Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
File: 4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa (raw, json)
Hash identifier: 0s81fXAjJPuyGNs3uaqfMjMT5YJXOwavr7IRBV+xM7Y=
Subject key identifier: 52:AB:62:23:51:B8:2C:9F:7A:73:B4:E7:87:D0:DF:0A:23:B4:9B:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F909E64E7C854034D1E907B29320F6B7B705188
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
Signing time: Tue 17 Jun 2025 00:50:54 +0000
ROA not before: Tue 17 Jun 2025 00:50:54 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:90:9e:64:e7:c8:54:03:4d:1e:90:7b:29:32:0f:6b:7b:70:51:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:54 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=085c1692b3ce5db71570f75013662097a11e6fb78dc306ee6ec09110f281c63f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f0:c4:17:27:78:62:0c:0e:15:ab:ab:2f:63:
ed:c1:78:9e:ac:aa:aa:ac:f6:52:30:03:cb:42:ad:
af:1b:17:a8:97:78:d0:53:37:8a:eb:a7:b6:0c:16:
ac:a6:be:a5:9d:ee:b7:4f:4a:c2:0a:4d:6f:52:51:
b8:31:f1:65:a7:87:ce:12:3a:cc:1b:b9:a2:11:bb:
49:cc:3e:dc:36:ab:6f:d6:60:5a:0b:77:96:ff:62:
55:5f:66:f3:f7:68:86:d3:dd:c1:7b:57:34:3a:b1:
b7:ae:e7:52:f7:00:6a:2a:12:c3:39:98:d5:ff:b9:
d9:5b:e6:78:cb:bc:24:e3:0b:bd:2c:7d:f1:a8:23:
6b:44:07:8b:9b:6a:ff:4b:1b:f8:2b:54:8a:cd:85:
77:0e:a8:9e:25:95:2f:39:dd:fb:9e:8d:99:3b:5d:
be:cc:be:4c:91:ea:b9:16:ae:46:05:4d:04:ed:7c:
89:da:c6:20:8a:31:06:17:cf:1d:5c:13:9b:c2:a8:
ba:39:e9:96:df:ce:64:48:33:65:53:63:f5:4d:8c:
36:37:c1:a3:26:e5:04:9d:0a:6e:55:b2:b1:46:6e:
1e:38:9b:51:b5:5f:15:c9:aa:e1:3d:b6:ee:46:9e:
a4:8a:7b:f1:2d:e9:be:cc:68:30:21:e1:a4:82:35:
fa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AB:62:23:51:B8:2C:9F:7A:73:B4:E7:87:D0:DF:0A:23:B4:9B:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.88.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:da:23:d9:c1:6d:66:db:43:bf:75:ae:fb:3b:f5:9b:3d:31:
ce:e9:54:57:7c:d5:34:9b:e7:95:ae:af:1c:ef:5b:ed:e3:79:
d4:63:0d:b9:e2:f4:ab:5b:76:a1:a7:68:14:2c:67:10:89:4f:
e3:b6:fa:82:89:ba:89:9a:0e:ed:ee:bc:22:2f:e1:23:0b:38:
43:b2:85:e8:17:84:88:a8:f2:48:c7:8b:57:50:4d:0c:42:47:
8f:ed:94:01:33:a6:89:0c:10:fa:88:33:4a:82:43:3a:b6:69:
56:77:26:cb:ba:b6:a0:46:75:bd:6f:65:d4:20:17:b0:6d:e2:
23:03:7b:b7:79:59:66:4c:b7:32:32:db:f8:8b:73:2c:f5:80:
2f:04:59:fe:e4:df:bd:53:a5:31:45:28:4c:4e:62:39:29:44:
f4:e1:1c:3b:ef:84:ec:43:7b:0d:02:45:2a:69:21:98:3a:b0:
3e:2d:5d:13:f4:e9:79:f5:1b:c3:3a:b0:9e:f4:9d:23:ba:e7:
cc:32:a6:12:12:33:f7:a4:d5:79:6b:95:09:6b:02:b8:0e:4d:
51:99:3d:87:39:8e:90:7e:a7:76:16:29:b9:54:f1:4c:90:2d:
25:34:3b:b3:7d:20:45:59:fb:38:3e:bf:bd:90:95:e0:f0:57:
d1:1d:74:a3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP5CeZOfIVANNHpB7KTIPa3twUYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwNTRaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4NWMxNjkyYjNjZTVkYjcxNTcwZjc1MDEzNjYyMDk3YTExZTZmYjc4ZGMz
MDZlZTZlYzA5MTEwZjI4MWM2M2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbwxBcneGIMDhWrqy9j7cF4nqyqqqz2UjADy0KtrxsXqJd40FM3iuuntgwW
rKa+pZ3ut09KwgpNb1JRuDHxZaeHzhI6zBu5ohG7Scw+3Darb9ZgWgt3lv9iVV9m
8/dohtPdwXtXNDqxt67nUvcAaioSwzmY1f+52VvmeMu8JOMLvSx98agja0QHi5tq
/0sb+CtUis2Fdw6oniWVLznd+56NmTtdvsy+TJHquRauRgVNBO18idrGIIoxBhfP
HVwTm8Koujnplt/OZEgzZVNj9U2MNjfBoyblBJ0KblWysUZuHjibUbVfFcmq4T22
7kaepIp78S3pvsxoMCHhpII1+pcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRSq2Ij
Ubgsn3pztOeH0N8KI7SbMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGY5ZDNjMzktYWU3Ni00ZjIyLTlkZjktYzY1MDFhY2JjYzg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN
BgkqhkiG9w0BAQsFAAOCAQEADdoj2cFtZttDv3Wu+zv1mz0xzulUV3zVNJvnla6v
HO9b7eN51GMNueL0q1t2oadoFCxnEIlP47b6gom6iZoO7e68Ii/hIws4Q7KF6BeE
iKjySMeLV1BNDEJHj+2UATOmiQwQ+ogzSoJDOrZpVncmy7q2oEZ1vW9l1CAXsG3i
IwN7t3lZZky3MjLb+ItzLPWALwRZ/uTfvVOlMUUoTE5iOSlE9OEcO++E7EN7DQJF
KmkhmDqwPi1dE/TpefUbwzqwnvSdI7rnzDKmEhIz96TVeWuVCWsCuA5NUZk9hzmO
kH6ndhYpuVTxTJAtJTQ7s30gRVn7OD6/vZCV4PBX0R10ow==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:37:00 2025 by rpki-client