Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
File: ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa (raw, json)
Hash identifier: 1cE3xIroYOQuuAd/FMQmKOHaPwSAiSwHQSkc5MxaG0M=
Subject key identifier: FE:62:CC:88:C4:5E:72:37:6B:D5:77:D8:F8:22:72:41:A4:9C:0A:57
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C7BD71C5658F1C1A98E2EFBC852B9BF3E43DCCE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
Signing time: Mon 28 Apr 2025 15:50:52 +0000
ROA not before: Mon 28 Apr 2025 15:50:52 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:7b:d7:1c:56:58:f1:c1:a9:8e:2e:fb:c8:52:b9:bf:3e:43:dc:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:52 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=18ce341c341bc82e5e011cd416ea38ba4f99638666365befd51ad75796bbe7cd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c7:5f:c2:05:ed:fc:c2:9b:fd:6d:ec:ff:43:
6c:c4:b6:cc:2b:0b:21:a0:af:5a:a4:79:6b:f2:3f:
4b:3e:59:1b:1f:4b:81:11:af:ce:09:b0:86:5b:5c:
d5:1f:38:45:cf:13:4c:94:77:e7:8e:c1:05:e8:8d:
e3:4c:41:44:d9:04:8e:a0:0c:9a:c2:ea:7c:f7:be:
00:4d:a7:9b:c0:ea:35:09:e5:2d:e9:3e:6c:31:0f:
37:7e:ba:77:cd:44:5d:dc:62:54:fa:b1:73:b3:4e:
0e:b4:83:c5:f5:ac:54:78:c9:9f:48:0c:b2:f4:c1:
37:41:a2:d7:62:7b:9e:80:92:75:02:d5:03:1d:e1:
71:be:64:24:0e:41:d3:7e:6f:d1:3c:af:8f:d1:ed:
de:91:46:01:b8:77:f0:19:de:14:4f:52:3a:11:cc:
4c:30:ad:4e:f6:32:a9:57:a0:5b:bd:a9:6b:ab:f1:
bf:40:62:04:1f:a7:94:42:1a:cc:fb:45:5b:9f:e9:
56:af:58:2a:b0:76:3d:8a:cb:9a:9b:dd:dc:ec:10:
73:19:c3:c6:88:a4:ad:a1:3b:59:50:b6:41:ff:d3:
f2:5b:3c:5b:18:23:9a:64:f8:4f:7b:05:68:21:5e:
78:c2:02:78:76:2e:c2:fb:a1:b0:ea:ea:24:41:e5:
00:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:62:CC:88:C4:5E:72:37:6B:D5:77:D8:F8:22:72:41:A4:9C:0A:57
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:97:05:6e:5a:d4:cf:5a:f5:92:9b:fd:68:29:a3:28:c8:30:
e9:cb:b3:b1:d6:ab:06:cd:89:00:4e:28:a5:ec:ad:29:a0:4d:
51:ca:79:f9:d3:da:68:15:3a:d3:6c:98:8f:03:89:06:fa:6b:
7c:37:bd:0e:2d:d8:7a:36:39:d5:44:5b:02:bd:c1:45:b2:2d:
bf:86:eb:30:a7:3c:68:1b:49:49:0b:fe:37:5a:ec:d9:c5:fc:
a7:0d:82:1c:40:47:99:b7:95:1a:d0:a3:41:2c:6b:13:25:37:
ac:c4:ca:36:10:dd:c5:b7:b9:c1:ea:1f:88:51:36:3f:8a:4e:
42:e8:a8:7a:67:cf:42:11:19:7f:4a:6d:b2:7b:79:c7:c6:3e:
1e:a1:38:32:89:1c:95:c3:ce:6b:d0:b7:8d:fb:4f:dc:7b:bb:
15:6a:94:1d:b2:df:9f:2a:cb:20:21:81:68:50:30:63:53:2a:
20:96:00:55:fc:65:0a:fd:44:bd:e3:30:43:c0:9e:2f:92:b4:
fa:49:76:11:56:a6:77:9f:d6:bd:2f:8c:74:c3:9b:fb:65:5a:
fd:17:29:74:ed:bd:09:42:c8:63:76:0d:fc:dd:d5:63:a3:c4:
c8:aa:52:53:cc:cb:cc:61:9d:30:04:25:6e:e8:29:c5:50:a7:
c7:5a:ae:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbHvXHFZY8cGpji77yFK5vz5D3M4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNTJaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4Y2UzNDFjMzQxYmM4MmU1ZTAxMWNkNDE2ZWEzOGJhNGY5OTYzODY2NjM2
NWJlZmQ1MWFkNzU3OTZiYmU3Y2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDHX8IF7fzCm/1t7P9DbMS2zCsLIaCvWqR5a/I/Sz5ZGx9LgRGvzgmwhltc
1R84Rc8TTJR3547BBeiN40xBRNkEjqAMmsLqfPe+AE2nm8DqNQnlLek+bDEPN366
d81EXdxiVPqxc7NODrSDxfWsVHjJn0gMsvTBN0Gi12J7noCSdQLVAx3hcb5kJA5B
035v0Tyvj9Ht3pFGAbh38BneFE9SOhHMTDCtTvYyqVegW72pa6vxv0BiBB+nlEIa
zPtFW5/pVq9YKrB2PYrLmpvd3OwQcxnDxoikraE7WVC2Qf/T8ls8WxgjmmT4T3sF
aCFeeMICeHYuwvuhsOrqJEHlAOECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+YsyI
xF5yN2vVd9j4InJBpJwKVzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmNzE3NzYtZWY1NC00MTViLTg1NDMtN2VjNTVmOWIxZDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQA/lwVuWtTPWvWSm/1oKaMoyDDpy7Ox1qsGzYkATiil
7K0poE1Rynn509poFTrTbJiPA4kG+mt8N70OLdh6NjnVRFsCvcFFsi2/huswpzxo
G0lJC/43WuzZxfynDYIcQEeZt5Ua0KNBLGsTJTesxMo2EN3Ft7nB6h+IUTY/ik5C
6Kh6Z89CERl/Sm2ye3nHxj4eoTgyiRyVw85r0LeN+0/ce7sVapQdst+fKssgIYFo
UDBjUyoglgBV/GUK/US94zBDwJ4vkrT6SXYRVqZ3n9a9L4x0w5v7ZVr9Fyl07b0J
Qshjdg383dVjo8TIqlJTzMvMYZ0wBCVu6CnFUKfHWq7k
-----END CERTIFICATE-----
Generated at Mon May 5 17:47:32 2025 by rpki-client