Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: oOk7gQmuicDV1YAua0ActQnleFmfEMpvYUou1v7oKGw=
Subject key identifier: 88:B9:30:BF:CE:FE:21:58:E6:41:51:7B:53:B3:88:E0:48:36:65:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66631D088006D34AEDDACA54AC7D63BB7C49C504
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Tue 17 Jun 2025 00:51:07 +0000
ROA not before: Tue 17 Jun 2025 00:51:07 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:63:1d:08:80:06:d3:4a:ed:da:ca:54:ac:7d:63:bb:7c:49:c5:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:07 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=3ce3a312c43a5c9890421c2b5c231620711ef5cb84124313ed0e5a3e20a6c64d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:97:f5:b7:8e:3d:a7:96:23:fa:47:41:e3:90:
c5:f7:5a:c5:8e:99:29:97:77:eb:f4:ea:a1:f7:b8:
be:b7:84:ca:07:44:9c:31:e1:e6:e7:b0:30:7f:a0:
3a:c4:ad:d2:b4:02:92:d3:09:13:f2:f0:5e:a7:5e:
46:68:07:fa:a5:b1:bd:08:21:8b:ee:73:aa:29:51:
8a:61:35:1f:c8:10:4f:df:b0:b6:78:6e:0f:65:3b:
9a:4e:f7:14:c6:74:da:bd:4e:34:7d:e7:26:90:c4:
65:7c:f4:b9:54:01:d9:08:1e:3a:d7:23:4c:a3:8d:
2b:ca:c9:3e:cc:9a:0a:d5:1d:28:f9:0c:2b:b4:60:
18:94:0a:64:97:32:f5:e6:44:6b:67:22:97:14:c1:
b1:d2:84:86:56:b1:da:97:9a:28:37:cd:1f:30:cd:
b3:7f:b6:57:73:74:03:13:c5:45:79:e6:db:78:80:
b7:13:1b:e7:5d:56:6e:31:8b:23:10:26:50:a4:c2:
2b:6d:1f:6b:30:d5:51:10:70:c9:53:d4:c3:b2:f7:
74:83:0b:95:cb:bf:d0:f3:8d:22:74:90:1e:c1:59:
b6:72:ed:03:4d:20:23:1d:77:3c:c4:cb:81:b5:5a:
3d:c7:1b:e4:6b:14:9a:08:68:eb:2d:e5:9c:34:95:
a8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B9:30:BF:CE:FE:21:58:E6:41:51:7B:53:B3:88:E0:48:36:65:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
96:8f:63:93:a3:aa:4c:bd:fd:ef:67:c7:56:ee:a5:95:45:bb:
d2:57:69:c1:00:ca:99:f0:f2:90:3e:e2:9a:77:a4:c6:62:01:
cc:dd:cc:e6:d9:86:d6:b5:95:95:63:2d:5b:b7:4c:cf:2e:f2:
91:76:60:e6:88:7b:bb:7a:57:ad:e8:50:fa:cd:18:69:85:60:
ac:2e:08:11:5d:e6:e0:3d:d6:46:f0:d5:f4:04:c5:63:36:01:
ea:f2:16:c3:0f:01:3d:12:be:4d:24:94:5f:ab:81:b8:6f:9b:
05:60:ac:4b:ea:e1:b0:80:d2:40:41:08:90:1a:9c:18:70:03:
ce:42:ce:9a:19:57:4b:b6:6b:0a:1f:04:66:d3:6a:9d:71:bd:
34:2c:6a:c3:2c:9b:ec:34:e2:75:ee:24:c9:d7:09:d5:1f:42:
17:a8:2e:18:5c:da:22:46:34:d0:79:b5:e0:4d:dc:80:b3:cc:
1d:57:5b:78:be:04:9b:f1:05:cf:f7:5b:d0:65:4a:e4:1e:40:
27:73:a5:3d:b0:5c:fa:2f:b7:31:99:2f:1b:6b:5d:d1:f9:6a:
6c:a5:a3:5e:02:07:16:d4:20:c7:07:f2:12:a8:1e:09:5e:01:
f5:40:09:f7:0c:89:ac:dc:e8:ce:d3:fa:ad:f3:b3:79:9c:85:
a3:6e:72:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZmMdCIAG00rt2spUrH1ju3xJxQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjZTNhMzEyYzQzYTVjOTg5MDQyMWMyYjVjMjMxNjIwNzExZWY1Y2I4NDEy
NDMxM2VkMGU1YTNlMjBhNmM2NGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+X9beOPaeWI/pHQeOQxfdaxY6ZKZd36/Tqofe4vreEygdEnDHh5uewMH+g
OsSt0rQCktMJE/LwXqdeRmgH+qWxvQghi+5zqilRimE1H8gQT9+wtnhuD2U7mk73
FMZ02r1ONH3nJpDEZXz0uVQB2QgeOtcjTKONK8rJPsyaCtUdKPkMK7RgGJQKZJcy
9eZEa2cilxTBsdKEhlax2peaKDfNHzDNs3+2V3N0AxPFRXnm23iAtxMb511WbjGL
IxAmUKTCK20fazDVURBwyVPUw7L3dIMLlcu/0PONInSQHsFZtnLtA00gIx13PMTL
gbVaPccb5GsUmgho6y3lnDSVqKUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSIuTC/
zv4hWOZBUXtTs4jgSDZlTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAlo9jk6OqTL3972fHVu6llUW70ldpwQDKmfDykD7i
mnekxmIBzN3M5tmG1rWVlWMtW7dMzy7ykXZg5oh7u3pXrehQ+s0YaYVgrC4IEV3m
4D3WRvDV9ATFYzYB6vIWww8BPRK+TSSUX6uBuG+bBWCsS+rhsIDSQEEIkBqcGHAD
zkLOmhlXS7ZrCh8EZtNqnXG9NCxqwyyb7DTide4kydcJ1R9CF6guGFzaIkY00Hm1
4E3cgLPMHVdbeL4Em/EFz/db0GVK5B5AJ3OlPbBc+i+3MZkvG2td0flqbKWjXgIH
FtQgxwfyEqgeCV4B9UAJ9wyJrNzoztP6rfOzeZyFo25yag==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:25:33 2025 by rpki-client