Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: wiW4iCSRg9aGpt79xbPApNEieAWUW5s4hD/kWwqaSPk=
Subject key identifier: 6F:EA:8E:DD:5B:A8:5F:6D:6C:96:4E:40:8D:7E:FC:42:EC:AF:A0:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3667CF182291B91008E979F15B42CC186ED10225
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Mon 16 Jun 2025 22:00:03 +0000
ROA not before: Mon 16 Jun 2025 22:00:03 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:67:cf:18:22:91:b9:10:08:e9:79:f1:5b:42:cc:18:6e:d1:02:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:03 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=af7428fd0aa137fe20b4e02eedef532f7ab003e2303ab2748b1daf7beab1438f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1b:6d:6c:59:76:6d:49:be:f8:36:15:81:f9:
19:b8:eb:7f:f2:d8:da:0b:c8:15:f2:97:cf:f7:b6:
36:d1:3b:e2:93:58:9a:eb:58:04:66:47:e0:50:f2:
14:4a:f6:67:0c:5f:9e:55:92:a5:44:2e:d3:d6:19:
a0:2d:0f:55:f7:37:3f:25:34:42:07:e9:1a:63:aa:
0e:01:4c:58:07:f7:73:04:05:ef:09:cd:5e:23:a0:
21:a2:17:af:df:81:08:25:e9:05:f1:51:04:d4:98:
51:73:95:07:17:f7:f0:ff:e5:60:30:54:a0:f1:6c:
f1:66:55:6f:9e:1d:5d:1d:2f:e1:04:84:0f:30:73:
ce:28:ec:49:7b:74:6d:1f:c7:85:66:fe:17:fe:a7:
77:ba:ba:e2:8f:44:82:cc:00:1c:48:70:f1:25:39:
29:34:ef:6e:d5:3c:0e:16:21:55:17:ba:ab:be:3c:
e4:0e:d0:14:d0:0f:5b:6d:5f:4d:66:fd:b3:cd:a5:
8d:a7:2a:89:ce:07:fb:38:3a:f4:c6:77:71:54:d3:
28:77:3d:5e:9e:4e:14:76:35:b7:b9:91:8c:7a:ff:
8b:da:c9:d2:8e:48:75:74:d0:e4:19:dc:0a:48:8c:
ad:6c:a2:f6:b3:61:d0:ef:fc:11:a7:0a:16:28:14:
45:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EA:8E:DD:5B:A8:5F:6D:6C:96:4E:40:8D:7E:FC:42:EC:AF:A0:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
29:5a:ea:ba:68:9c:44:64:58:b2:31:44:8f:e3:8f:62:58:9c:
8a:7a:31:6c:fd:f4:a6:2e:98:30:23:85:d8:1c:40:e5:78:d2:
f1:59:da:3c:13:cf:e4:6a:61:71:a8:79:a2:2f:27:25:8d:b2:
00:f1:f2:3e:8d:8e:0a:75:aa:86:fc:28:0d:f7:86:af:2e:f6:
ca:9c:40:15:77:d5:7e:96:a0:fa:38:ba:df:f3:ae:1e:c8:0e:
23:ab:85:9a:fe:3d:7b:5e:15:25:15:86:fa:07:92:fb:d2:0c:
2c:72:75:a0:a3:9a:22:45:ef:e7:ca:fd:be:5f:f2:c8:26:4b:
3d:1d:49:2c:f4:95:0b:dc:ba:26:d3:d7:95:62:b0:3f:b1:d1:
60:a8:d7:1e:06:ef:32:20:3a:5d:96:66:8e:8a:86:de:3d:7b:
34:93:f6:a1:69:26:b1:4b:c3:d3:7a:8d:c2:1f:ab:ca:64:35:
c4:6a:5a:c2:ce:2e:93:21:9b:7a:80:dd:c8:66:d0:69:bd:3a:
1d:ee:01:36:f3:96:30:2e:d8:dd:12:c3:ff:2b:d6:f0:63:d5:
91:da:31:ae:ca:7f:57:27:a6:e3:70:86:94:e4:16:56:7d:a2:
3e:f1:06:0d:ea:4f:a6:6d:d7:73:29:86:63:34:65:1b:a9:bb:
23:3b:df:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNmfPGCKRuRAI6XnxW0LMGG7RAiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNzQyOGZkMGFhMTM3ZmUyMGI0ZTAyZWVkZWY1MzJmN2FiMDAzZTIzMDNh
YjI3NDhiMWRhZjdiZWFiMTQzOGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwbbWxZdm1Jvvg2FYH5Gbjrf/LY2gvIFfKXz/e2NtE74pNYmutYBGZH4FDy
FEr2ZwxfnlWSpUQu09YZoC0PVfc3PyU0QgfpGmOqDgFMWAf3cwQF7wnNXiOgIaIX
r9+BCCXpBfFRBNSYUXOVBxf38P/lYDBUoPFs8WZVb54dXR0v4QSEDzBzzijsSXt0
bR/HhWb+F/6nd7q64o9EgswAHEhw8SU5KTTvbtU8DhYhVRe6q7485A7QFNAPW21f
TWb9s82ljacqic4H+zg69MZ3cVTTKHc9Xp5OFHY1t7mRjHr/i9rJ0o5IdXTQ5Bnc
CkiMrWyi9rNh0O/8EacKFigURbMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRv6o7d
W6hfbWyWTkCNfvxC7K+guzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQApWuq6aJxEZFiyMUSP449iWJyKejFs/fSmLpgwI4XY
HEDleNLxWdo8E8/kamFxqHmiLycljbIA8fI+jY4KdaqG/CgN94avLvbKnEAVd9V+
lqD6OLrf864eyA4jq4Wa/j17XhUlFYb6B5L70gwscnWgo5oiRe/nyv2+X/LIJks9
HUks9JUL3Lom09eVYrA/sdFgqNceBu8yIDpdlmaOiobePXs0k/ahaSaxS8PTeo3C
H6vKZDXEalrCzi6TIZt6gN3IZtBpvTod7gE285YwLtjdEsP/K9bwY9WR2jGuyn9X
J6bjcIaU5BZWfaI+8QYN6k+mbddzKYZjNGUbqbsjO99w
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:24:44 2025 by rpki-client