Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: 6RfgbJ3ZsYy52IW9e9fIS0ftOqkFKJtSPjcPM6DbBhU=
Subject key identifier: DB:1F:31:FD:5C:B6:15:88:7C:7F:E8:18:81:B8:B4:7E:7C:66:FC:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A82A92F88E015A84AE1ECD818DC84447288C773
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Mon 16 Jun 2025 22:00:16 +0000
ROA not before: Mon 16 Jun 2025 22:00:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:82:a9:2f:88:e0:15:a8:4a:e1:ec:d8:18:dc:84:44:72:88:c7:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e293d4e13ad5c40861f360368ca5ad776b3450f093b6bc8f52ff5d012358b93c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7f:5b:1a:39:9c:4e:ff:4a:19:54:2a:37:3f:
01:3f:8d:0a:5d:9c:07:c2:32:a8:1d:85:d2:ee:59:
5d:65:c9:08:61:01:47:84:85:3a:f8:60:0f:27:f6:
46:34:7b:e1:2d:e2:56:3b:1e:09:c9:00:49:08:06:
d8:8f:bd:86:36:52:8e:83:28:e9:27:b7:e5:bd:b6:
72:11:58:b8:6d:0f:0c:30:54:c8:a0:88:6b:44:88:
3e:74:4a:23:48:b6:d2:14:7a:21:92:dc:ab:f9:dc:
64:ae:62:ac:a0:31:04:b2:b3:73:b0:0c:ef:38:1e:
fb:38:a1:b8:29:8b:cc:a7:4b:2d:d6:91:df:85:9b:
d6:fd:bd:71:f0:3a:4e:85:15:fc:05:8a:73:89:12:
e2:a9:01:d8:d5:65:4f:ff:6e:8e:12:89:01:c8:58:
cf:7f:e8:20:37:52:79:db:8d:aa:6a:1f:2b:f8:f4:
12:4e:f7:42:5d:e8:96:db:58:bf:ca:a3:53:64:76:
69:9b:42:f6:3b:9d:84:30:48:1f:a9:29:b9:0a:aa:
61:8f:a6:af:f6:bd:1f:4f:f0:2c:e0:67:56:27:e2:
e1:2c:11:1a:bc:a0:71:ec:3f:61:d0:8a:52:c4:d0:
8b:a4:4d:78:7f:43:a5:54:34:fb:e5:f1:bd:4d:41:
7a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1F:31:FD:5C:B6:15:88:7C:7F:E8:18:81:B8:B4:7E:7C:66:FC:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:75:fb:02:b8:54:cc:0c:f7:aa:99:34:74:6d:fb:33:7d:be:
07:33:8b:41:2f:d0:e0:ef:4c:73:6c:28:ae:5a:46:59:88:99:
b2:08:14:b6:13:51:d6:5c:29:48:7c:da:76:14:58:e5:20:0c:
21:3c:b4:50:7e:63:3c:3b:a9:38:91:d6:09:fd:2a:f5:9a:12:
96:31:33:03:9d:5f:ac:36:05:54:59:0c:bb:09:05:7e:d2:46:
6b:44:ec:ce:24:63:95:b2:f2:36:c0:7d:f9:4f:80:4f:ef:83:
4f:44:3e:13:f0:2d:f6:d4:b4:fc:49:04:5f:3c:a9:45:1e:bb:
05:bb:39:5d:fd:44:3e:61:20:0e:eb:66:7b:46:2b:9b:fd:5b:
e7:37:34:36:8c:89:5c:97:3e:de:77:19:8d:d7:6d:71:fd:c5:
19:bf:ca:7e:38:f1:b0:69:c1:41:50:9d:ca:0d:f9:14:ff:5c:
1c:08:2d:36:f0:e9:a3:38:16:9e:b4:f2:00:9e:db:de:81:fe:
69:37:23:65:ff:44:ef:8b:4a:0c:ca:e9:0a:1b:95:9f:ea:02:
38:e8:ed:71:7d:17:36:7e:74:94:5b:ce:38:4a:78:1c:5a:53:
58:ac:9c:51:5d:ad:c2:47:94:9f:f1:98:8b:de:92:8b:fb:f7:
e5:24:19:32
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaoKpL4jgFahK4ezYGNyERHKIx3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyOTNkNGUxM2FkNWM0MDg2MWYzNjAzNjhjYTVhZDc3NmIzNDUwZjA5M2I2
YmM4ZjUyZmY1ZDAxMjM1OGI5M2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9/Wxo5nE7/ShlUKjc/AT+NCl2cB8IyqB2F0u5ZXWXJCGEBR4SFOvhgDyf2
RjR74S3iVjseCckASQgG2I+9hjZSjoMo6Se35b22chFYuG0PDDBUyKCIa0SIPnRK
I0i20hR6IZLcq/ncZK5irKAxBLKzc7AM7zge+zihuCmLzKdLLdaR34Wb1v29cfA6
ToUV/AWKc4kS4qkB2NVlT/9ujhKJAchYz3/oIDdSeduNqmofK/j0Ek73Ql3olttY
v8qjU2R2aZtC9judhDBIH6kpuQqqYY+mr/a9H0/wLOBnVifi4SwRGrygcew/YdCK
UsTQi6RNeH9DpVQ0++XxvU1Beg0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTbHzH9
XLYViHx/6BiBuLR+fGb8GTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQAYdfsCuFTMDPeqmTR0bfszfb4HM4tBL9Dg70xzbCiu
WkZZiJmyCBS2E1HWXClIfNp2FFjlIAwhPLRQfmM8O6k4kdYJ/Sr1mhKWMTMDnV+s
NgVUWQy7CQV+0kZrROzOJGOVsvI2wH35T4BP74NPRD4T8C321LT8SQRfPKlFHrsF
uzld/UQ+YSAO62Z7Riub/VvnNzQ2jIlclz7edxmN121x/cUZv8p+OPGwacFBUJ3K
DfkU/1wcCC028OmjOBaetPIAntvegf5pNyNl/0Tvi0oMyukKG5Wf6gI46O1xfRc2
fnSUW844SngcWlNYrJxRXa3CR5Sf8ZiL3pKL+/flJBky
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:31:25 2025 by rpki-client