+8xyQvkPpov/fpp
oV6XAb3BKSaBps3W06pNUOqUtxfiBAdS2VbiZX3xRSofAddBLh4POSJ1or4WQIax
VcbjR7G1fjjSKgNNMiSiB4kdUszctWjaMoZ2w1soBhJWXQ==
-----END CERTIFICATE-----
Generated at Tue May 6 02:08:52 2025 by rpki-client