Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: 5iV0fh+PNYsR1iBH/nebUyWwvHTZPVM/N4UheAflk5c=
Subject key identifier: B3:DE:F5:3F:07:69:92:FA:ED:D2:77:16:A6:08:7F:95:91:7E:F2:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D31D1DB72FE2970E033656B33CCDD31D53051B0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Fri 25 Apr 2025 20:40:05 +0000
ROA not before: Fri 25 Apr 2025 20:40:05 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:31:d1:db:72:fe:29:70:e0:33:65:6b:33:cc:dd:31:d5:30:51:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:05 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3a68e7d323f90c3bf62fd26a4f84dd93541b32e1bf5385c3471b59299a75521d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:63:aa:e7:2f:83:b2:4b:2f:cd:e8:f2:0c:3f:
98:4e:ae:2c:ce:97:08:19:94:48:7e:57:00:93:ea:
73:d7:71:94:58:c1:7b:b0:42:0b:d0:59:60:f2:01:
a4:76:9a:9a:84:41:2f:24:72:71:bb:ab:7b:16:24:
0d:a2:ee:e3:9a:3b:b6:7f:94:a6:e3:a8:3b:12:36:
8e:f9:bf:f7:6f:48:dc:b4:14:40:84:ea:89:bf:8a:
9b:65:65:ce:56:7c:ce:12:54:82:67:97:10:74:70:
2b:0a:60:d6:0b:c1:0b:73:7f:66:17:e6:e2:c3:a8:
55:81:e0:73:1b:6e:bb:6b:7e:3c:85:4d:f0:a1:13:
af:2c:65:71:ac:89:47:3e:88:15:22:10:33:48:cd:
ed:21:71:69:d7:f0:54:3e:11:a4:b6:c1:e0:8b:cd:
6f:31:91:7d:f2:33:d3:c5:a6:2b:0d:3c:7e:e6:46:
97:05:f3:56:ee:c1:d9:04:cd:f8:19:77:8e:14:5b:
02:4b:24:19:dd:00:59:18:66:17:fc:f2:8d:29:a4:
d5:09:09:63:0e:10:f7:de:1b:4a:1c:69:4f:00:7f:
e5:4a:a0:c5:1e:dd:b7:64:b7:77:a9:40:a3:a9:da:
12:2a:eb:3e:4f:0c:d8:6b:f5:a5:51:62:5f:8e:e7:
95:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DE:F5:3F:07:69:92:FA:ED:D2:77:16:A6:08:7F:95:91:7E:F2:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
41:1c:dc:7d:21:e6:46:76:8f:7c:87:f0:04:53:d0:d1:2d:d8:
24:51:2b:7a:db:10:10:a8:55:5e:aa:d7:a8:87:ff:9a:07:55:
50:af:45:97:f8:dc:93:2a:db:b9:9a:9a:77:53:55:39:8d:1f:
2b:33:c1:ca:89:f3:51:aa:d4:56:9e:84:8d:10:5c:f3:a2:f2:
0e:da:09:65:a8:06:cf:54:9e:7e:ab:4b:ed:76:4f:e2:6c:a5:
3c:32:35:a9:89:02:6d:14:bd:6f:d4:3d:7e:10:6c:0d:39:4c:
5f:a5:31:ce:4d:9c:1e:c6:21:36:58:8c:99:93:30:03:bd:41:
7c:08:d6:1e:24:7f:18:7a:1d:75:26:e5:c4:d8:32:7c:c5:e1:
ff:16:07:cd:b3:cc:06:a2:ce:95:4a:d5:c3:94:6e:cb:b2:72:
b0:00:93:2e:83:a2:b6:04:bc:d1:ea:22:f3:1a:6e:95:fd:24:
d1:b7:23:c9:31:ae:06:61:0e:a5:13:93:87:60:10:63:70:2e:
c6:3f:d7:aa:49:e5:4e:0d:03:90:f4:28:7b:07:9f:88:30:b9:
17:e6:ff:79:6b:1c:5f:1b:1a:c2:09:a8:d9:a8:62:c7:64:93:
6c:58:76:89:e8:cb:c2:9a:41:11:75:14:24:1b:3b:07:06:2e:
2f:25:f9:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfTHR23L+KXDgM2VrM8zdMdUwUbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhNjhlN2QzMjNmOTBjM2JmNjJmZDI2YTRmODRkZDkzNTQxYjMyZTFiZjUz
ODVjMzQ3MWI1OTI5OWE3NTUyMWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtjqucvg7JLL83o8gw/mE6uLM6XCBmUSH5XAJPqc9dxlFjBe7BCC9BZYPIB
pHaamoRBLyRycburexYkDaLu45o7tn+UpuOoOxI2jvm/929I3LQUQITqib+Km2Vl
zlZ8zhJUgmeXEHRwKwpg1gvBC3N/Zhfm4sOoVYHgcxtuu2t+PIVN8KETryxlcayJ
Rz6IFSIQM0jN7SFxadfwVD4RpLbB4IvNbzGRffIz08WmKw08fuZGlwXzVu7B2QTN
+Bl3jhRbAkskGd0AWRhmF/zyjSmk1QkJYw4Q994bShxpTwB/5UqgxR7dt2S3d6lA
o6naEirrPk8M2Gv1pVFiX47nlQMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSz3vU/
B2mS+u3SdxamCH+VkX7y7jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQBBHNx9IeZGdo98h/AEU9DRLdgkUSt62xAQqFVeqteo
h/+aB1VQr0WX+NyTKtu5mpp3U1U5jR8rM8HKifNRqtRWnoSNEFzzovIO2gllqAbP
VJ5+q0vtdk/ibKU8MjWpiQJtFL1v1D1+EGwNOUxfpTHOTZwexiE2WIyZkzADvUF8
CNYeJH8Yeh11JuXE2DJ8xeH/FgfNs8wGos6VStXDlG7LsnKwAJMug6K2BLzR6iLz
Gm6V/STRtyPJMa4GYQ6lE5OHYBBjcC7GP9eqSeVODQOQ9Ch7B5+IMLkX5v95axxf
GxrCCajZqGLHZJNsWHaJ6MvCmkERdRQkGzsHBi4vJfkI
-----END CERTIFICATE-----
Generated at Tue May 6 07:22:00 2025 by rpki-client