Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
File: 24601d85-ac6e-46b6-a0d2-d35342ccc951.roa (raw, json)
Hash identifier: 118vRUb76JkupVtPl/lAMqTQupXOouQeoEzTc2VMNEA=
Subject key identifier: CE:6D:C0:29:6E:61:C6:79:77:FB:27:99:2D:AD:08:80:7D:46:9D:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B791558529581EE66CE7B893AF988C57E9EC8EB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
Signing time: Tue 17 Jun 2025 00:50:36 +0000
ROA not before: Tue 17 Jun 2025 00:50:36 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:79:15:58:52:95:81:ee:66:ce:7b:89:3a:f9:88:c5:7e:9e:c8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:36 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=b8836a746b0437500a2adc7d41e5e9b4c5575f4e961b38391489e69208546371, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2a:3b:aa:63:e0:5c:00:b9:72:c6:ab:34:42:
2a:6e:76:b9:f8:7a:aa:ca:ee:22:2d:fd:d2:a3:4b:
33:0d:d2:7d:6b:13:c3:34:bc:87:b2:08:87:13:20:
bc:d7:1b:a8:55:dd:0f:9a:02:0a:db:fa:44:36:ac:
bb:31:0c:f8:c3:c0:e3:7a:75:9f:bc:39:b3:2b:b0:
2f:61:74:6c:3e:1a:a6:6c:be:66:a6:10:b9:54:1d:
6c:a1:ee:cc:94:82:83:39:08:a6:5e:36:06:8a:d8:
0b:38:54:c1:c8:b2:f5:9d:2a:b1:76:fc:29:17:c1:
d5:85:fd:a6:6a:2a:e0:69:4f:bb:2a:ea:1f:df:0d:
6e:31:52:38:5d:08:f7:b5:a4:a3:1c:22:ad:28:06:
67:01:6b:46:c6:4b:24:12:dc:76:4d:b8:39:6e:c8:
13:fd:3c:e0:d1:2c:ca:5b:99:1b:fa:4d:3f:76:28:
ef:57:67:aa:4b:87:63:3b:a6:13:f7:96:55:df:f8:
f1:18:1a:2a:f3:a4:43:39:40:4f:69:01:9c:7a:69:
ff:6b:32:8b:dd:eb:da:7a:22:e8:84:bd:94:4a:79:
1b:40:0c:aa:7b:12:b7:b2:b1:7a:fc:e3:6c:b5:d4:
86:3e:97:ff:aa:c6:f1:18:ea:43:34:be:e9:7a:a6:
e6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6D:C0:29:6E:61:C6:79:77:FB:27:99:2D:AD:08:80:7D:46:9D:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:6e:7a:b2:f0:12:bd:c7:93:0b:77:fb:3c:eb:1c:6f:c6:94:
f4:d6:b8:88:90:97:2b:81:0e:d1:71:58:95:11:c3:32:28:73:
b9:55:a2:1f:ef:ae:bf:ba:f8:1a:91:c1:91:e5:54:ed:18:38:
c0:ec:7d:8b:60:8f:7d:62:9e:cf:27:a1:df:4e:61:8b:23:8a:
96:2b:96:90:e6:32:9c:9e:f1:86:34:ad:59:a3:bc:8a:8c:b9:
05:8a:c8:2c:43:59:29:c6:8e:92:ab:1f:ef:62:4f:87:0e:c3:
ce:7a:2f:29:e2:31:a5:fe:23:63:49:6b:2e:96:99:e2:7f:5b:
0f:bf:4f:89:a6:3a:f1:22:81:c2:77:28:cc:15:48:07:9a:1f:
d4:28:07:e0:7f:cc:52:1b:02:75:f2:a1:b5:bf:dc:30:fe:84:
9a:46:8d:82:f1:98:41:d9:8e:7b:ac:e5:f1:c1:85:5b:39:cf:
f5:df:18:20:a8:da:f1:59:3d:fd:de:62:b2:f1:07:91:a9:9e:
08:38:ec:3b:06:9b:6c:52:1a:2b:2d:4b:b4:5b:bd:49:77:14:
04:4c:7f:a7:9a:16:08:ed:01:91:c2:b3:21:5b:4d:72:50:61:
08:64:bd:5d:b4:6f:66:6b:18:ef:26:cc:d8:77:e5:31:be:b4:
8b:86:f7:ae
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC3kVWFKVge5mznuJOvmIxX6eyOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzZaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4ODM2YTc0NmIwNDM3NTAwYTJhZGM3ZDQxZTVlOWI0YzU1NzVmNGU5NjFi
MzgzOTE0ODllNjkyMDg1NDYzNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUqO6pj4FwAuXLGqzRCKm52ufh6qsruIi390qNLMw3SfWsTwzS8h7IIhxMg
vNcbqFXdD5oCCtv6RDasuzEM+MPA43p1n7w5syuwL2F0bD4apmy+ZqYQuVQdbKHu
zJSCgzkIpl42BorYCzhUwciy9Z0qsXb8KRfB1YX9pmoq4GlPuyrqH98NbjFSOF0I
97WkoxwirSgGZwFrRsZLJBLcdk24OW7IE/084NEsyluZG/pNP3Yo71dnqkuHYzum
E/eWVd/48RgaKvOkQzlAT2kBnHpp/2syi93r2noi6IS9lEp5G0AMqnsSt7Kxevzj
bLXUhj6X/6rG8RjqQzS+6Xqm5icCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTObcAp
bmHGeXf7J5ktrQiAfUad/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ2MDFkODUtYWM2ZS00NmI2LWEwZDItZDM1MzQyY2NjOTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQANbnqy8BK9x5MLd/s86xxvxpT01riIkJcrgQ7RcViV
EcMyKHO5VaIf766/uvgakcGR5VTtGDjA7H2LYI99Yp7PJ6HfTmGLI4qWK5aQ5jKc
nvGGNK1Zo7yKjLkFisgsQ1kpxo6Sqx/vYk+HDsPOei8p4jGl/iNjSWsulpnif1sP
v0+JpjrxIoHCdyjMFUgHmh/UKAfgf8xSGwJ18qG1v9ww/oSaRo2C8ZhB2Y57rOXx
wYVbOc/13xggqNrxWT393mKy8QeRqZ4IOOw7BptsUhorLUu0W71JdxQETH+nmhYI
7QGRwrMhW01yUGEIZL1dtG9maxjvJszYd+UxvrSLhveu
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:00:02 2025 by rpki-client