Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: oY9UrZKCQcJhrK0Nx06KhsP4FAmTFHaObC+svMGA3Us=
Subject key identifier: CF:FF:59:B5:CE:25:FE:D1:B7:35:44:BB:57:2A:23:7F:DD:D5:34:15
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76F37901568BB992948A56E371EFE0BB4218B4E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Tue 17 Jun 2025 00:50:29 +0000
ROA not before: Tue 17 Jun 2025 00:50:29 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:f3:79:01:56:8b:b9:92:94:8a:56:e3:71:ef:e0:bb:42:18:b4:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:29 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=b8ea95602b2ccb4e9e537b93492442b8bd874a7b0de6d534718c9735811cdcb6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e6:b4:55:5a:ed:11:1b:34:2f:90:a9:50:25:
13:3b:01:57:a1:ae:36:6e:62:fa:e8:42:61:c3:34:
20:39:cc:57:df:53:28:e0:d7:8d:34:2e:a0:1c:a3:
ae:f8:83:0f:ac:aa:bf:56:5d:d0:c0:9a:d0:9b:ec:
50:23:06:38:ba:b0:44:9e:fb:55:13:7b:4a:59:50:
fe:4f:2f:29:33:88:32:15:4e:75:23:45:a0:64:e3:
75:29:8f:94:aa:a9:03:76:4d:a3:b2:88:d4:41:14:
7c:3b:09:7f:7c:c8:ff:ec:72:86:d9:10:8d:e7:2d:
ce:99:65:a2:93:b0:55:40:e5:b1:5c:2d:ca:8f:7e:
20:66:62:07:d3:45:94:bf:10:e1:be:a9:02:bf:17:
cd:70:73:ad:3c:c0:6c:4b:46:6a:50:a2:0b:67:18:
9f:ad:a1:97:b5:55:a4:2f:53:17:53:db:71:e8:e4:
57:7d:f8:ea:c9:94:a5:99:4c:53:79:11:e1:50:33:
3d:af:c9:16:40:ae:58:b3:f9:3b:cb:f5:fc:cb:98:
cc:48:f2:e6:2d:35:30:d5:79:61:b8:ac:71:7a:05:
9f:40:a7:01:79:db:8b:67:98:b4:b8:78:22:6f:f9:
ac:97:42:19:d4:3c:8c:43:ee:f7:84:2b:93:e1:4f:
b0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FF:59:B5:CE:25:FE:D1:B7:35:44:BB:57:2A:23:7F:DD:D5:34:15
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:2c:5f:cd:e6:bf:c4:4f:9a:52:ce:75:ca:28:ba:fb:b1:ee:
69:d6:f3:bc:89:4e:4c:cf:10:7c:20:ee:58:fa:fe:88:fb:47:
f8:07:39:13:82:d1:fb:39:d5:5c:73:1a:25:5d:08:b5:a6:37:
0f:8a:2c:a6:46:f4:e9:0e:81:75:d2:ff:44:bc:c1:4d:21:40:
5e:fa:7b:41:b1:e7:09:57:d2:cf:d3:fc:90:37:d0:eb:32:02:
48:a1:a4:bf:69:a7:22:2a:f1:a8:74:93:33:2e:75:09:82:fc:
0e:07:0f:8c:4b:36:9a:28:37:18:c2:44:e1:91:78:20:8c:dc:
37:d5:e7:5a:bb:c9:5b:9d:b1:c2:ae:a8:64:f8:3e:0c:0e:a8:
dc:d3:6a:56:de:5d:a4:69:f3:c6:ac:8a:cc:d3:c1:2a:c4:44:
1e:3a:4d:62:10:e8:fe:44:5f:ef:3e:da:c7:81:d0:c0:1d:8c:
77:05:75:79:ac:3f:52:2e:c9:62:1d:b7:35:55:86:cc:1c:78:
f9:dd:cb:ff:f7:b3:dd:58:9e:99:50:e0:5c:08:f8:12:3c:02:
7b:0e:ca:4f:46:11:75:20:6d:78:1b:d6:9b:f6:26:6f:b7:3e:
2a:89:5d:95:cc:be:48:17:3d:6a:46:3f:d3:bd:ce:31:17:73:
4f:4c:f4:df
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdvN5AVaLuZKUilbjce/gu0IYtOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMjlaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4ZWE5NTYwMmIyY2NiNGU5ZTUzN2I5MzQ5MjQ0MmI4YmQ4NzRhN2IwZGU2
ZDUzNDcxOGM5NzM1ODExY2RjYjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjmtFVa7REbNC+QqVAlEzsBV6GuNm5i+uhCYcM0IDnMV99TKODXjTQuoByj
rviDD6yqv1Zd0MCa0JvsUCMGOLqwRJ77VRN7SllQ/k8vKTOIMhVOdSNFoGTjdSmP
lKqpA3ZNo7KI1EEUfDsJf3zI/+xyhtkQjectzpllopOwVUDlsVwtyo9+IGZiB9NF
lL8Q4b6pAr8XzXBzrTzAbEtGalCiC2cYn62hl7VVpC9TF1PbcejkV3346smUpZlM
U3kR4VAzPa/JFkCuWLP5O8v1/MuYzEjy5i01MNV5YbiscXoFn0CnAXnbi2eYtLh4
Im/5rJdCGdQ8jEPu94Qrk+FPsGkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTP/1m1
ziX+0bc1RLtXKiN/3dU0FTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQAKLF/N5r/ET5pSznXKKLr7se5p1vO8iU5MzxB8IO5Y
+v6I+0f4BzkTgtH7OdVccxolXQi1pjcPiiymRvTpDoF10v9EvMFNIUBe+ntBsecJ
V9LP0/yQN9DrMgJIoaS/aaciKvGodJMzLnUJgvwOBw+MSzaaKDcYwkThkXggjNw3
1edau8lbnbHCrqhk+D4MDqjc02pW3l2kafPGrIrM08EqxEQeOk1iEOj+RF/vPtrH
gdDAHYx3BXV5rD9SLsliHbc1VYbMHHj53cv/97PdWJ6ZUOBcCPgSPAJ7DspPRhF1
IG14G9ab9iZvtz4qiV2VzL5IFz1qRj/Tvc4xF3NPTPTf
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:52:43 2025 by rpki-client