Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: iZDbOeBuE1j5x+xOSl09fCIFP69akIU9W/Os1ooQ5Z8=
Subject key identifier: 4E:07:97:6E:37:E4:9A:BD:A4:A9:CD:22:68:B1:14:D0:9C:4B:DE:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E0A48B7AAEE82C26BCE91F6BFB8EBAC2CA4876D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Wed 25 Jun 2025 00:50:26 +0000
ROA not before: Wed 25 Jun 2025 00:50:26 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:0a:48:b7:aa:ee:82:c2:6b:ce:91:f6:bf:b8:eb:ac:2c:a4:87:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:26 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=f9058d1787776b626d185298a607115fffb14ea91ace8504f78408518292af83, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:b2:27:3a:d4:c7:e6:20:ab:05:2c:d5:b4:
eb:42:84:69:12:e3:78:f0:68:2a:7e:73:9e:c0:c9:
14:09:6f:35:e9:11:c1:39:a1:72:33:f7:33:99:ec:
79:a5:e9:ce:25:7c:ce:19:94:15:fa:93:4c:61:91:
49:39:67:d1:78:da:9f:23:ba:39:f4:15:51:56:1f:
ef:42:02:79:b9:57:bf:95:d1:21:4e:3e:0f:80:d8:
fe:40:ad:32:62:93:72:54:5c:54:59:37:7a:3a:77:
68:d8:be:4f:32:80:a1:ee:83:4c:b2:1e:e0:30:a4:
a4:c9:15:63:c9:c1:62:fa:45:cf:9e:14:11:bc:05:
fa:7f:24:8e:25:7e:5e:0c:4e:94:56:fa:f6:f2:f9:
c2:f9:e1:ad:d9:b8:cb:13:3d:1a:a2:bc:f4:1f:0e:
54:a1:c5:ad:14:54:6e:68:39:93:fb:cb:5e:ad:67:
28:87:e8:ef:5e:bc:a3:fc:a5:41:f6:fe:36:f2:b3:
8b:8f:38:65:5e:0c:ae:7a:46:c0:42:34:a4:45:0c:
19:f8:1e:be:30:92:08:0f:a2:55:a3:9a:83:34:59:
e0:51:ca:82:42:5f:e5:d0:6f:1c:33:0f:a2:ce:20:
a9:b4:40:89:9a:a5:7f:1a:d5:72:b5:66:25:2b:0c:
b1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:07:97:6E:37:E4:9A:BD:A4:A9:CD:22:68:B1:14:D0:9C:4B:DE:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:1b:7c:64:67:35:8f:2f:d3:c6:83:47:29:93:43:ed:38:a5:
d7:4d:ce:a0:02:79:8e:92:ff:81:e1:48:65:32:46:e8:23:d8:
5e:48:72:4f:63:9b:f7:79:83:52:a8:7b:37:04:19:68:14:0e:
76:9c:85:4a:75:eb:8f:86:fd:b9:61:91:f0:30:a1:48:0e:8a:
06:d7:8e:17:9f:9a:5c:5d:1f:60:e9:42:65:f9:59:e4:5b:2f:
b4:dc:d7:00:f3:27:3a:21:a2:92:bd:2b:c2:61:96:b1:93:a2:
d0:06:b3:84:ed:0b:b3:fb:9e:e0:42:db:3b:de:ed:61:f3:d8:
5d:a7:36:1d:d9:3b:de:ba:9c:e2:5b:d8:5f:e3:3c:42:dd:c3:
9a:fc:01:ce:12:0d:10:5c:f4:8e:86:36:a8:e2:74:e8:7f:65:
19:68:26:4b:87:6d:51:57:9a:dd:5b:ef:af:65:49:74:fd:37:
82:9e:d3:f6:31:90:07:de:69:b7:f8:b9:08:d0:0d:03:38:73:
9d:43:61:ae:3a:d9:30:bc:35:40:ec:b8:e7:80:0d:53:11:9b:
bf:11:cf:4e:28:99:fb:92:9e:4a:60:7b:a0:2f:08:e8:1c:45:
c6:77:13:f4:60:4b:25:ff:30:14:28:5d:7b:a0:4b:75:dc:2b:
1a:0a:29:df
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTgpIt6rugsJrzpH2v7jrrCykh20wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjZaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MDU4ZDE3ODc3NzZiNjI2ZDE4NTI5OGE2MDcxMTVmZmZiMTRlYTkxYWNl
ODUwNGY3ODQwODUxODI5MmFmODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcfsic61MfmIKsFLNW060KEaRLjePBoKn5znsDJFAlvNekRwTmhcjP3M5ns
eaXpziV8zhmUFfqTTGGRSTln0XjanyO6OfQVUVYf70ICeblXv5XRIU4+D4DY/kCt
MmKTclRcVFk3ejp3aNi+TzKAoe6DTLIe4DCkpMkVY8nBYvpFz54UEbwF+n8kjiV+
XgxOlFb69vL5wvnhrdm4yxM9GqK89B8OVKHFrRRUbmg5k/vLXq1nKIfo7168o/yl
Qfb+NvKzi484ZV4MrnpGwEI0pEUMGfgevjCSCA+iVaOagzRZ4FHKgkJf5dBvHDMP
os4gqbRAiZqlfxrVcrVmJSsMsTECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROB5du
N+SavaSpzSJosRTQnEvejzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQBpG3xkZzWPL9PGg0cpk0PtOKXXTc6gAnmOkv+B4Uhl
MkboI9heSHJPY5v3eYNSqHs3BBloFA52nIVKdeuPhv25YZHwMKFIDooG144Xn5pc
XR9g6UJl+VnkWy+03NcA8yc6IaKSvSvCYZaxk6LQBrOE7Quz+57gQts73u1h89hd
pzYd2TveupziW9hf4zxC3cOa/AHOEg0QXPSOhjao4nTof2UZaCZLh21RV5rdW++v
ZUl0/TeCntP2MZAH3mm3+LkI0A0DOHOdQ2GuOtkwvDVA7LjngA1TEZu/Ec9OKJn7
kp5KYHugLwjoHEXGdxP0YEsl/zAUKF17oEt13CsaCinf
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:04:59 2025 by rpki-client