Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: LuA/jgeIUg7Ypxh+LxYA4o3KS3qEnlkJuKpkjWO3KEI=
Subject key identifier: 64:6E:8E:01:8E:F7:AC:5F:A3:6C:F8:C0:24:C8:24:D3:B9:A5:79:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CE08AF9099BE5706C5D26C0D9FE8D9315503E57
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Mon 16 Jun 2025 22:00:43 +0000
ROA not before: Mon 16 Jun 2025 22:00:43 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:e0:8a:f9:09:9b:e5:70:6c:5d:26:c0:d9:fe:8d:93:15:50:3e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:43 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=c8188e99355e81c285737ce3fb9292f54b453739a8fdf9d078829fca5ca4f533, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:fa:5b:06:c8:96:5b:63:c1:4a:d1:6f:c4:cc:
f3:76:1a:13:ec:ad:43:a1:fb:97:e9:de:71:26:93:
c9:a1:88:49:5f:21:ff:33:83:91:a7:c6:c6:83:4b:
9b:e8:dc:f3:9b:39:7a:12:1a:17:78:36:b1:0a:d1:
37:5a:1e:a6:3e:fa:dd:d5:19:cd:c9:98:42:3d:85:
ba:9b:b2:0a:50:75:5d:c7:c5:f5:95:22:db:8a:80:
07:25:ce:67:90:1f:2a:1a:69:2f:04:3c:69:23:5d:
30:dd:9e:e1:ed:5a:b5:34:c2:ab:dc:a1:b9:16:2c:
e5:bd:dd:f0:2d:0a:65:f0:4f:96:6a:70:e8:c9:10:
12:59:4f:16:7e:03:36:fe:7e:4f:75:89:0a:61:1c:
16:fc:fb:c7:ff:d8:b9:da:c4:37:19:36:7a:b7:30:
26:bc:08:c8:e8:ee:33:ed:0b:df:3b:a1:01:6c:b2:
a4:44:e1:e4:43:cf:23:28:dc:da:b5:30:2e:d0:56:
6c:a3:03:86:b0:fb:65:27:a8:1d:4a:8d:52:87:81:
65:4b:a1:c2:82:17:2a:8f:42:cd:d2:7b:45:c4:b1:
57:16:8e:a8:18:00:d5:2f:d7:c7:29:43:2b:c1:ec:
ac:83:21:26:b0:c7:5d:29:db:5b:9c:c3:71:b1:18:
a5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:6E:8E:01:8E:F7:AC:5F:A3:6C:F8:C0:24:C8:24:D3:B9:A5:79:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:54:6d:4e:2c:c3:89:16:13:71:eb:ca:b5:f0:ec:e6:8e:1e:
da:11:96:64:e0:3e:a8:a9:40:ae:c0:b4:08:15:e2:23:c6:eb:
6f:00:33:8c:0f:ee:6c:70:c6:e7:08:7b:42:8b:a0:3e:d4:10:
34:dd:b5:1b:d3:54:68:94:ad:1e:a4:e1:80:bd:4d:d9:ad:06:
3b:cc:86:a1:26:a5:a3:ea:4b:ce:af:ab:7b:45:94:ed:a5:a9:
3a:10:20:23:01:34:dc:5d:f2:cf:68:e2:01:87:c6:05:c1:58:
47:8b:e3:0d:40:b8:f9:28:dd:e7:a9:97:d4:d1:86:50:ca:8b:
9f:9b:09:94:5a:b1:d6:56:b1:6a:1f:28:7e:ca:01:ba:51:f7:
f5:b3:d4:13:cd:57:75:f3:aa:02:e5:4c:6a:0f:08:80:42:d2:
cb:7d:52:f3:63:64:03:64:19:08:1b:a8:b5:91:11:24:eb:81:
36:b9:da:da:db:7f:5e:32:1c:a7:c5:26:57:82:7e:58:c6:ba:
39:f1:91:67:80:97:fe:24:ac:d5:29:b4:3b:d2:9b:4a:e4:fb:
07:0b:97:7b:f2:94:21:7d:58:34:49:f6:04:43:66:cf:2b:7d:
6b:e9:b2:5a:89:56:7f:14:c2:c8:e9:7a:c8:c7:8d:e2:54:eb:
5e:01:c6:d4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfOCK+Qmb5XBsXSbA2f6NkxVQPlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwNDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4MTg4ZTk5MzU1ZTgxYzI4NTczN2NlM2ZiOTI5MmY1NGI0NTM3MzlhOGZk
ZjlkMDc4ODI5ZmNhNWNhNGY1MzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOr6WwbIlltjwUrRb8TM83YaE+ytQ6H7l+necSaTyaGISV8h/zODkafGxoNL
m+jc85s5ehIaF3g2sQrRN1oepj763dUZzcmYQj2FupuyClB1XcfF9ZUi24qAByXO
Z5AfKhppLwQ8aSNdMN2e4e1atTTCq9yhuRYs5b3d8C0KZfBPlmpw6MkQEllPFn4D
Nv5+T3WJCmEcFvz7x//YudrENxk2ercwJrwIyOjuM+0L3zuhAWyypETh5EPPIyjc
2rUwLtBWbKMDhrD7ZSeoHUqNUoeBZUuhwoIXKo9CzdJ7RcSxVxaOqBgA1S/XxylD
K8HsrIMhJrDHXSnbW5zDcbEYpcMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRkbo4B
jvesX6Ns+MAkyCTTuaV5WTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQAcVG1OLMOJFhNx68q18Ozmjh7aEZZk4D6oqUCuwLQI
FeIjxutvADOMD+5scMbnCHtCi6A+1BA03bUb01RolK0epOGAvU3ZrQY7zIahJqWj
6kvOr6t7RZTtpak6ECAjATTcXfLPaOIBh8YFwVhHi+MNQLj5KN3nqZfU0YZQyouf
mwmUWrHWVrFqHyh+ygG6Uff1s9QTzVd186oC5UxqDwiAQtLLfVLzY2QDZBkIG6i1
kREk64E2udra239eMhynxSZXgn5Yxro58ZFngJf+JKzVKbQ70ptK5PsHC5d78pQh
fVg0SfYEQ2bPK31r6bJaiVZ/FMLI6XrIx43iVOteAcbU
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:36:18 2025 by rpki-client