Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
File: 1daf6597-c039-470d-a015-f42507e1afef.roa (raw, json)
Hash identifier: OP56dMHLUMk9miMeTZQH1vP3pjL+bMuoYZkMx3JLps0=
Subject key identifier: 9D:26:4D:16:EF:20:A3:60:F0:57:05:7E:19:0C:43:38:45:1A:D8:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AD22794547DF39397E14F63741865643074C45F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
Signing time: Mon 16 Jun 2025 21:51:28 +0000
ROA not before: Mon 16 Jun 2025 21:51:28 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:d2:27:94:54:7d:f3:93:97:e1:4f:63:74:18:65:64:30:74:c4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:28 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=99924f77aa673c821e16abafe4176752905791b58bc46e13432c9c73ee8f3e2d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:38:a0:66:19:10:af:4f:14:75:53:1d:12:a4:
97:fe:91:b6:42:c9:76:7b:c6:1c:6f:f2:42:d4:99:
9a:86:96:db:5d:f8:b9:48:80:46:6a:96:c6:ec:8a:
e9:a9:7c:90:3a:ff:de:3c:7d:9c:c5:8b:a5:a7:3d:
f9:e7:2c:d5:3d:2b:d9:b8:3c:f1:47:1f:db:87:f5:
3f:61:c5:83:73:33:0d:ad:b0:b0:e4:29:fc:d9:24:
c5:2a:36:43:3a:2b:97:da:87:51:93:85:55:19:5c:
8b:dd:88:51:bd:99:c1:36:94:8c:ad:14:11:6f:94:
68:99:cc:93:c9:72:5c:8d:9a:e2:76:0c:6f:c1:19:
2b:be:b0:62:13:f9:e6:31:a7:9f:26:dd:71:10:fb:
fa:25:b2:18:72:74:bf:25:e2:46:a0:f8:3c:ec:93:
dd:f1:a5:3d:07:76:f1:3c:58:53:92:51:a6:85:c4:
10:69:4a:7c:59:9b:f0:99:de:67:a4:25:ec:7a:94:
69:01:b3:56:cf:2e:ab:75:bd:ce:05:86:fa:23:b2:
97:f0:7a:cf:dc:a7:a6:fc:7e:76:fe:00:78:88:c6:
d6:77:26:da:18:f2:3c:98:ae:9c:7e:dd:90:2b:a8:
c4:34:f3:3d:31:b8:ac:5d:51:aa:1d:3a:ab:0d:7e:
ec:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:26:4D:16:EF:20:A3:60:F0:57:05:7E:19:0C:43:38:45:1A:D8:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2b:c4:76:48:97:38:da:aa:61:2e:ce:67:11:91:9e:b0:8b:a9:
16:7a:4c:2e:97:22:16:31:9e:57:f8:7d:94:31:95:ac:d0:76:
0e:64:be:a9:65:21:bd:95:10:c9:a7:db:cb:4f:49:ec:1a:bd:
5d:52:d3:bc:aa:6d:51:67:14:85:0c:08:75:c7:0b:d4:21:30:
1f:28:b9:76:f5:e5:5d:91:62:f5:51:d6:8d:fb:9f:05:e5:44:
40:14:22:ff:0d:8e:cd:7e:d0:92:63:b3:58:58:38:6e:88:09:
4c:f4:1c:2d:f2:58:89:85:cc:8f:25:40:3a:c3:9f:d8:df:e6:
a3:2f:a5:24:b9:c1:36:e8:db:00:c4:65:77:ce:34:ec:b2:f4:
8d:4a:d3:8a:51:bb:6b:54:6e:c6:95:08:39:81:5b:1d:03:05:
d1:06:eb:b0:32:7a:65:bc:15:67:25:bb:28:f5:a4:18:cd:d1:
65:b3:2e:9e:d0:2d:77:d4:6c:32:1e:a4:1a:3d:16:83:d9:17:
88:ed:4c:47:8b:47:0f:f1:34:a0:ad:a4:58:bf:51:16:cc:9b:
b0:14:ca:a7:00:7c:89:12:00:68:02:1c:53:4a:d1:08:78:9a:
51:cc:7b:4f:f5:9d:5b:a5:09:4c:69:25:22:4c:14:2c:24:3d:
77:de:91:8e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCtInlFR985OX4U9jdBhlZDB0xF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMjhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5OTI0Zjc3YWE2NzNjODIxZTE2YWJhZmU0MTc2NzUyOTA1NzkxYjU4YmM0
NmUxMzQzMmM5YzczZWU4ZjNlMmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQ4oGYZEK9PFHVTHRKkl/6RtkLJdnvGHG/yQtSZmoaW2134uUiARmqWxuyK
6al8kDr/3jx9nMWLpac9+ecs1T0r2bg88Ucf24f1P2HFg3MzDa2wsOQp/NkkxSo2
Qzorl9qHUZOFVRlci92IUb2ZwTaUjK0UEW+UaJnMk8lyXI2a4nYMb8EZK76wYhP5
5jGnnybdcRD7+iWyGHJ0vyXiRqD4POyT3fGlPQd28TxYU5JRpoXEEGlKfFmb8Jne
Z6Ql7HqUaQGzVs8uq3W9zgWG+iOyl/B6z9ynpvx+dv4AeIjG1ncm2hjyPJiunH7d
kCuoxDTzPTG4rF1Rqh06qw1+7GcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSdJk0W
7yCjYPBXBX4ZDEM4RRrYLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRhZjY1OTctYzAzOS00NzBkLWEwMTUtZjQyNTA3ZTFhZmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQArxHZIlzjaqmEuzmcRkZ6wi6kWekwulyIWMZ5X+H2U
MZWs0HYOZL6pZSG9lRDJp9vLT0nsGr1dUtO8qm1RZxSFDAh1xwvUITAfKLl29eVd
kWL1UdaN+58F5URAFCL/DY7NftCSY7NYWDhuiAlM9Bwt8liJhcyPJUA6w5/Y3+aj
L6UkucE26NsAxGV3zjTssvSNStOKUbtrVG7GlQg5gVsdAwXRBuuwMnplvBVnJbso
9aQYzdFlsy6e0C131GwyHqQaPRaD2ReI7UxHi0cP8TSgraRYv1EWzJuwFMqnAHyJ
EgBoAhxTStEIeJpRzHtP9Z1bpQlMaSUiTBQsJD133pGO
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:28:47 2025 by rpki-client