Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
File: 2ce9a789-9599-4c9d-a093-ead3033f60d1.roa (raw, json)
Hash identifier: 7xdMRS8iR6RJsECus/NrROVbjZwFYPxJtS0M1KN/WQU=
Subject key identifier: C6:99:A0:8A:C8:25:55:AC:62:50:96:C6:81:4B:04:04:23:8D:1D:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 416D46D5BDDC625683E61AB3B843AEBD7F321733
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
Signing time: Mon 16 Jun 2025 22:00:19 +0000
ROA not before: Mon 16 Jun 2025 22:00:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:6d:46:d5:bd:dc:62:56:83:e6:1a:b3:b8:43:ae:bd:7f:32:17:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a482b1e878cfa3343e85a565d69d0d422b42eac6935bdc62f60d83bec5827f5c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fa:1c:04:1d:b8:13:53:b8:74:63:78:e2:ca:
50:4d:52:dc:1d:ba:32:33:8b:20:2e:39:40:c7:56:
d8:97:2e:a6:5b:5d:d9:87:41:5d:b4:ef:56:bb:0d:
8d:21:cf:7a:1c:c2:c4:9d:38:f5:b9:80:b0:41:75:
79:87:f5:66:36:c1:4d:46:4d:6c:f7:9a:40:25:70:
c5:fc:08:33:32:16:55:96:fc:d0:6a:16:3d:59:2c:
40:df:b1:aa:b8:58:c2:8f:ae:c9:2e:db:9c:65:a6:
a7:79:7c:70:73:c5:a0:91:6f:3c:bd:d0:67:fe:a1:
3e:11:15:fe:4a:26:9a:cf:fc:96:90:62:3f:a2:24:
d3:3c:16:89:b2:09:ec:5e:2e:cb:eb:8e:63:08:ad:
e6:09:7a:c3:e4:87:55:d8:cf:0b:4c:ef:80:c9:be:
61:db:36:e9:06:5f:4c:4d:cd:ad:c3:a1:cf:9c:e6:
b4:fb:d3:89:c3:aa:7c:fd:1c:4a:09:0b:0e:1e:57:
30:a6:5a:71:f3:ea:67:4b:91:e6:e3:1c:df:b5:4f:
bc:25:05:1c:a2:aa:66:ca:e3:48:c7:92:36:43:7b:
5b:a9:bc:87:cb:93:fa:ec:c9:aa:9b:95:a3:6d:6c:
f4:bd:e8:0e:0b:1b:0b:0f:93:23:0b:57:d2:19:b5:
6b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:99:A0:8A:C8:25:55:AC:62:50:96:C6:81:4B:04:04:23:8D:1D:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:dc:a0:c9:7c:c6:0e:e5:0a:80:74:13:21:0a:1f:e3:d5:02:
30:f7:72:28:bb:07:96:c3:57:cb:76:8c:0e:16:13:c5:33:ae:
bc:1c:58:a0:28:62:46:27:64:ce:ca:4c:3b:a2:97:04:5f:2a:
9f:4f:d4:48:a1:c5:31:3f:60:2f:ae:84:65:f5:69:f1:98:0f:
46:37:db:29:a6:c1:21:78:34:7c:81:2c:79:5c:f1:00:13:dc:
4c:7d:26:8b:99:65:94:ce:fb:51:30:d9:c3:90:0b:c3:17:92:
f8:49:1f:b7:84:33:38:cb:17:36:51:c7:ce:2a:78:ce:ac:1b:
1b:ce:42:7d:01:4a:9b:04:8a:97:e7:1a:16:11:63:86:b1:8c:
77:44:82:ce:c2:34:f2:d5:23:b5:dd:64:bd:32:db:a7:6c:fb:
f1:16:31:51:62:d1:27:ad:a5:bc:36:26:7b:34:45:93:52:cd:
2a:b5:24:c5:d8:98:f3:cb:75:7b:f6:34:c7:8e:b9:ec:20:fb:
03:68:a9:a2:95:7a:ba:96:58:4f:7f:e0:97:cd:c1:dd:52:66:
18:3a:36:86:01:12:77:6f:96:12:67:c9:42:88:a3:04:d3:59:
6c:d1:f9:6e:b4:dc:96:a6:b6:ce:11:43:9c:07:ba:4f:56:08:
67:b6:8a:b9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQW1G1b3cYlaD5hqzuEOuvX8yFzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0ODJiMWU4NzhjZmEzMzQzZTg1YTU2NWQ2OWQwZDQyMmI0MmVhYzY5MzVi
ZGM2MmY2MGQ4M2JlYzU4MjdmNWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf6HAQduBNTuHRjeOLKUE1S3B26MjOLIC45QMdW2Jcupltd2YdBXbTvVrsN
jSHPehzCxJ049bmAsEF1eYf1ZjbBTUZNbPeaQCVwxfwIMzIWVZb80GoWPVksQN+x
qrhYwo+uyS7bnGWmp3l8cHPFoJFvPL3QZ/6hPhEV/komms/8lpBiP6Ik0zwWibIJ
7F4uy+uOYwit5gl6w+SHVdjPC0zvgMm+Yds26QZfTE3NrcOhz5zmtPvTicOqfP0c
SgkLDh5XMKZacfPqZ0uR5uMc37VPvCUFHKKqZsrjSMeSNkN7W6m8h8uT+uzJqpuV
o21s9L3oDgsbCw+TIwtX0hm1awECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTGmaCK
yCVVrGJQlsaBSwQEI40dhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmNlOWE3ODktOTU5OS00YzlkLWEwOTMtZWFkMzAzM2Y2MGQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBo3KDJfMYO5QqAdBMhCh/j1QIw93IouweWw1fLdowO
FhPFM668HFigKGJGJ2TOykw7opcEXyqfT9RIocUxP2AvroRl9WnxmA9GN9sppsEh
eDR8gSx5XPEAE9xMfSaLmWWUzvtRMNnDkAvDF5L4SR+3hDM4yxc2UcfOKnjOrBsb
zkJ9AUqbBIqX5xoWEWOGsYx3RILOwjTy1SO13WS9MtunbPvxFjFRYtEnraW8NiZ7
NEWTUs0qtSTF2Jjzy3V79jTHjrnsIPsDaKmilXq6llhPf+CXzcHdUmYYOjaGARJ3
b5YSZ8lCiKME01ls0flutNyWprbOEUOcB7pPVghntoq5
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:16:33 2025 by rpki-client