Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
File: c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa (raw, json)
Hash identifier: E39MtU9Qw+JTv+E3x3fppNSVEgGjIMHdeGaeMMimTCw=
Subject key identifier: F2:86:3C:63:97:E6:1F:57:4E:1A:6C:6D:F9:7F:E9:0C:E6:19:5A:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 67CEFEE3794BFC44FC3B1629E4BFD0CE909335A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
Signing time: Mon 28 Apr 2025 15:50:42 +0000
ROA not before: Mon 28 Apr 2025 15:50:42 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:ce:fe:e3:79:4b:fc:44:fc:3b:16:29:e4:bf:d0:ce:90:93:35:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:42 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=e591f72e73fa1f0a6f621c8e7768634816bd83cb7ae68b9274b2ad032a56ecdc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a7:c0:cc:3a:9c:de:d7:ee:ae:a3:84:95:77:
83:eb:96:d9:f0:9a:5a:d3:40:80:ae:dd:3d:89:e7:
d7:2c:f2:e0:45:40:1c:29:1f:ff:11:f4:c4:4d:3f:
0e:35:f8:9d:5f:81:45:9b:40:86:bd:87:a1:69:5f:
ad:18:15:89:d8:f8:c0:bc:70:5d:6e:79:bb:25:7f:
05:37:79:5d:f9:77:e1:d2:49:89:15:26:55:bf:79:
2e:22:a3:74:3b:dd:be:1c:54:44:84:f6:37:a3:e2:
42:3a:53:0e:25:9d:8c:f6:07:3b:38:ab:cf:48:7a:
3c:6f:88:f1:60:63:d2:b8:b2:02:25:84:c8:e8:7c:
7a:81:b5:fc:9b:3d:6e:57:00:3b:0a:23:3d:27:8b:
4d:53:8a:9d:18:e3:77:44:cf:56:3d:3c:6e:a2:fb:
90:92:ae:4a:cc:56:1b:1c:7e:2e:96:a4:ad:01:a8:
90:8a:18:84:19:0b:9c:38:4e:48:e2:bd:0c:b5:5c:
60:a2:6b:fd:55:e4:a0:c2:10:c0:9e:39:22:0d:c9:
44:6e:d3:0c:24:17:8e:37:08:aa:92:95:48:1e:93:
ac:31:d8:21:24:9a:bf:33:f2:86:2d:71:56:76:6d:
90:73:ed:dd:3a:cf:82:04:f5:7f:81:51:18:24:a5:
36:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:86:3C:63:97:E6:1F:57:4E:1A:6C:6D:F9:7F:E9:0C:E6:19:5A:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.238.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:ab:76:58:de:27:c5:1a:ea:96:cc:36:c2:58:15:f3:a3:36:
8f:e7:f3:58:28:c0:4e:8e:53:68:72:bc:3c:6c:ab:fc:9b:ac:
6a:5f:92:2e:9e:72:ec:70:4f:aa:12:90:49:bc:c4:3a:89:14:
f4:4e:93:3a:b6:d8:07:eb:60:bf:57:c4:2b:67:5f:91:93:91:
cb:b8:fa:ed:dd:c5:d4:3e:13:62:fa:9c:5e:03:a2:b7:74:e6:
0c:01:1f:19:35:69:8c:c6:36:fe:aa:c0:8c:61:90:bb:c4:1a:
e5:d7:a5:7e:09:44:be:af:0d:44:79:f3:90:67:30:41:61:35:
1a:2f:2f:15:9f:f4:4c:a7:be:e6:9c:fa:cc:46:93:63:aa:6a:
1d:ae:da:0c:d0:ad:ff:cf:d8:a4:69:54:49:f4:10:69:3a:f3:
54:bf:86:03:f3:d4:3f:fa:81:e5:65:82:0b:18:22:fb:98:53:
87:f9:93:f5:ec:48:e3:79:cb:1c:e0:c7:3d:ed:b5:63:4f:79:
93:00:bc:0f:92:10:6f:0f:31:0f:75:1b:31:20:fe:6d:0e:5e:
b2:ed:4d:b1:d7:5f:54:a5:d6:c1:fb:5e:84:d4:78:9f:2f:ba:
84:79:0a:8c:f7:c8:65:49:cd:47:8b:9d:e0:5d:b2:8f:22:3b:
78:a1:46:29
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ87+43lL/ET8OxYp5L/QzpCTNaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNDJaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1OTFmNzJlNzNmYTFmMGE2ZjYyMWM4ZTc3Njg2MzQ4MTZiZDgzY2I3YWU2
OGI5Mjc0YjJhZDAzMmE1NmVjZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmnwMw6nN7X7q6jhJV3g+uW2fCaWtNAgK7dPYnn1yzy4EVAHCkf/xH0xE0/
DjX4nV+BRZtAhr2HoWlfrRgVidj4wLxwXW55uyV/BTd5Xfl34dJJiRUmVb95LiKj
dDvdvhxURIT2N6PiQjpTDiWdjPYHOzirz0h6PG+I8WBj0riyAiWEyOh8eoG1/Js9
blcAOwojPSeLTVOKnRjjd0TPVj08bqL7kJKuSsxWGxx+LpakrQGokIoYhBkLnDhO
SOK9DLVcYKJr/VXkoMIQwJ45Ig3JRG7TDCQXjjcIqpKVSB6TrDHYISSavzPyhi1x
VnZtkHPt3TrPggT1f4FRGCSlNucCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTyhjxj
l+YfV04abG35f+kM5hla7jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzhmZDhjNDQtNzUxNC00MGU2LTkxOTgtZTBiNmUzN2I0YzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQ7jAN
BgkqhkiG9w0BAQsFAAOCAQEAbat2WN4nxRrqlsw2wlgV86M2j+fzWCjATo5TaHK8
PGyr/Jusal+SLp5y7HBPqhKQSbzEOokU9E6TOrbYB+tgv1fEK2dfkZORy7j67d3F
1D4TYvqcXgOit3TmDAEfGTVpjMY2/qrAjGGQu8Qa5delfglEvq8NRHnzkGcwQWE1
Gi8vFZ/0TKe+5pz6zEaTY6pqHa7aDNCt/8/YpGlUSfQQaTrzVL+GA/PUP/qB5WWC
Cxgi+5hTh/mT9exI43nLHODHPe21Y095kwC8D5IQbw8xD3UbMSD+bQ5esu1Nsddf
VKXWwftehNR4ny+6hHkKjPfIZUnNR4ud4F2yjyI7eKFGKQ==
-----END CERTIFICATE-----
Generated at Mon May 5 10:49:01 2025 by rpki-client