Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: 8ImukmoEs8/1f9a6gtSIbYC5Juf+QiBqG9T5Io8neIs=
Subject key identifier: 13:B1:8A:19:39:71:36:9B:7A:79:63:95:B3:F6:8E:C6:8B:CD:64:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 230CD0ADBD10542468AED0FA7A9F43596FEFD4F0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Mon 16 Jun 2025 21:50:57 +0000
ROA not before: Mon 16 Jun 2025 21:50:57 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:0c:d0:ad:bd:10:54:24:68:ae:d0:fa:7a:9f:43:59:6f:ef:d4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:57 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=a9e10dec25177739fa0e9795d63ce20fabb183b193f06d4b83639a14c56f910e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:99:f6:6f:a2:52:af:80:e1:8b:ff:71:36:a9:
88:b0:da:10:db:1e:3a:ee:20:00:b1:ca:95:84:f5:
53:47:d2:10:f0:cd:1c:35:42:c3:0c:b8:cf:63:37:
ce:4e:2d:6b:88:d2:68:5f:af:b4:b4:ab:5e:28:91:
36:2f:73:66:df:42:67:d9:45:cb:b1:bb:db:4f:0b:
d5:81:b2:f2:09:fd:d3:11:38:55:8c:4c:f6:ad:d8:
08:4d:f4:02:ca:81:8c:93:bf:e2:62:79:c4:b9:07:
a7:07:d1:ad:2b:79:1a:84:30:a8:31:5f:8c:41:58:
ad:d4:71:b2:7a:2f:d1:7e:a6:2f:43:72:3d:27:99:
9a:90:ab:86:ba:8a:da:d9:85:4b:a9:c2:83:39:c2:
02:19:24:0a:49:d7:21:dc:d5:b1:1a:f5:8d:4f:1e:
ee:a7:af:36:b7:59:2f:b5:cd:af:d5:7b:05:27:ce:
b2:40:00:3e:e1:a9:18:47:92:45:25:41:9a:46:90:
16:d7:f9:cc:c0:2e:33:16:e3:7d:78:e1:78:9d:95:
8b:cc:78:78:85:0d:11:cf:1d:2c:de:61:bd:39:13:
dd:9b:c9:d0:51:d3:13:07:2d:ac:a2:8c:b2:66:0d:
8d:32:68:b8:57:04:15:b0:42:c1:52:d4:2b:6f:ad:
3b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:B1:8A:19:39:71:36:9B:7A:79:63:95:B3:F6:8E:C6:8B:CD:64:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:84:d8:1e:70:9b:63:82:66:db:94:92:6f:38:0a:6e:1c:b9:
ef:da:ff:03:f9:9e:6a:c0:3a:d3:d0:30:c4:17:39:b4:5f:d9:
fc:6c:a7:d5:e3:ae:c6:73:5e:27:43:9c:7a:66:82:76:7a:ec:
fc:3c:ed:2e:24:72:84:53:91:dd:ce:c2:17:45:ad:73:f3:e9:
42:95:eb:06:0a:bf:b5:84:70:29:08:a7:b8:fc:38:40:8b:59:
97:7e:70:ea:4a:ae:9b:df:f7:f7:b7:35:98:1b:40:f9:37:69:
5f:88:05:f3:96:2f:7c:1b:00:cb:cf:e5:bc:5b:40:15:cf:26:
d4:f6:28:b7:57:c6:49:d3:4b:15:c7:36:91:48:22:b3:02:9f:
b9:51:7e:f9:b6:eb:f1:86:01:02:0a:f0:eb:6b:cf:c5:a3:b7:
00:a7:c7:ce:27:36:ff:aa:03:56:62:c1:33:12:b6:13:0a:db:
24:fb:34:21:28:86:58:ae:f6:72:d2:09:87:7c:4f:eb:6b:1e:
38:9c:99:8a:62:3c:f8:b2:dd:b3:e5:42:31:1d:27:5d:35:53:
53:9a:89:7b:1c:e0:dc:4b:c7:a0:a1:33:42:ef:88:b7:0b:d0:
e3:e3:1c:db:ed:8a:35:0d:bf:2a:a6:68:4d:e8:9d:54:0d:cf:
26:28:84:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIwzQrb0QVCRortD6ep9DWW/v1PAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5ZTEwZGVjMjUxNzc3MzlmYTBlOTc5NWQ2M2NlMjBmYWJiMTgzYjE5M2Yw
NmQ0YjgzNjM5YTE0YzU2ZjkxMGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOZ9m+iUq+A4Yv/cTapiLDaENseOu4gALHKlYT1U0fSEPDNHDVCwwy4z2M3
zk4ta4jSaF+vtLSrXiiRNi9zZt9CZ9lFy7G7208L1YGy8gn90xE4VYxM9q3YCE30
AsqBjJO/4mJ5xLkHpwfRrSt5GoQwqDFfjEFYrdRxsnov0X6mL0NyPSeZmpCrhrqK
2tmFS6nCgznCAhkkCknXIdzVsRr1jU8e7qevNrdZL7XNr9V7BSfOskAAPuGpGEeS
RSVBmkaQFtf5zMAuMxbjfXjheJ2Vi8x4eIUNEc8dLN5hvTkT3ZvJ0FHTEwctrKKM
smYNjTJouFcEFbBCwVLUK2+tO7sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQTsYoZ
OXE2m3p5Y5Wz9o7Gi81k7jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQAWhNgecJtjgmbblJJvOApuHLnv2v8D+Z5qwDrT0DDE
Fzm0X9n8bKfV467Gc14nQ5x6ZoJ2euz8PO0uJHKEU5HdzsIXRa1z8+lClesGCr+1
hHApCKe4/DhAi1mXfnDqSq6b3/f3tzWYG0D5N2lfiAXzli98GwDLz+W8W0AVzybU
9ii3V8ZJ00sVxzaRSCKzAp+5UX75tuvxhgECCvDra8/Fo7cAp8fOJzb/qgNWYsEz
ErYTCtsk+zQhKIZYrvZy0gmHfE/rax44nJmKYjz4st2z5UIxHSddNVNTmol7HODc
S8egoTNC74i3C9Dj4xzb7Yo1Db8qpmhN6J1UDc8mKIT/
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:32:43 2025 by rpki-client