Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: BL8yD8klBl99zIhbVaMj3hdzkHmatKq1/hu6CxHP5hE=
Subject key identifier: 43:8A:DF:4D:EC:27:E8:8E:51:9C:1E:A7:43:DD:72:DF:12:CC:C0:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E0BB3F120CC9867C6B65261DCA868CCA534EAF1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Mon 16 Jun 2025 21:50:58 +0000
ROA not before: Mon 16 Jun 2025 21:50:58 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:0b:b3:f1:20:cc:98:67:c6:b6:52:61:dc:a8:68:cc:a5:34:ea:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:58 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f66b673dcc24fd9c605afdea79f3323ec4da6a5df43040a6929d43cfbfdbe86c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:cc:ad:13:84:92:d0:db:8e:be:be:fd:89:fc:
31:46:c1:94:4a:11:ea:ec:b3:b1:a1:5a:e5:12:a1:
eb:50:3b:a2:60:0c:cf:d6:1e:2f:67:12:a0:45:56:
78:c2:7d:5b:b4:0d:ef:d1:5c:3e:5c:7f:aa:25:45:
04:ba:3e:61:2c:8e:7b:d7:a1:cd:2e:07:51:80:30:
d9:37:6d:80:01:96:1f:77:48:e1:34:2a:02:b2:e3:
b3:ff:ec:d9:da:c3:8b:2f:f9:e1:10:34:bd:83:89:
b2:77:5a:70:d1:86:65:5f:16:44:dd:0b:c2:ba:bd:
52:3c:4f:46:18:cb:32:7b:c3:ad:db:69:7c:59:8b:
44:26:1a:88:16:ec:7b:45:75:48:47:28:e7:c1:da:
9f:64:64:14:4f:23:01:40:0f:73:de:57:50:18:33:
0e:fb:00:22:e1:2c:b0:37:f0:0a:60:4d:07:ed:04:
2c:14:e6:76:84:76:6d:cd:25:e1:dd:cb:7f:f7:f5:
9c:cd:ad:56:59:b3:f7:f0:ef:e4:e7:30:fb:82:0e:
06:45:f6:b5:ed:30:b8:45:9c:f4:6a:da:fd:6e:b6:
e2:d8:f3:c5:95:6d:57:df:30:7c:c4:cf:c4:b7:ff:
41:82:65:74:ce:e3:44:0d:f0:51:21:56:30:7a:a2:
15:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8A:DF:4D:EC:27:E8:8E:51:9C:1E:A7:43:DD:72:DF:12:CC:C0:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:d1:54:19:11:13:5d:71:cb:8f:a9:5a:31:bf:c1:ef:c1:56:
5d:15:17:b2:f5:01:08:ed:a2:32:af:cd:bf:f1:38:db:bf:e5:
4d:db:43:c3:ad:12:50:06:3d:16:48:cd:23:6b:8d:98:8e:68:
53:2a:17:24:71:24:bf:9d:f7:d3:3d:e3:d3:ec:b0:70:a1:43:
5a:4f:44:7d:6c:1f:a1:10:06:35:b2:13:46:b3:97:6a:ff:cf:
45:79:08:e3:63:e3:99:cf:9f:0e:58:9d:3b:55:0b:81:57:27:
bc:af:c5:d7:c0:bc:2e:56:36:0d:a0:68:99:e4:5b:51:cc:eb:
1b:1f:16:2e:5a:0b:02:a3:ee:70:57:96:30:85:79:04:a7:43:
aa:db:fc:05:eb:5e:f3:25:1f:a7:04:30:d8:8b:b6:93:56:b8:
c3:51:ec:ac:64:d3:16:99:13:c3:18:0a:16:27:67:67:39:ad:
2e:fa:75:b3:a8:aa:27:2d:c3:ff:41:14:40:a8:9f:08:f5:0c:
c7:93:99:5f:0e:56:1c:f7:c7:97:f3:50:e6:6c:7e:fe:ed:10:
c7:37:2a:41:31:57:e0:4b:bf:11:39:29:82:c6:11:d4:29:92:
df:b9:0a:db:6a:f5:02:51:65:45:62:a0:f9:1d:88:13:9c:40:
e8:93:76:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbguz8SDMmGfGtlJh3KhozKU06vEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2NmI2NzNkY2MyNGZkOWM2MDVhZmRlYTc5ZjMzMjNlYzRkYTZhNWRmNDMw
NDBhNjkyOWQ0M2NmYmZkYmU4NmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrMrROEktDbjr6+/Yn8MUbBlEoR6uyzsaFa5RKh61A7omAMz9YeL2cSoEVW
eMJ9W7QN79FcPlx/qiVFBLo+YSyOe9ehzS4HUYAw2TdtgAGWH3dI4TQqArLjs//s
2drDiy/54RA0vYOJsndacNGGZV8WRN0Lwrq9UjxPRhjLMnvDrdtpfFmLRCYaiBbs
e0V1SEco58Han2RkFE8jAUAPc95XUBgzDvsAIuEssDfwCmBNB+0ELBTmdoR2bc0l
4d3Lf/f1nM2tVlmz9/Dv5Ocw+4IOBkX2te0wuEWc9Gra/W624tjzxZVtV98wfMTP
xLf/QYJldM7jRA3wUSFWMHqiFVUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRDit9N
7CfojlGcHqdD3XLfEszALjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQCF0VQZERNdccuPqVoxv8HvwVZdFRey9QEI7aIyr82/
8Tjbv+VN20PDrRJQBj0WSM0ja42YjmhTKhckcSS/nffTPePT7LBwoUNaT0R9bB+h
EAY1shNGs5dq/89FeQjjY+OZz58OWJ07VQuBVye8r8XXwLwuVjYNoGiZ5FtRzOsb
HxYuWgsCo+5wV5YwhXkEp0Oq2/wF617zJR+nBDDYi7aTVrjDUeysZNMWmRPDGAoW
J2dnOa0u+nWzqKonLcP/QRRAqJ8I9QzHk5lfDlYc98eX81DmbH7+7RDHNypBMVfg
S78ROSmCxhHUKZLfuQrbavUCUWVFYqD5HYgTnEDok3ao
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:18:15 2025 by rpki-client