Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: hCEkUObjVbepO16Ccbgln/rk4X3PeOEs4tuOUy2tq+E=
Subject key identifier: FB:C5:5B:AE:41:00:36:3C:F0:4A:11:EB:AB:69:D8:C3:8A:70:23:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2079330D869FFEE49F114800A60D84D02406F51E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Mon 16 Jun 2025 21:51:26 +0000
ROA not before: Mon 16 Jun 2025 21:51:26 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:79:33:0d:86:9f:fe:e4:9f:11:48:00:a6:0d:84:d0:24:06:f5:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:26 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=71c6a82d80d489ceda54344da0ca946bdaa6de957cc7185f0771b75e78e66f35, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:b6:e0:9c:1c:21:06:d6:0d:ca:f6:b1:9a:
da:ee:47:21:45:63:26:28:d3:e4:82:be:d3:ab:57:
72:0b:c0:04:ec:61:ed:7e:9c:03:7b:1c:3c:8f:1e:
7d:52:fa:fd:d3:23:8e:82:a1:70:f9:3e:f6:9e:05:
da:9a:ef:15:17:80:67:6c:df:3c:db:3c:ed:72:72:
2a:4e:17:09:e0:fa:20:68:48:2b:70:fe:c6:32:a0:
e3:ac:97:d3:95:c3:cf:73:8e:59:f5:f7:05:14:9d:
fc:37:9e:9d:0a:09:c1:d7:29:dd:dc:07:fd:b0:91:
19:8f:06:b2:ee:b7:68:c3:b7:19:82:30:7b:c8:07:
40:3d:2c:3d:57:c5:fd:95:fd:54:ff:03:b3:8a:4a:
1f:11:5c:f4:54:9a:6a:37:ab:16:18:27:66:e0:d1:
a5:e0:53:d7:49:a3:c0:fb:fd:bf:ef:9a:65:83:88:
2a:67:1e:88:78:6c:81:20:36:22:04:8b:b0:b4:1d:
b5:9e:4d:a8:31:00:c8:04:10:4a:e7:df:b6:67:0b:
e9:a2:c8:69:02:26:35:ea:95:14:61:22:74:0a:5d:
33:b0:6a:96:1c:34:4a:d4:f1:b6:f2:94:65:90:a9:
84:0a:32:0a:53:60:43:94:64:27:b1:54:53:c8:0e:
57:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C5:5B:AE:41:00:36:3C:F0:4A:11:EB:AB:69:D8:C3:8A:70:23:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c0:4e:42:22:ea:b1:b5:26:8d:a6:f6:f2:ac:34:aa:9f:42:b9:
64:b3:db:f8:00:83:08:04:ab:1c:e0:ce:29:59:df:1c:e0:f2:
43:3a:59:1b:0d:9f:bc:11:f7:66:e3:dc:06:0f:4f:32:a1:70:
29:7b:9d:09:e4:6f:8a:33:1e:a7:79:3d:62:4a:d9:a6:ca:35:
36:a4:e6:68:8a:f3:df:46:a4:63:ee:2d:60:78:fb:90:45:04:
7f:c8:9c:69:7f:11:91:da:4c:3e:76:34:f2:76:bb:bc:93:f4:
f2:44:cd:05:7c:d2:1f:70:86:44:73:06:a9:4c:4c:9c:2d:61:
3d:8a:2d:ad:ef:c0:9e:98:8d:77:d8:10:1b:bb:37:60:36:18:
e0:25:d4:8d:67:f2:40:c6:60:57:9d:a8:c9:06:19:37:33:70:
ae:b3:fc:21:1d:4d:cd:f2:f2:5d:43:aa:24:cb:0c:2d:0f:88:
a0:f1:f5:3f:d2:58:b7:9e:7f:7c:11:ab:1b:ce:15:7a:3a:7e:
47:ef:4c:37:2b:64:46:6f:0b:fa:f2:9d:ec:17:6c:fb:9c:0a:
e4:89:53:8d:07:8e:4e:8f:26:d8:b4:86:d3:fb:4b:0d:da:a8:
b4:59:58:77:12:3d:3d:f1:01:af:5b:2e:04:b0:55:73:35:65:
f2:18:cd:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIHkzDYaf/uSfEUgApg2E0CQG9R4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMjZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxYzZhODJkODBkNDg5Y2VkYTU0MzQ0ZGEwY2E5NDZiZGFhNmRlOTU3Y2M3
MTg1ZjA3NzFiNzVlNzhlNjZmMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKf0tuCcHCEG1g3K9rGa2u5HIUVjJijT5IK+06tXcgvABOxh7X6cA3scPI8e
fVL6/dMjjoKhcPk+9p4F2prvFReAZ2zfPNs87XJyKk4XCeD6IGhIK3D+xjKg46yX
05XDz3OOWfX3BRSd/DeenQoJwdcp3dwH/bCRGY8Gsu63aMO3GYIwe8gHQD0sPVfF
/ZX9VP8Ds4pKHxFc9FSaajerFhgnZuDRpeBT10mjwPv9v++aZYOIKmceiHhsgSA2
IgSLsLQdtZ5NqDEAyAQQSufftmcL6aLIaQImNeqVFGEidApdM7Bqlhw0StTxtvKU
ZZCphAoyClNgQ5RkJ7FUU8gOV5ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT7xVuu
QQA2PPBKEeuradjDinAjWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDATkIi6rG1Jo2m9vKsNKqfQrlks9v4AIMIBKsc4M4p
Wd8c4PJDOlkbDZ+8Efdm49wGD08yoXApe50J5G+KMx6neT1iStmmyjU2pOZoivPf
RqRj7i1gePuQRQR/yJxpfxGR2kw+djTydru8k/TyRM0FfNIfcIZEcwapTEycLWE9
ii2t78CemI132BAbuzdgNhjgJdSNZ/JAxmBXnajJBhk3M3Cus/whHU3N8vJdQ6ok
ywwtD4ig8fU/0li3nn98EasbzhV6On5H70w3K2RGbwv68p3sF2z7nArkiVONB45O
jybYtIbT+0sN2qi0WVh3Ej098QGvWy4EsFVzNWXyGM1w
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:02:58 2025 by rpki-client