Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json)
Hash identifier: O7sephgAKTdrzCK6DZteLr9rjgL7yQ4N2xse23XfTeo=
Subject key identifier: 22:77:16:76:9B:75:D6:BE:DD:DF:25:EC:F3:DA:CB:12:0B:DD:74:61
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2CFBA25BB32BD66CA8CDE2AEE58680E4EAB5F48E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
Signing time: Wed 18 Jun 2025 00:30:32 +0000
ROA not before: Wed 18 Jun 2025 00:30:32 +0000
ROA not after: Wed 23 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:fb:a2:5b:b3:2b:d6:6c:a8:cd:e2:ae:e5:86:80:e4:ea:b5:f4:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 18 00:30:32 2025 GMT
Not After : Jul 23 23:59:59 2025 GMT
Subject: serialNumber=81ef18de993b0b7c8cb6fa749e8c233e68120ff6304b7fa92e90fc3d8bac3159, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5b:9d:2f:b8:90:cb:2e:84:7f:72:43:d9:3c:
0e:7f:12:1e:2c:ec:fc:4a:4d:39:2b:07:fe:84:0f:
44:89:9f:ec:02:34:3f:97:c5:a0:b1:fd:b6:70:ad:
f0:95:ee:41:6b:0c:f6:4e:7e:3b:be:5c:af:2b:6b:
e5:5a:78:b0:40:4e:b8:25:04:f3:83:7e:99:8c:f8:
b7:a6:64:00:1d:03:2a:ea:7a:78:8b:ed:dc:41:53:
98:d4:a1:81:6f:4d:8f:35:b6:a9:3d:02:6c:3b:f5:
66:a9:b9:dc:8a:30:7a:7d:d2:fd:43:1c:90:8e:72:
e6:a8:07:9f:89:70:2b:a4:71:ef:f7:90:8a:0d:9b:
03:8d:c5:a0:67:c2:2a:ee:73:98:9c:76:ca:cb:ad:
de:85:cb:03:91:a5:24:45:61:f8:c9:79:84:d8:9e:
bf:3c:43:37:2c:72:0c:d1:11:f9:85:46:10:af:63:
82:27:af:9b:12:f9:31:f8:fa:ab:0a:0f:ad:ee:91:
c1:48:f0:75:cb:52:48:2e:f4:10:56:93:7e:fc:f1:
ac:f6:3c:c8:a7:86:03:6e:fa:19:b2:ab:e5:fe:27:
b9:a9:0c:33:bb:e4:6c:6f:06:88:66:dd:62:07:dc:
e1:36:2e:be:08:52:c7:0b:03:2b:dd:db:3b:d2:07:
20:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:77:16:76:9B:75:D6:BE:DD:DF:25:EC:F3:DA:CB:12:0B:DD:74:61
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.183.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:b3:1a:41:42:79:9c:74:00:3d:6d:e4:c9:b1:b0:f8:cb:33:
67:df:24:4d:fc:40:57:85:f2:41:66:58:2f:df:77:30:63:48:
4d:33:25:fe:39:77:7e:a1:25:a7:14:2b:87:c1:da:9b:ef:16:
d7:d1:dd:c9:7f:17:03:98:5e:13:a0:9e:a5:37:0e:03:98:7a:
91:d2:1f:a7:4c:9b:0d:8e:c4:d8:3f:77:d8:cf:cf:2d:f9:b0:
61:a5:29:cf:18:40:c4:a1:a8:fc:6e:1c:9d:b6:db:36:c1:c8:
e8:bb:ac:af:ea:eb:38:01:71:5e:58:59:3b:9d:1a:ee:ef:ea:
0b:3f:39:be:1e:ea:f1:ec:91:3c:a7:54:31:87:dd:7d:b8:02:
68:a3:ea:15:64:6b:84:7e:a6:f6:ca:79:65:e9:b0:c0:fe:46:
fc:16:bf:de:1f:ad:13:ed:97:04:80:1a:44:48:70:b2:23:d1:
88:e8:6d:88:e4:50:e5:28:bf:e2:fa:25:80:ea:19:38:ee:91:
70:ac:b1:90:f4:73:a4:f2:4a:55:53:e1:b7:09:a4:99:43:32:
be:85:bf:a3:90:43:23:88:4d:3d:6b:7a:94:59:69:68:70:ae:
59:f9:19:c9:08:04:6b:80:db:3e:e5:63:70:13:07:92:1d:3c:
57:fa:b1:1b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULPuiW7Mr1myozeKu5YaA5Oq19I4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTgwMDMwMzJaFw0yNTA3MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxZWYxOGRlOTkzYjBiN2M4Y2I2ZmE3NDllOGMyMzNlNjgxMjBmZjYzMDRi
N2ZhOTJlOTBmYzNkOGJhYzMxNTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtbnS+4kMsuhH9yQ9k8Dn8SHizs/EpNOSsH/oQPRImf7AI0P5fFoLH9tnCt
8JXuQWsM9k5+O75crytr5Vp4sEBOuCUE84N+mYz4t6ZkAB0DKup6eIvt3EFTmNSh
gW9NjzW2qT0CbDv1Zqm53Iowen3S/UMckI5y5qgHn4lwK6Rx7/eQig2bA43FoGfC
Ku5zmJx2ysut3oXLA5GlJEVh+Ml5hNievzxDNyxyDNER+YVGEK9jgievmxL5Mfj6
qwoPre6RwUjwdctSSC70EFaTfvzxrPY8yKeGA276GbKr5f4nuakMM7vkbG8GiGbd
Ygfc4TYuvghSxwsDK93bO9IHILUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQidxZ2
m3XWvt3fJezz2ssSC910YTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN
BgkqhkiG9w0BAQsFAAOCAQEAGrMaQUJ5nHQAPW3kybGw+MszZ98kTfxAV4XyQWZY
L993MGNITTMl/jl3fqElpxQrh8Ham+8W19HdyX8XA5heE6CepTcOA5h6kdIfp0yb
DY7E2D932M/PLfmwYaUpzxhAxKGo/G4cnbbbNsHI6Lusr+rrOAFxXlhZO50a7u/q
Cz85vh7q8eyRPKdUMYfdfbgCaKPqFWRrhH6m9sp5ZemwwP5G/Ba/3h+tE+2XBIAa
REhwsiPRiOhtiORQ5Si/4volgOoZOO6RcKyxkPRzpPJKVVPhtwmkmUMyvoW/o5BD
I4hNPWt6lFlpaHCuWfkZyQgEa4DbPuVjcBMHkh08V/qxGw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:57:53 2025 by rpki-client