Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
File: 39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa (raw, json)
Hash identifier: a2W9y/2ZIGk8DNjER75AWPxSlmvC/dnnU02IJvaRAzs=
Subject key identifier: F7:89:C9:8A:F2:14:F3:15:51:D6:D0:E8:9B:58:5F:9A:1E:A8:95:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FAD376916D0FF39F7C6BE4612A48D1C4D6CA963
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
Signing time: Tue 17 Jun 2025 00:51:01 +0000
ROA not before: Tue 17 Jun 2025 00:51:01 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ad:37:69:16:d0:ff:39:f7:c6:be:46:12:a4:8d:1c:4d:6c:a9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:01 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=7c54d53c50b11b14a9cabdf65baa001fb81564e5bbad51bb2c382e334f46d9e7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1b:68:d1:b6:2e:6a:71:01:0f:78:e2:63:a5:
6f:29:36:72:e7:17:4d:c5:8e:1e:9d:fd:80:7e:cd:
17:dc:87:18:fd:bb:37:be:0c:f7:20:9b:92:80:f7:
a4:82:e8:7b:63:73:f3:41:a0:9d:6e:3f:2d:cb:e0:
5b:3e:32:d4:74:1f:7a:54:b2:ce:6a:3f:da:86:93:
fa:2f:7f:ed:a6:b4:9d:b2:d4:97:ee:82:1b:24:ef:
e1:e2:1a:3d:d4:0f:b7:d4:79:b2:aa:c0:c9:4c:3e:
87:11:06:0d:19:6b:e4:c4:0a:7f:74:2f:ca:3b:a2:
b5:50:64:40:2d:eb:db:6c:43:ce:5e:0c:f6:ec:5a:
6f:69:ad:07:4c:3e:94:33:df:7b:bd:15:88:cb:4c:
b7:15:c0:f5:89:cf:12:80:8a:ee:8d:e4:01:fb:fa:
2f:2a:f5:eb:a8:c2:47:31:4a:4b:fb:90:ef:46:4e:
9c:b5:b9:26:0a:d9:d2:19:4f:fb:c8:99:6a:06:4b:
24:36:04:04:99:c2:3a:58:b7:a5:97:fb:ba:04:9f:
29:26:c8:ad:c0:36:62:f0:95:db:6a:f2:d8:a6:3d:
2b:b5:86:8d:26:c4:cb:71:69:d4:41:90:43:5d:a8:
5d:c7:53:1d:94:87:90:1c:41:7e:1c:34:ad:63:e1:
d8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:89:C9:8A:F2:14:F3:15:51:D6:D0:E8:9B:58:5F:9A:1E:A8:95:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.80.0/21
Signature Algorithm: sha256WithRSAEncryption
73:65:e8:9a:5e:2a:f1:88:91:12:d6:e9:32:b3:c3:2f:b3:dd:
f1:83:ec:56:6c:f5:22:c5:2e:9a:be:96:32:95:d5:c1:99:df:
36:e4:74:31:3d:d4:6d:50:ae:41:c1:f3:6c:ba:e4:60:d4:b5:
5a:33:57:c4:8d:46:2c:f8:cd:e7:ff:10:ab:82:bf:83:b5:86:
db:f1:dc:98:04:ec:ec:48:4c:72:9b:fc:96:e5:ec:ef:c6:1c:
04:d2:69:7a:2a:dd:92:29:46:bb:9d:de:2d:fa:8a:69:88:6e:
96:ae:b0:0f:77:50:03:69:aa:7f:41:9f:de:30:48:1f:30:a4:
6b:b0:2c:1f:bd:ae:75:15:78:26:91:1c:67:f1:d7:d9:45:fc:
14:0e:2f:a1:53:73:9a:96:f0:73:de:8d:ed:f4:7c:38:e9:7c:
72:a4:15:31:ea:bf:b7:15:6b:63:e5:93:b8:ee:f7:cf:03:a8:
25:82:94:9e:65:07:c6:0d:2a:5b:ce:d0:9e:88:a0:fb:28:50:
d8:d2:a0:f4:64:49:2f:35:b0:cd:30:e1:8d:52:d7:9c:4c:22:
7d:8f:f4:21:53:d6:69:a5:52:a8:37:06:02:79:03:e9:5b:e1:
01:ba:aa:87:6e:26:76:c8:75:26:f5:09:a5:46:08:2c:40:d8:
33:54:a1:d3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb603aRbQ/zn3xr5GEqSNHE1sqWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDFaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjNTRkNTNjNTBiMTFiMTRhOWNhYmRmNjViYWEwMDFmYjgxNTY0ZTViYmFk
NTFiYjJjMzgyZTMzNGY0NmQ5ZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEbaNG2LmpxAQ944mOlbyk2cucXTcWOHp39gH7NF9yHGP27N74M9yCbkoD3
pILoe2Nz80GgnW4/LcvgWz4y1HQfelSyzmo/2oaT+i9/7aa0nbLUl+6CGyTv4eIa
PdQPt9R5sqrAyUw+hxEGDRlr5MQKf3QvyjuitVBkQC3r22xDzl4M9uxab2mtB0w+
lDPfe70ViMtMtxXA9YnPEoCK7o3kAfv6Lyr166jCRzFKS/uQ70ZOnLW5JgrZ0hlP
+8iZagZLJDYEBJnCOli3pZf7ugSfKSbIrcA2YvCV22ry2KY9K7WGjSbEy3Fp1EGQ
Q12oXcdTHZSHkBxBfhw0rWPh2JUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT3icmK
8hTzFVHW0OibWF+aHqiVMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzkwMzJhMDUtMDhhYS00MmYyLTk4ZmMtOGFhNmFlZWUxZGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAUDAN
BgkqhkiG9w0BAQsFAAOCAQEAc2Xoml4q8YiREtbpMrPDL7Pd8YPsVmz1IsUumr6W
MpXVwZnfNuR0MT3UbVCuQcHzbLrkYNS1WjNXxI1GLPjN5/8Qq4K/g7WG2/HcmATs
7EhMcpv8luXs78YcBNJpeirdkilGu53eLfqKaYhulq6wD3dQA2mqf0Gf3jBIHzCk
a7AsH72udRV4JpEcZ/HX2UX8FA4voVNzmpbwc96N7fR8OOl8cqQVMeq/txVrY+WT
uO73zwOoJYKUnmUHxg0qW87Qnoig+yhQ2NKg9GRJLzWwzTDhjVLXnEwifY/0IVPW
aaVSqDcGAnkD6VvhAbqqh24mdsh1JvUJpUYILEDYM1Sh0w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:24:49 2025 by rpki-client