Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: G/I6QPKmOQgUagJOKVGjuOELmCIlAOskcawdZEcCe/8=
Subject key identifier: C9:41:15:D6:99:F7:F2:46:7D:36:00:77:9B:D9:9B:28:91:47:FE:03
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4AD9E498D05A045F0B42B040F02BD67AEACB2257
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Fri 25 Apr 2025 20:31:36 +0000
ROA not before: Fri 25 Apr 2025 20:31:36 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:d9:e4:98:d0:5a:04:5f:0b:42:b0:40:f0:2b:d6:7a:ea:cb:22:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:36 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=33d97f810d518c65b1bfdfd30fccc58d29efb68722543b7513f15d28b951210d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:18:73:d1:98:3e:4a:2b:20:a2:5b:8f:69:e9:
be:5b:23:43:e1:2f:4a:4d:8e:78:79:59:c9:19:52:
70:94:52:a8:e3:2e:11:6c:f6:e2:65:d1:8c:6d:89:
ae:ed:c8:ff:9f:59:8d:5c:44:18:2b:45:ba:f8:24:
67:6e:f0:43:37:6c:67:cd:6d:e6:4e:e2:3d:a1:1b:
7d:fa:2e:8d:f8:aa:c0:0e:e6:a1:4c:ef:65:e7:a2:
7c:ed:07:54:43:ee:1c:8a:c8:f2:66:71:18:ef:24:
13:ce:9b:2c:b4:87:cf:2d:51:70:04:aa:6c:d0:19:
1a:d8:73:4b:d1:ed:2b:51:00:51:07:ad:cc:de:2b:
3c:0e:89:7b:22:95:3e:93:39:38:e1:47:75:87:88:
d1:38:e7:90:f6:47:03:d0:e9:c9:50:e1:59:43:34:
73:cb:5d:f6:cc:e5:00:7d:2c:92:1e:d6:1f:cc:b0:
9f:fd:5f:e9:26:9e:40:24:d7:f4:e6:ba:a6:44:d9:
63:b2:36:e2:9c:98:3e:2a:a6:4c:ac:4d:ee:31:52:
2c:d5:7e:09:e9:a8:5d:a0:c7:c1:20:81:27:ef:f0:
e4:8f:a9:ef:a3:66:49:25:f6:9d:d1:c7:5e:58:55:
15:71:c5:ed:31:3d:83:ab:eb:0a:20:2d:1e:7e:51:
0d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:41:15:D6:99:F7:F2:46:7D:36:00:77:9B:D9:9B:28:91:47:FE:03
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:ec:93:d7:fa:00:40:93:84:06:56:69:c1:ef:d4:26:05:f4:
8e:bd:c3:52:ff:00:4c:2d:bb:55:e2:b2:c8:88:21:14:4b:6f:
34:1c:6b:06:cb:b4:60:c3:83:e5:2e:d2:5a:14:ec:f6:da:ec:
04:fe:d4:61:f4:6c:62:20:98:ae:ba:0f:bc:f6:6b:e4:1c:e0:
bc:35:8a:72:49:61:8e:ae:d6:05:ce:66:be:12:c9:6e:b6:66:
38:13:93:1d:1d:a8:a3:37:6b:7b:2f:75:ab:a4:ca:e5:37:df:
1f:05:15:d1:6e:45:35:81:60:46:ed:6a:50:a8:36:0c:e7:95:
4c:1b:b5:48:77:10:ce:9e:03:a1:6b:7c:32:6b:b6:bc:b3:17:
4f:23:d5:26:98:99:22:a8:80:36:7c:d9:e2:f4:d7:06:32:bf:
5e:cf:6b:47:b0:62:91:63:58:26:71:56:50:04:74:a9:79:44:
32:96:3b:b8:d0:4d:42:34:44:2d:e0:1f:78:3a:14:09:ce:a2:
41:a4:20:fa:d6:fe:40:79:f3:01:ad:a1:17:e1:1f:ba:25:2c:
74:d9:15:9d:06:a4:01:8e:dc:bf:84:a0:99:5b:c4:7a:20:02:
e0:3d:f4:bf:ca:d7:d4:80:0e:e3:32:10:b0:89:07:e6:89:91:
a3:5e:d1:13
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUStnkmNBaBF8LQrBA8CvWeurLIlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMzZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZDk3ZjgxMGQ1MThjNjViMWJmZGZkMzBmY2NjNThkMjllZmI2ODcyMjU0
M2I3NTEzZjE1ZDI4Yjk1MTIxMGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkYc9GYPkorIKJbj2npvlsjQ+EvSk2OeHlZyRlScJRSqOMuEWz24mXRjG2J
ru3I/59ZjVxEGCtFuvgkZ27wQzdsZ81t5k7iPaEbffoujfiqwA7moUzvZeeifO0H
VEPuHIrI8mZxGO8kE86bLLSHzy1RcASqbNAZGthzS9HtK1EAUQetzN4rPA6JeyKV
PpM5OOFHdYeI0TjnkPZHA9DpyVDhWUM0c8td9szlAH0skh7WH8ywn/1f6SaeQCTX
9Oa6pkTZY7I24pyYPiqmTKxN7jFSLNV+CemoXaDHwSCBJ+/w5I+p76NmSSX2ndHH
XlhVFXHF7TE9g6vrCiAtHn5RDQUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTJQRXW
mffyRn02AHeb2ZsokUf+AzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQAG7JPX+gBAk4QGVmnB79QmBfSOvcNS/wBMLbtV4rLI
iCEUS280HGsGy7Rgw4PlLtJaFOz22uwE/tRh9GxiIJiuug+89mvkHOC8NYpySWGO
rtYFzma+EslutmY4E5MdHaijN2t7L3WrpMrlN98fBRXRbkU1gWBG7WpQqDYM55VM
G7VIdxDOngOha3wya7a8sxdPI9UmmJkiqIA2fNni9NcGMr9ez2tHsGKRY1gmcVZQ
BHSpeUQylju40E1CNEQt4B94OhQJzqJBpCD61v5AefMBraEX4R+6JSx02RWdBqQB
jty/hKCZW8R6IALgPfS/ytfUgA7jMhCwiQfmiZGjXtET
-----END CERTIFICATE-----
Generated at Tue May 6 12:26:59 2025 by rpki-client