Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
File: f060e190-89f7-4009-9831-b2d429343b80.roa (raw, json)
Hash identifier: C16ef/NPQ9r/PWPCSmxr5KzT6ksPkUcSZayMGENRmng=
Subject key identifier: 8D:90:87:EB:EE:B2:79:ED:DE:BD:F9:38:82:7C:4E:88:9B:60:2A:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28E9FA72940E572957ED58D162EA16D60173BA79
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
Signing time: Mon 28 Apr 2025 15:50:43 +0000
ROA not before: Mon 28 Apr 2025 15:50:43 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:e9:fa:72:94:0e:57:29:57:ed:58:d1:62:ea:16:d6:01:73:ba:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:43 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=cceeab47ae2a93b119f3edbdf00c87d8caff87743083e740ba3036b78720e7be, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:10:21:53:64:f8:3d:00:9b:80:2b:a9:be:c8:
69:23:dc:ee:f3:db:05:24:0d:d8:58:43:ef:5a:7d:
2a:50:8d:eb:f8:c1:4c:0b:72:e2:da:e3:48:04:1b:
df:55:cf:3c:95:c5:8b:80:7f:16:58:de:56:59:df:
65:aa:12:bd:f4:6f:bc:ed:70:e4:1f:8c:7c:d8:7a:
a2:06:a1:2f:23:94:37:bd:fb:f3:d7:56:fe:d6:27:
1b:62:9b:90:da:7b:26:28:57:af:b1:22:f7:25:4b:
4c:e3:a9:bd:22:0e:39:3c:5f:8d:ef:02:79:ba:d2:
92:4b:db:43:6c:ce:ba:6b:df:5e:c3:6a:9d:f4:6e:
e2:bb:9d:a3:55:d5:e4:13:a7:aa:ad:c8:3b:bc:75:
15:c8:a0:16:8e:f1:48:6c:9a:8f:3f:54:df:63:46:
bf:30:3b:8d:00:cc:28:41:03:15:d2:67:9e:e8:96:
74:0c:71:cf:31:a1:d4:b9:29:53:47:b7:59:ae:bd:
ce:89:95:8e:f8:65:78:6d:b4:bd:71:57:e8:49:3c:
3a:f4:2a:4b:0f:e0:38:f2:c0:42:d4:bb:7d:4f:62:
6a:7e:c8:62:4c:d3:f6:31:d0:0a:45:08:d7:2d:b5:
3c:fa:3e:bc:02:7b:19:22:cf:7a:45:2b:ca:11:57:
ea:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:90:87:EB:EE:B2:79:ED:DE:BD:F9:38:82:7C:4E:88:9B:60:2A:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
01:e8:3b:d6:6a:50:48:b9:2b:44:2c:5f:55:ae:2d:35:42:78:
85:c2:48:7a:ba:9e:23:65:ea:86:30:09:c0:ed:ab:0d:ee:d1:
fb:e8:fd:47:29:27:19:64:a1:fe:9c:8b:78:54:bd:06:b3:af:
dc:11:c4:6f:6c:55:46:cf:05:ae:be:0b:69:73:bf:a0:92:83:
dc:17:49:5c:b0:b4:7a:32:d5:68:6e:9c:3e:5b:91:79:b0:21:
f2:f1:65:d7:a0:59:6e:3e:b7:0a:56:fa:b9:6d:85:6e:f5:30:
98:3c:31:ae:14:f5:72:24:c8:96:9b:bf:0b:18:95:92:4c:4e:
c4:52:7a:b1:fc:e0:5f:78:ca:df:a7:09:be:25:5e:c4:07:a4:
68:f3:85:74:b8:b1:30:e0:36:69:00:8f:2d:26:0e:91:04:a2:
32:80:40:7f:8b:f5:90:3f:2c:44:f7:cc:6b:e6:51:3c:f8:af:
32:ea:3a:a9:42:5f:1e:8c:5b:6c:61:e8:de:7f:f8:de:bc:33:
27:90:13:06:34:39:73:73:d4:06:54:9b:c1:fe:73:cf:48:8b:
32:2f:db:46:4f:50:33:43:a2:5c:ea:0e:0f:ed:e5:5e:ba:5e:
4f:52:05:69:77:59:fb:93:db:74:4b:09:c7:3a:e5:a6:5e:1d:
cd:3d:2a:4f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKOn6cpQOVylX7VjRYuoW1gFzunkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNDNaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjZWVhYjQ3YWUyYTkzYjExOWYzZWRiZGYwMGM4N2Q4Y2FmZjg3NzQzMDgz
ZTc0MGJhMzAzNmI3ODcyMGU3YmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEQIVNk+D0Am4Arqb7IaSPc7vPbBSQN2FhD71p9KlCN6/jBTAty4trjSAQb
31XPPJXFi4B/FljeVlnfZaoSvfRvvO1w5B+MfNh6ogahLyOUN73789dW/tYnG2Kb
kNp7JihXr7Ei9yVLTOOpvSIOOTxfje8CebrSkkvbQ2zOumvfXsNqnfRu4rudo1XV
5BOnqq3IO7x1FcigFo7xSGyajz9U32NGvzA7jQDMKEEDFdJnnuiWdAxxzzGh1Lkp
U0e3Wa69zomVjvhleG20vXFX6Ek8OvQqSw/gOPLAQtS7fU9ian7IYkzT9jHQCkUI
1y21PPo+vAJ7GSLPekUryhFX6l8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSNkIfr
7rJ57d69+TiCfE6Im2Aq6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA2MGUxOTAtODlmNy00MDA5LTk4MzEtYjJkNDI5MzQzYjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQAB6DvWalBIuStELF9Vri01QniFwkh6up4jZeqGMAnA
7asN7tH76P1HKScZZKH+nIt4VL0Gs6/cEcRvbFVGzwWuvgtpc7+gkoPcF0lcsLR6
MtVobpw+W5F5sCHy8WXXoFluPrcKVvq5bYVu9TCYPDGuFPVyJMiWm78LGJWSTE7E
Unqx/OBfeMrfpwm+JV7EB6Ro84V0uLEw4DZpAI8tJg6RBKIygEB/i/WQPyxE98xr
5lE8+K8y6jqpQl8ejFtsYejef/jevDMnkBMGNDlzc9QGVJvB/nPPSIsyL9tGT1Az
Q6Jc6g4P7eVeul5PUgVpd1n7k9t0SwnHOuWmXh3NPSpP
-----END CERTIFICATE-----
Generated at Mon May 5 14:37:11 2025 by rpki-client