Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: yKuN24uZxtssxiA7fjkLijp0SdaVSJtXKT8xITPfUhs=
Subject key identifier: E6:1B:F6:4A:BD:EA:6D:0C:A0:BB:8C:80:C8:BB:E9:9C:73:EC:7E:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66D7DC77911ACE5E22A31943433D8BE86494ADB7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Mon 16 Jun 2025 22:00:15 +0000
ROA not before: Mon 16 Jun 2025 22:00:15 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:d7:dc:77:91:1a:ce:5e:22:a3:19:43:43:3d:8b:e8:64:94:ad:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:15 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ea7a9c4abbe8422ac3241704c093e324c815577e4553d716d11d35e313d6d2dd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b2:61:ec:e4:a7:c4:f7:bb:fb:0d:63:b1:7e:
da:88:e8:ad:cd:94:fb:cd:e9:89:6b:0a:24:a7:dc:
5b:48:b3:89:1f:fe:30:03:1f:1c:85:de:11:c7:cf:
90:19:9e:ad:ec:58:07:06:d9:4e:41:3d:d1:a5:4b:
86:b5:af:e3:1b:ae:dc:07:e7:2b:64:d2:d2:d8:6b:
3b:6d:49:98:cf:fd:38:9c:a1:2c:dd:8f:b4:f3:0e:
28:f1:05:e0:39:c2:8c:1c:ed:e3:45:d2:8a:47:8f:
cd:c8:a8:10:86:12:03:4e:75:74:af:9f:d8:cd:01:
31:45:f3:be:6a:08:36:88:8f:5b:96:28:ff:ba:27:
ac:71:dd:f7:73:dc:0d:66:8a:d0:38:da:46:7a:79:
8a:f9:6f:83:ea:b6:eb:ab:c6:97:a1:ce:9c:49:f1:
95:2c:e5:9c:de:5a:73:26:86:6f:53:d0:27:a5:51:
9b:7b:d2:3e:ae:70:d5:00:7b:65:8a:45:1f:1a:a8:
48:f5:05:64:67:fb:61:6e:cd:e0:69:b5:d5:f3:62:
c9:e3:3b:1c:89:a8:e6:bb:44:7d:59:e8:36:fe:34:
1f:09:06:dc:60:8a:86:a0:58:71:a5:0d:b4:d0:e6:
02:41:cc:f4:bc:87:0d:a7:98:11:9a:f1:e1:81:20:
ea:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:1B:F6:4A:BD:EA:6D:0C:A0:BB:8C:80:C8:BB:E9:9C:73:EC:7E:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:61:8c:10:0b:3c:46:14:dd:34:37:5d:86:65:47:a1:0f:68:
53:17:eb:7d:f0:8d:ab:c3:3a:03:12:c0:d6:c6:95:5b:96:29:
d5:af:51:1d:52:82:d0:0f:85:fb:23:04:f8:22:c8:88:01:64:
01:e9:8a:ca:be:3b:b2:e6:8c:f9:9f:ff:49:76:f0:e8:0e:62:
ab:0b:d6:d0:0a:cd:22:9c:44:78:26:f3:f4:da:d3:a8:bc:5a:
36:46:1e:85:3a:ba:4f:83:42:86:2e:58:6f:e1:9e:50:3a:d0:
91:78:ba:a1:0b:56:f6:af:c4:7c:04:d5:c3:f2:2b:09:67:1b:
bb:be:9c:1a:17:4a:81:ca:51:5b:17:f5:da:37:4e:ca:28:bb:
38:b2:eb:95:f0:97:af:9b:48:84:19:d2:78:90:aa:6b:a2:62:
ea:ff:03:3f:c1:a9:43:83:e4:fc:0b:51:82:62:71:0b:e6:43:
0a:33:55:8f:cc:91:7d:2f:55:79:f8:e0:99:b5:5c:97:57:95:
de:c6:e0:91:5d:f9:48:bd:2d:7e:e2:22:b5:d9:2c:5e:85:c0:
9b:d1:e1:08:90:9f:d2:45:61:fa:9c:32:1f:52:76:c7:eb:26:
32:ed:9a:fe:08:ff:a1:18:94:4d:7e:f9:52:14:8a:cd:06:51:
78:75:0a:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZtfcd5Eazl4ioxlDQz2L6GSUrbcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhN2E5YzRhYmJlODQyMmFjMzI0MTcwNGMwOTNlMzI0YzgxNTU3N2U0NTUz
ZDcxNmQxMWQzNWUzMTNkNmQyZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+yYezkp8T3u/sNY7F+2ojorc2U+83piWsKJKfcW0iziR/+MAMfHIXeEcfP
kBmerexYBwbZTkE90aVLhrWv4xuu3AfnK2TS0thrO21JmM/9OJyhLN2PtPMOKPEF
4DnCjBzt40XSikePzcioEIYSA051dK+f2M0BMUXzvmoINoiPW5Yo/7onrHHd93Pc
DWaK0DjaRnp5ivlvg+q266vGl6HOnEnxlSzlnN5acyaGb1PQJ6VRm3vSPq5w1QB7
ZYpFHxqoSPUFZGf7YW7N4Gm11fNiyeM7HImo5rtEfVnoNv40HwkG3GCKhqBYcaUN
tNDmAkHM9LyHDaeYEZrx4YEg6mcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTmG/ZK
veptDKC7jIDIu+mcc+x+CTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQCmYYwQCzxGFN00N12GZUehD2hTF+t98I2rwzoDEsDW
xpVblinVr1EdUoLQD4X7IwT4IsiIAWQB6YrKvjuy5oz5n/9JdvDoDmKrC9bQCs0i
nER4JvP02tOovFo2Rh6FOrpPg0KGLlhv4Z5QOtCReLqhC1b2r8R8BNXD8isJZxu7
vpwaF0qBylFbF/XaN07KKLs4suuV8Jevm0iEGdJ4kKpromLq/wM/walDg+T8C1GC
YnEL5kMKM1WPzJF9L1V5+OCZtVyXV5XexuCRXflIvS1+4iK12SxehcCb0eEIkJ/S
RWH6nDIfUnbH6yYy7Zr+CP+hGJRNfvlSFIrNBlF4dQqt
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:07:30 2025 by rpki-client