Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json)
Hash identifier: 9qnJ92HZgdhScQK1dQN+DeoR45/QP18wrFp5TNhvIRQ=
Subject key identifier: 05:6B:44:0C:25:E3:30:4A:A5:1F:04:93:91:28:11:23:D4:CD:A5:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E48DC9CDC5ECBF690BF07614A9378E7ABC99905
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
Signing time: Mon 16 Jun 2025 21:51:34 +0000
ROA not before: Mon 16 Jun 2025 21:51:34 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:48:dc:9c:dc:5e:cb:f6:90:bf:07:61:4a:93:78:e7:ab:c9:99:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:34 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=b960998fd164494333d8a83cda92a24d267aa9d73f9649d36e0b9de892471805, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:92:74:70:85:6b:e3:48:6a:b4:de:b6:bf:
96:06:e4:f0:7c:0f:38:89:f0:66:69:98:c4:fb:1a:
96:8f:83:cb:46:99:83:f8:0c:bf:da:83:8e:f6:9d:
41:d9:d2:e4:c6:78:77:92:3e:32:a6:7f:72:c4:4a:
ea:62:b1:b4:b9:60:21:02:53:57:3b:50:c5:c7:2a:
62:b8:52:0c:f1:13:9c:0b:ef:d1:31:e6:a8:93:4e:
8c:62:e9:ba:98:05:b3:50:6d:78:a4:db:7a:01:e0:
4a:b8:dd:0e:da:d2:7c:fc:42:2e:da:0f:5d:32:10:
61:ac:7e:38:f2:ce:be:dd:a9:6e:71:76:e3:94:d9:
4a:8d:f7:a6:d5:b9:48:06:af:83:37:0f:b5:31:8e:
ca:d4:a9:2e:57:fd:6d:d0:d0:3c:c8:9a:96:35:51:
a7:51:0a:2f:f3:da:07:e0:2e:2e:04:f0:ae:f7:87:
bb:64:7b:bc:1f:10:cc:1d:0a:79:53:7a:87:f4:a0:
94:51:2e:e8:49:ce:c3:d9:4a:28:2d:c9:25:88:5b:
64:70:0f:fd:97:59:1b:2d:d8:e6:9c:b2:de:fa:b2:
70:50:73:33:72:6d:03:4d:18:b7:eb:08:a0:11:4e:
6c:64:b2:ff:9e:bd:34:5c:af:8d:a0:77:8d:8c:e0:
61:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:6B:44:0C:25:E3:30:4A:A5:1F:04:93:91:28:11:23:D4:CD:A5:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
71:1f:d1:0b:26:90:8a:a1:26:30:ff:3f:d4:87:54:ba:af:d0:
b9:09:2b:14:2e:ef:4b:0c:87:7f:08:d9:be:77:2c:7b:a6:55:
3d:c6:af:26:bc:30:27:6a:d3:97:3b:a2:35:1f:3f:f6:01:c8:
70:aa:dd:0f:44:d5:6b:f5:7c:24:d7:76:62:65:7a:4a:e4:ca:
6c:d4:7d:4c:79:85:ae:19:2c:24:fe:ed:1a:fc:fe:6f:fe:26:
41:27:37:75:7d:ee:82:ff:41:6c:9f:0f:71:37:17:96:c2:40:
19:27:15:06:f7:31:f4:24:bd:1e:2d:2b:e6:26:2d:d3:67:9e:
02:b6:f9:ad:da:aa:34:79:ef:85:42:29:87:86:4e:53:b4:95:
97:05:bb:65:3f:1a:59:e1:df:39:33:5c:06:7e:d7:55:57:a4:
f3:b7:ae:5a:84:30:6d:8f:75:d3:4f:33:a3:d3:9a:a5:99:2d:
06:94:77:9a:11:f9:ae:7d:44:b1:aa:e6:14:59:ef:69:6b:9c:
c2:6e:7a:59:b3:ca:18:ea:03:f5:66:c0:fd:da:fd:9c:8f:79:
59:d4:42:96:4f:0e:f0:f2:80:b5:77:09:c6:57:b0:98:a8:36:
85:83:9c:7e:2b:38:d9:14:a4:cb:9e:3f:ae:2c:1f:c2:8f:77:
db:4c:a8:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHkjcnNxey/aQvwdhSpN456vJmQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMzRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5NjA5OThmZDE2NDQ5NDMzM2Q4YTgzY2RhOTJhMjRkMjY3YWE5ZDczZjk2
NDlkMzZlMGI5ZGU4OTI0NzE4MDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR/knRwhWvjSGq03ra/lgbk8HwPOInwZmmYxPsalo+Dy0aZg/gMv9qDjvad
QdnS5MZ4d5I+MqZ/csRK6mKxtLlgIQJTVztQxccqYrhSDPETnAvv0THmqJNOjGLp
upgFs1BteKTbegHgSrjdDtrSfPxCLtoPXTIQYax+OPLOvt2pbnF245TZSo33ptW5
SAavgzcPtTGOytSpLlf9bdDQPMialjVRp1EKL/PaB+AuLgTwrveHu2R7vB8QzB0K
eVN6h/SglFEu6EnOw9lKKC3JJYhbZHAP/ZdZGy3Y5pyy3vqycFBzM3JtA00Yt+sI
oBFObGSy/569NFyvjaB3jYzgYZMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFa0QM
JeMwSqUfBJORKBEj1M2lczAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQBxH9ELJpCKoSYw/z/Uh1S6r9C5CSsULu9LDId/CNm+
dyx7plU9xq8mvDAnatOXO6I1Hz/2Achwqt0PRNVr9Xwk13ZiZXpK5Mps1H1MeYWu
GSwk/u0a/P5v/iZBJzd1fe6C/0Fsnw9xNxeWwkAZJxUG9zH0JL0eLSvmJi3TZ54C
tvmt2qo0ee+FQimHhk5TtJWXBbtlPxpZ4d85M1wGftdVV6Tzt65ahDBtj3XTTzOj
05qlmS0GlHeaEfmufUSxquYUWe9pa5zCbnpZs8oY6gP1ZsD92v2cj3lZ1EKWTw7w
8oC1dwnGV7CYqDaFg5x+KzjZFKTLnj+uLB/Cj3fbTKi4
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:18:08 2025 by rpki-client