Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: OaNBuWvMOLC2/RyzKvJJ0VTGebfhdW6YekKXJzLd68w=
Subject key identifier: 2D:D6:9C:35:04:79:92:91:01:75:55:A5:01:2B:F5:F7:3A:08:19:15
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C24CBBB91B2076D8271F46E61047745D65E11A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Tue 17 Jun 2025 00:50:35 +0000
ROA not before: Tue 17 Jun 2025 00:50:35 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:24:cb:bb:91:b2:07:6d:82:71:f4:6e:61:04:77:45:d6:5e:11:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:35 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=33da8b856ec9f035a8f95cbb191d46c173c985479247876ae238ce1acb128ce9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a8:cb:ee:a4:71:91:aa:af:05:c9:b3:9a:f0:
cc:16:cf:7c:a2:29:b1:4e:50:0e:a6:c0:a6:c7:35:
23:6c:39:f5:1a:ed:51:dc:0e:b6:a3:90:e0:06:4c:
2e:8a:c5:9c:98:05:a9:34:af:ed:86:5c:98:c0:39:
f3:a5:23:9c:bf:c5:75:4d:3e:40:41:80:e2:62:4f:
5e:92:79:81:ae:cd:9a:54:b6:ea:42:48:be:74:af:
bf:c1:db:91:7c:dc:3a:b9:e7:1a:93:94:40:60:9b:
e0:fc:77:72:80:2b:56:17:11:b7:d4:e1:5d:b7:d8:
b2:fd:ec:a0:9c:54:5d:9e:6f:75:5e:38:74:c5:c1:
af:56:5d:3f:7a:46:8f:4d:29:d9:f6:4e:7c:4e:d0:
ea:23:0a:63:32:65:f5:c0:7f:92:6b:2c:28:1d:cd:
9e:9f:ad:b6:e3:62:61:4c:5d:50:27:9d:d0:08:9b:
08:d6:23:60:e0:f4:18:94:75:e3:bc:65:5d:55:d3:
06:9e:56:95:c0:08:03:73:41:ac:fd:f3:14:17:c9:
86:8a:34:78:34:e6:8b:49:be:33:c2:a2:58:a1:56:
67:07:c0:14:fd:f2:8e:e5:e3:86:10:cc:50:ad:ce:
f8:84:45:e2:19:dc:a2:ad:e0:ae:a2:5c:d3:d3:c7:
15:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D6:9C:35:04:79:92:91:01:75:55:A5:01:2B:F5:F7:3A:08:19:15
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:75:db:48:81:2a:68:09:41:9d:13:dd:4d:27:8d:07:e4:53:
3f:fe:72:b4:6c:64:43:a3:bf:f0:c1:97:bf:2b:6a:1e:a4:01:
38:c7:df:90:2e:12:f6:e2:5d:16:66:bc:0e:78:1f:33:cd:7a:
ae:eb:74:4e:57:0e:68:4f:44:9b:71:47:2b:36:76:af:1f:21:
31:7c:71:c4:47:10:0e:bd:2b:ae:33:9d:98:8b:e8:99:16:30:
22:30:6e:22:48:42:1e:91:ac:49:0b:c5:99:33:30:70:f4:3a:
14:25:78:30:d2:4e:da:d6:12:bc:3d:3c:df:af:dd:5c:0d:2a:
dc:ec:03:53:19:9c:8c:44:11:51:23:b8:74:f3:f4:8d:87:f8:
e5:9f:1a:6b:e1:24:5b:42:c3:85:05:f7:06:1a:ee:ce:cb:85:
49:93:31:46:b9:3e:a8:a3:26:d8:3c:8c:03:10:3a:c3:92:b5:
92:79:fd:7e:94:66:05:98:f5:e6:42:f0:70:16:a9:0c:e9:65:
22:a3:2b:31:cd:fe:51:3f:49:c7:2f:70:9d:a8:1f:60:f3:51:
24:24:25:5e:32:07:e6:e8:3f:f9:d1:dc:33:45:c5:95:1e:c6:
43:70:a2:6d:af:9f:96:5d:84:2c:7c:7d:d3:6b:77:03:8c:f0:
b9:11:00:5f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbCTLu5GyB22CcfRuYQR3RdZeEaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzVaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZGE4Yjg1NmVjOWYwMzVhOGY5NWNiYjE5MWQ0NmMxNzNjOTg1NDc5MjQ3
ODc2YWUyMzhjZTFhY2IxMjhjZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSoy+6kcZGqrwXJs5rwzBbPfKIpsU5QDqbApsc1I2w59RrtUdwOtqOQ4AZM
LorFnJgFqTSv7YZcmMA586UjnL/FdU0+QEGA4mJPXpJ5ga7NmlS26kJIvnSvv8Hb
kXzcOrnnGpOUQGCb4Px3coArVhcRt9ThXbfYsv3soJxUXZ5vdV44dMXBr1ZdP3pG
j00p2fZOfE7Q6iMKYzJl9cB/kmssKB3Nnp+ttuNiYUxdUCed0AibCNYjYOD0GJR1
47xlXVXTBp5WlcAIA3NBrP3zFBfJhoo0eDTmi0m+M8KiWKFWZwfAFP3yjuXjhhDM
UK3O+IRF4hncoq3grqJc09PHFXECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQt1pw1
BHmSkQF1VaUBK/X3OggZFTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQAVddtIgSpoCUGdE91NJ40H5FM//nK0bGRDo7/wwZe/
K2oepAE4x9+QLhL24l0WZrwOeB8zzXqu63ROVw5oT0SbcUcrNnavHyExfHHERxAO
vSuuM52Yi+iZFjAiMG4iSEIekaxJC8WZMzBw9DoUJXgw0k7a1hK8PTzfr91cDSrc
7ANTGZyMRBFRI7h08/SNh/jlnxpr4SRbQsOFBfcGGu7Oy4VJkzFGuT6ooybYPIwD
EDrDkrWSef1+lGYFmPXmQvBwFqkM6WUioysxzf5RP0nHL3CdqB9g81EkJCVeMgfm
6D/50dwzRcWVHsZDcKJtr5+WXYQsfH3Ta3cDjPC5EQBf
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:20:05 2025 by rpki-client