Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json)
Hash identifier: tAOZpD5M7Z+gl0KaHT8N7D/1VmIwjg4pAUFe0zYHG20=
Subject key identifier: 8B:9F:66:E1:AE:D2:4B:E8:44:42:E7:E9:27:9F:42:26:DE:26:55:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1080D36B83EFDC30A6FB3CD47F995693D4D2C97B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
Signing time: Mon 16 Jun 2025 22:00:21 +0000
ROA not before: Mon 16 Jun 2025 22:00:21 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:80:d3:6b:83:ef:dc:30:a6:fb:3c:d4:7f:99:56:93:d4:d2:c9:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:21 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5e8edc387ce84bbec9b6bbbb6b5d45912286392c85c92aca15b57534530ced0b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ee:e9:48:1f:d6:e9:6a:72:da:e2:65:f3:d2:
aa:cf:b9:7e:86:d5:c0:54:e0:e7:bd:f2:fd:26:57:
bb:d7:49:d0:fa:92:c2:c8:6a:fd:c8:c8:5f:d5:38:
d2:cc:89:80:1d:a9:4b:d1:c3:a0:a9:4f:65:f9:ad:
99:96:e4:16:da:00:4a:e0:df:b9:4c:a0:68:15:8d:
5a:a5:b6:d4:f0:92:27:7c:ed:25:9f:0c:80:18:94:
2f:0e:88:71:13:23:a6:10:45:9b:c3:ec:a3:ea:9c:
84:12:f1:03:9f:fb:b1:ee:78:fe:47:eb:49:a6:85:
db:97:9f:72:92:20:05:6d:50:ad:1f:a2:e0:e3:86:
c5:d5:8c:0e:87:fd:8d:e5:3b:dc:7d:ea:1e:db:8b:
62:e5:95:45:cd:75:21:28:bc:ba:b0:2a:dc:7b:67:
01:51:ea:f9:6f:46:92:49:e7:17:4e:5e:1a:25:76:
bb:ae:c6:ee:b4:87:50:84:3a:03:7e:87:b4:29:09:
56:c6:29:af:17:84:e2:ff:80:6d:8f:44:c8:ee:d0:
58:58:09:5f:12:da:e0:c6:e9:80:cc:50:b8:f0:86:
86:98:45:9d:69:eb:e3:4e:40:c9:31:a0:12:be:9d:
dd:e9:ed:8d:36:16:72:51:97:de:b0:e6:9f:c4:96:
f0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9F:66:E1:AE:D2:4B:E8:44:42:E7:E9:27:9F:42:26:DE:26:55:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a7:e6:d6:d0:10:fb:09:b3:02:ad:be:d6:2d:b2:f0:54:41:42:
fb:94:c7:a3:19:5b:4d:dc:ad:4e:97:2f:5f:7d:9e:53:12:95:
a1:90:bb:78:bd:20:81:e9:5a:ad:a1:7a:88:11:b0:9c:13:91:
cd:a0:fc:6b:5a:67:94:41:8d:21:81:fd:51:51:44:6f:93:55:
85:68:de:7f:c6:85:10:3b:2a:76:29:49:e3:ae:46:38:d8:99:
4a:f8:c6:c2:e5:be:95:0a:30:d2:75:4c:28:58:c4:24:1e:c5:
9c:5f:d6:39:36:f7:01:b2:43:b9:cd:5e:37:6d:07:80:5e:f1:
4c:bd:6f:ca:30:c6:d5:df:5c:6c:a1:d5:ca:3b:ed:eb:d7:ab:
27:01:40:f1:60:f1:49:17:0e:6e:98:9d:4f:74:04:0b:09:4d:
5d:5f:11:00:07:f4:b4:ec:88:53:82:26:4a:ae:49:4c:07:7e:
30:f3:29:17:66:37:13:f2:d9:e8:ba:79:3e:40:c2:d5:a7:10:
5f:c0:bd:1e:56:91:e9:29:84:a2:55:44:a5:53:46:a1:c6:d8:
32:44:8d:9d:60:16:58:5d:19:55:42:7d:d3:76:7c:83:66:69:
9e:5a:08:ae:5b:70:c2:4e:09:d3:76:23:3e:9e:30:18:61:9d:
29:4f:af:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEIDTa4Pv3DCm+zzUf5lWk9TSyXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMjFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlOGVkYzM4N2NlODRiYmVjOWI2YmJiYjZiNWQ0NTkxMjI4NjM5MmM4NWM5
MmFjYTE1YjU3NTM0NTMwY2VkMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnu6Ugf1ulqctriZfPSqs+5fobVwFTg573y/SZXu9dJ0PqSwshq/cjIX9U4
0syJgB2pS9HDoKlPZfmtmZbkFtoASuDfuUygaBWNWqW21PCSJ3ztJZ8MgBiULw6I
cRMjphBFm8Pso+qchBLxA5/7se54/kfrSaaF25efcpIgBW1QrR+i4OOGxdWMDof9
jeU73H3qHtuLYuWVRc11ISi8urAq3HtnAVHq+W9GkknnF05eGiV2u67G7rSHUIQ6
A36HtCkJVsYprxeE4v+AbY9EyO7QWFgJXxLa4MbpgMxQuPCGhphFnWnr405AyTGg
Er6d3entjTYWclGX3rDmn8SW8F0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSLn2bh
rtJL6ERC5+knn0Im3iZVCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQCn5tbQEPsJswKtvtYtsvBUQUL7lMejGVtN3K1Oly9f
fZ5TEpWhkLt4vSCB6VqtoXqIEbCcE5HNoPxrWmeUQY0hgf1RUURvk1WFaN5/xoUQ
Oyp2KUnjrkY42JlK+MbC5b6VCjDSdUwoWMQkHsWcX9Y5NvcBskO5zV43bQeAXvFM
vW/KMMbV31xsodXKO+3r16snAUDxYPFJFw5umJ1PdAQLCU1dXxEAB/S07IhTgiZK
rklMB34w8ykXZjcT8tnounk+QMLVpxBfwL0eVpHpKYSiVUSlU0ahxtgyRI2dYBZY
XRlVQn3TdnyDZmmeWgiuW3DCTgnTdiM+njAYYZ0pT6/4
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:48:37 2025 by rpki-client