Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: hQOjfsBLsDCPkJ2e9RGRy/pjuVifgcavDcJ+iK4nk2g=
Subject key identifier: 37:1B:69:27:A1:25:25:36:09:D0:A4:67:F9:08:3F:CB:99:76:04:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AE5F2D699B9301299E632D375686BF5B9EA8B5A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Mon 28 Apr 2025 15:50:53 +0000
ROA not before: Mon 28 Apr 2025 15:50:53 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:e5:f2:d6:99:b9:30:12:99:e6:32:d3:75:68:6b:f5:b9:ea:8b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:53 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=30a3b273d8cea9171410ce7bfb1b9f949a7d9a5228e3fea3ee09a44f4c592745, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:68:f2:f9:60:43:54:b9:cc:ef:b3:2e:9a:46:
11:c0:7e:af:b8:01:8e:ff:4a:38:46:eb:8d:ec:08:
e4:18:25:37:27:0c:e3:82:39:d4:5d:27:8b:aa:3e:
26:b1:6f:28:6d:ad:44:f9:3a:74:54:75:4f:51:d2:
d2:c7:8b:6a:d3:74:d2:53:56:16:8e:bc:6d:97:f8:
93:8e:36:81:ff:24:61:03:aa:87:f7:a8:6e:9c:7e:
d7:9a:60:56:7d:d7:d4:2d:14:27:97:83:bd:19:86:
3a:45:eb:a9:d6:0a:2a:b0:28:49:25:f2:63:6b:e7:
25:76:18:31:87:8b:98:70:89:fb:46:88:64:24:9d:
e0:af:22:2f:a1:d3:42:39:ae:5b:97:08:43:ad:de:
2f:ba:53:fc:57:cb:39:28:f6:82:78:0e:fa:32:de:
02:45:31:85:53:3f:56:a1:58:b6:5f:0b:22:1e:5b:
4a:40:c1:94:11:b1:86:53:f3:7c:30:66:4b:89:da:
97:60:1b:12:12:25:58:36:d6:77:a8:43:fb:89:c2:
0d:fa:ea:99:25:b0:b8:82:6e:ba:09:fb:92:6c:3c:
e7:e7:f3:2d:d3:d0:b7:57:af:d7:24:fb:af:a9:4d:
54:d7:c8:5a:1f:f3:a2:72:f8:bb:d8:aa:87:ed:2c:
c0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1B:69:27:A1:25:25:36:09:D0:A4:67:F9:08:3F:CB:99:76:04:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:4a:2a:17:bf:9b:95:2f:40:c2:9b:f8:bc:b4:41:68:fb:2b:
25:db:d5:db:04:3b:43:44:86:fd:33:dc:07:71:af:73:99:60:
b0:3b:d7:33:12:16:db:28:d6:6d:5a:84:ec:d1:c7:03:2a:da:
8b:47:25:9b:89:b9:e6:0c:c1:00:f2:87:c9:c0:f8:bd:f7:60:
28:ff:15:25:02:2b:f0:2f:b8:a3:75:b2:6f:f9:e3:68:2e:7b:
d7:2f:f1:ae:fd:60:ba:72:a2:51:62:bf:f6:0e:5c:a2:0d:64:
70:61:17:35:b7:a9:52:98:ad:d2:cb:34:00:43:41:6c:68:1d:
d5:d9:ec:e7:32:92:b3:8f:d2:ab:8f:44:33:63:37:13:35:df:
0a:0f:1b:36:96:e6:ea:e1:ed:cc:20:a2:89:9c:c5:d2:73:79:
25:e9:5b:44:b3:2b:c0:66:13:f0:12:e1:ce:4f:db:02:8a:bd:
7e:f4:33:87:91:18:67:00:c0:10:37:2a:f6:9d:18:27:13:47:
16:9c:12:1b:ab:85:a5:50:6b:53:49:59:32:57:8f:0f:0a:27:
b1:e6:f7:9b:ca:17:4d:3d:bb:56:57:03:d1:e2:a5:23:4e:10:
cb:8a:31:06:ea:6a:45:08:a7:5d:60:f9:77:2a:1d:bb:90:11:
2c:ae:3d:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCuXy1pm5MBKZ5jLTdWhr9bnqi1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNTNaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwYTNiMjczZDhjZWE5MTcxNDEwY2U3YmZiMWI5Zjk0OWE3ZDlhNTIyOGUz
ZmVhM2VlMDlhNDRmNGM1OTI3NDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxo8vlgQ1S5zO+zLppGEcB+r7gBjv9KOEbrjewI5BglNycM44I51F0ni6o+
JrFvKG2tRPk6dFR1T1HS0seLatN00lNWFo68bZf4k442gf8kYQOqh/eobpx+15pg
Vn3X1C0UJ5eDvRmGOkXrqdYKKrAoSSXyY2vnJXYYMYeLmHCJ+0aIZCSd4K8iL6HT
QjmuW5cIQ63eL7pT/FfLOSj2gngO+jLeAkUxhVM/VqFYtl8LIh5bSkDBlBGxhlPz
fDBmS4nal2AbEhIlWDbWd6hD+4nCDfrqmSWwuIJuugn7kmw85+fzLdPQt1ev1yT7
r6lNVNfIWh/zonL4u9iqh+0swCUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ3G2kn
oSUlNgnQpGf5CD/LmXYEyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQArSioXv5uVL0DCm/i8tEFo+ysl29XbBDtDRIb9M9wH
ca9zmWCwO9czEhbbKNZtWoTs0ccDKtqLRyWbibnmDMEA8ofJwPi992Ao/xUlAivw
L7ijdbJv+eNoLnvXL/Gu/WC6cqJRYr/2DlyiDWRwYRc1t6lSmK3SyzQAQ0FsaB3V
2eznMpKzj9Krj0QzYzcTNd8KDxs2lubq4e3MIKKJnMXSc3kl6VtEsyvAZhPwEuHO
T9sCir1+9DOHkRhnAMAQNyr2nRgnE0cWnBIbq4WlUGtTSVkyV48PCiex5vebyhdN
PbtWVwPR4qUjThDLijEG6mpFCKddYPl3Kh27kBEsrj03
-----END CERTIFICATE-----
Generated at Mon May 5 06:21:31 2025 by rpki-client