Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json)
Hash identifier: PAEQOW9JCKUKafI87Au4K1nmlY7DhNx5YrB5eGfoljc=
Subject key identifier: E8:F3:60:1B:6E:B1:F0:5F:61:3B:89:8D:3B:47:2F:46:B9:B2:0F:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21B52473BC0592D39B7130CB71E1409FE8E15410
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
Signing time: Mon 28 Apr 2025 15:50:44 +0000
ROA not before: Mon 28 Apr 2025 15:50:44 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b5:24:73:bc:05:92:d3:9b:71:30:cb:71:e1:40:9f:e8:e1:54:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:44 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=e49c7d57f16e919053f17ca749400098dfe62afab2670f91785c384a98aa07bb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:1b:24:85:b7:4e:b2:b8:8e:17:50:22:d0:
d1:10:ca:98:c0:56:78:65:2e:2c:70:e2:cd:59:cb:
9d:bc:a3:6f:1e:83:78:02:ed:9c:68:ee:4a:40:a5:
90:d0:38:a2:bc:2b:47:5b:d6:01:47:c7:8e:02:e4:
32:fe:f8:d6:ad:ad:f4:63:a9:e6:4a:68:c5:09:7e:
b3:5c:7e:02:5a:66:4a:1e:05:5b:aa:38:42:10:ce:
e9:7c:41:4e:2b:04:94:8b:0d:b4:00:87:fa:42:40:
e7:84:f7:82:eb:71:5c:fb:ce:ba:4b:9e:98:3b:a6:
e0:5b:67:8e:75:e0:93:bc:f1:c6:3e:22:1f:3e:6a:
6f:4b:51:4e:a0:d2:4f:a6:b5:41:88:b9:2d:ed:7e:
e2:b1:ed:ff:a0:ed:d4:ca:56:8e:76:e8:c0:e9:7f:
38:ad:46:5a:ab:a6:4c:be:1d:95:b1:98:35:b9:98:
a8:11:28:58:10:4f:59:17:02:d7:8f:05:93:46:7b:
ad:74:d9:f8:c2:65:7b:cf:3c:58:fb:e4:eb:dc:e8:
ac:fc:63:10:6b:d2:41:43:54:bd:07:e0:f0:77:17:
76:0c:27:71:e8:06:03:46:9a:7e:ca:9b:6f:11:b4:
2e:4a:4f:3e:44:6d:db:75:b9:42:75:fd:d5:5d:bb:
2e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F3:60:1B:6E:B1:F0:5F:61:3B:89:8D:3B:47:2F:46:B9:B2:0F:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.240.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:4d:68:38:a3:e6:56:d1:73:83:4e:91:32:05:51:20:3c:95:
ac:95:4c:08:96:3b:77:b1:1c:79:1d:4a:52:ad:50:56:bf:bd:
fc:f0:90:df:86:a1:86:8b:76:e0:87:73:44:8b:a9:92:4a:f4:
32:16:9a:0f:8a:6c:9b:29:e6:8e:89:e0:bd:62:2d:b4:db:4d:
4f:4e:2c:b3:b1:d6:76:64:16:dd:79:74:32:c7:67:15:bc:a0:
d2:04:2f:99:0b:68:c1:c1:d1:6f:27:75:e6:a4:c1:ee:18:b6:
57:92:a9:ff:65:8e:7d:50:d8:01:ac:29:1d:4d:6b:cc:b7:8d:
e4:b6:8a:27:35:5c:e5:a3:b0:2c:15:27:05:e1:66:18:b3:b0:
7f:74:5f:cf:ca:10:ec:55:9e:65:50:28:58:4e:79:9d:55:3e:
71:b9:e2:c2:90:91:b4:ea:3e:7d:d2:25:07:eb:4b:b7:a8:4c:
5d:34:13:6c:50:c6:32:27:1f:b9:34:1f:73:3d:f7:6a:86:48:
b4:2c:1b:4a:0b:ed:e4:40:99:99:c3:59:af:ee:53:9c:e3:e8:
81:eb:d6:99:18:89:d2:a4:bc:b2:e4:2b:5a:c6:c2:2e:1e:08:
dd:7b:b3:39:ad:e8:98:b0:c9:25:a1:4c:af:ae:02:47:52:97:
1b:87:08:d9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIbUkc7wFktObcTDLceFAn+jhVBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNDRaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0OWM3ZDU3ZjE2ZTkxOTA1M2YxN2NhNzQ5NDAwMDk4ZGZlNjJhZmFiMjY3
MGY5MTc4NWMzODRhOThhYTA3YmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzcGySFt06yuI4XUCLQ0RDKmMBWeGUuLHDizVnLnbyjbx6DeALtnGjuSkCl
kNA4orwrR1vWAUfHjgLkMv741q2t9GOp5kpoxQl+s1x+AlpmSh4FW6o4QhDO6XxB
TisElIsNtACH+kJA54T3gutxXPvOukuemDum4FtnjnXgk7zxxj4iHz5qb0tRTqDS
T6a1QYi5Le1+4rHt/6Dt1MpWjnbowOl/OK1GWqumTL4dlbGYNbmYqBEoWBBPWRcC
148Fk0Z7rXTZ+MJle888WPvk69zorPxjEGvSQUNUvQfg8HcXdgwncegGA0aafsqb
bxG0LkpPPkRt23W5QnX91V27LlsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTo82Ab
brHwX2E7iY07Ry9GubIPxzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN
BgkqhkiG9w0BAQsFAAOCAQEAzk1oOKPmVtFzg06RMgVRIDyVrJVMCJY7d7EceR1K
Uq1QVr+9/PCQ34ahhot24IdzRIupkkr0MhaaD4psmynmjongvWIttNtNT04ss7HW
dmQW3Xl0MsdnFbyg0gQvmQtowcHRbyd15qTB7hi2V5Kp/2WOfVDYAawpHU1rzLeN
5LaKJzVc5aOwLBUnBeFmGLOwf3Rfz8oQ7FWeZVAoWE55nVU+cbniwpCRtOo+fdIl
B+tLt6hMXTQTbFDGMicfuTQfcz33aoZItCwbSgvt5ECZmcNZr+5TnOPogevWmRiJ
0qS8suQrWsbCLh4I3XuzOa3omLDJJaFMr64CR1KXG4cI2Q==
-----END CERTIFICATE-----
Generated at Mon May 5 05:54:26 2025 by rpki-client