Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
File: 42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa (raw, json)
Hash identifier: qtnTggLRrhX0hKfL2JY0riYwt1Acsc/RgCI+r/wn5uQ=
Subject key identifier: E2:9F:2A:31:E5:D3:17:BD:13:39:9A:88:79:34:1B:F6:B5:4A:F0:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5B460909525B41BAB2CB6392E3EE0A385D370FE5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
Signing time: Tue 17 Jun 2025 00:50:28 +0000
ROA not before: Tue 17 Jun 2025 00:50:28 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:46:09:09:52:5b:41:ba:b2:cb:63:92:e3:ee:0a:38:5d:37:0f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:28 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=eb858789e7e693cf209e071e31c81b0c98bbad3b2924a68a83d635c80de58a19, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:08:db:3e:b7:e3:0e:b4:d9:ad:24:de:94:
9b:ab:85:86:a3:76:e9:9c:b0:b2:84:4e:ac:78:68:
04:f4:ca:7c:09:f5:4f:83:7e:14:45:42:f8:1d:18:
e4:b0:2c:19:04:12:de:03:52:57:d4:63:2b:77:ed:
de:c4:a9:bc:a7:9f:ec:ed:d4:03:57:b7:24:14:53:
b6:0a:d7:af:5c:db:f1:b4:3a:06:0c:5d:db:4b:b8:
b6:49:b9:be:30:6e:58:d7:55:7a:8f:2f:45:28:2b:
7c:65:f6:99:54:f2:7c:22:24:03:22:03:fd:45:8d:
f8:ef:d9:ad:ee:c4:43:58:1e:9d:34:7a:d8:d3:2d:
c2:fa:06:62:d7:66:3c:45:cc:fe:1c:a2:53:58:a1:
d6:db:a1:32:ac:e0:35:7a:b1:8c:e1:09:57:98:57:
72:f8:9f:d5:82:43:ad:09:79:0f:27:fd:aa:c4:94:
8f:65:54:94:cc:7b:5e:07:81:31:00:32:a8:ee:43:
94:50:34:69:58:3b:42:00:84:67:b8:ae:7c:00:dd:
90:b3:05:bd:f5:2d:67:4f:84:88:33:fa:46:a6:db:
77:28:ec:5a:24:ab:d7:2b:82:8a:41:5c:01:0f:1e:
fc:d5:04:02:2a:05:ed:a4:21:f5:73:36:17:e6:97:
f5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:9F:2A:31:E5:D3:17:BD:13:39:9A:88:79:34:1B:F6:B5:4A:F0:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:94:e4:e4:b2:4b:8d:85:60:7a:5c:f0:fd:1a:3e:98:24:a3:
2d:6a:29:cd:df:fc:a4:2c:19:f3:e1:b2:f6:c8:c7:08:8e:66:
c5:af:e0:1f:3a:54:f3:67:5b:b0:0f:93:1c:ba:b1:50:35:8b:
97:ed:b7:f0:8b:df:8f:8d:5c:5c:a9:cb:e3:08:44:7d:f9:4a:
63:02:15:94:c6:f9:71:f2:27:35:20:e3:06:25:25:8f:b9:f8:
c8:79:f8:33:80:81:d2:dc:84:02:03:41:a3:23:fc:54:7c:8a:
c5:8a:3a:2b:88:36:0b:48:58:78:c7:e5:3f:2f:7d:e0:a9:a3:
66:80:81:d7:4f:c9:4c:8f:68:9f:7d:da:55:ca:0c:0a:32:c8:
bd:ad:3b:72:ff:31:c8:05:81:b3:fc:78:0a:e0:55:7c:ca:aa:
1e:14:22:e9:15:13:4e:f1:b9:1b:82:19:11:64:8f:6b:85:67:
43:40:3b:a8:aa:27:2c:bf:c5:3b:86:c9:57:0d:88:b0:5d:4e:
fe:43:b0:5b:7a:45:f8:fe:ad:1d:8c:05:d5:de:5e:20:5d:d7:
b9:5b:9c:a0:93:c2:eb:c0:52:8a:da:1f:69:48:29:10:9c:b3:
cc:6d:69:48:4f:c2:2b:4d:38:9e:d4:5a:5d:1f:e6:8a:4a:c1:
f1:1d:15:1b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUW0YJCVJbQbqyy2OS4+4KOF03D+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMjhaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGViODU4Nzg5ZTdlNjkzY2YyMDllMDcxZTMxYzgxYjBjOThiYmFkM2IyOTI0
YTY4YTgzZDYzNWM4MGRlNThhMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBbCNs+t+MOtNmtJN6Um6uFhqN26ZywsoROrHhoBPTKfAn1T4N+FEVC+B0Y
5LAsGQQS3gNSV9RjK3ft3sSpvKef7O3UA1e3JBRTtgrXr1zb8bQ6Bgxd20u4tkm5
vjBuWNdVeo8vRSgrfGX2mVTyfCIkAyID/UWN+O/Zre7EQ1genTR62NMtwvoGYtdm
PEXM/hyiU1ih1tuhMqzgNXqxjOEJV5hXcvif1YJDrQl5Dyf9qsSUj2VUlMx7XgeB
MQAyqO5DlFA0aVg7QgCEZ7iufADdkLMFvfUtZ0+EiDP6RqbbdyjsWiSr1yuCikFc
AQ8e/NUEAioF7aQh9XM2F+aX9dkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTinyox
5dMXvRM5moh5NBv2tUrwrTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJmNDdjODUtZTlmZS00MGY5LWFlMWMtNTdlYTFiODA1NDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMYMA0G
CSqGSIb3DQEBCwUAA4IBAQC2lOTkskuNhWB6XPD9Gj6YJKMtainN3/ykLBnz4bL2
yMcIjmbFr+AfOlTzZ1uwD5McurFQNYuX7bfwi9+PjVxcqcvjCER9+UpjAhWUxvlx
8ic1IOMGJSWPufjIefgzgIHS3IQCA0GjI/xUfIrFijoriDYLSFh4x+U/L33gqaNm
gIHXT8lMj2iffdpVygwKMsi9rTty/zHIBYGz/HgK4FV8yqoeFCLpFRNO8bkbghkR
ZI9rhWdDQDuoqicsv8U7hslXDYiwXU7+Q7BbekX4/q0djAXV3l4gXde5W5ygk8Lr
wFKK2h9pSCkQnLPMbWlIT8IrTTie1FpdH+aKSsHxHRUb
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:14 2025 by rpki-client