Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
File: 60c12693-1526-46ae-aa45-d5276a0c0f79.roa (raw, json)
Hash identifier: e+lIUAcK9NYOQhVPmjda4AC/QIok/Jvo9965I1qqtdM=
Subject key identifier: 2F:18:B6:9E:AD:F8:CF:C4:C7:FE:95:6C:2B:EB:7D:5F:B1:39:FF:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1360FA7BFEB8C246744B7BADA378B9D446CA13FE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
Signing time: Tue 17 Jun 2025 00:50:34 +0000
ROA not before: Tue 17 Jun 2025 00:50:34 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.86.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:60:fa:7b:fe:b8:c2:46:74:4b:7b:ad:a3:78:b9:d4:46:ca:13:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:34 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=04a50ecad1bb823892d64d93d5e6ce9f33156ed566b6fa64bf8a5656e2a617a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:11:49:06:63:7e:73:84:01:7b:a7:cd:fd:00:
75:47:60:f2:40:8e:43:d1:5a:6e:a8:8c:a6:ee:f5:
fc:5f:aa:fa:25:a4:d7:31:14:95:44:21:48:fa:38:
74:7f:04:d2:c8:2d:24:7e:c0:80:f8:8c:e9:39:39:
f6:cb:56:c0:fc:59:e9:2d:77:df:31:62:df:46:02:
04:68:15:17:5c:c5:cb:ad:ac:14:92:00:59:b1:e2:
2b:a9:33:bd:2d:9d:c6:18:59:5b:f7:6c:b9:8d:b4:
d2:e8:ec:73:51:42:d7:3c:41:c6:03:6b:77:2f:fe:
89:b6:bc:d7:0f:2d:b6:ba:8b:08:cf:e8:d2:fb:9a:
6b:c6:40:be:5e:fb:a3:3a:73:1a:02:e5:88:cd:09:
5c:1a:a2:19:fe:32:d4:0b:99:aa:38:18:fb:20:c9:
2e:3a:fb:8b:e9:a0:e7:87:4c:f9:62:3a:55:a9:f4:
72:12:8f:56:c7:ff:29:12:80:42:c2:82:e6:0d:c3:
1e:9a:44:90:ba:02:c6:09:9a:b2:a9:b5:f7:8d:84:
c2:8f:73:da:5e:7d:98:7b:4e:e3:85:a5:a3:e3:bd:
38:ab:de:07:c6:20:ef:46:29:b4:9f:f4:0a:7d:87:
33:af:06:4a:df:3e:e7:bd:63:7d:c5:d5:0b:e6:12:
ec:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:18:B6:9E:AD:F8:CF:C4:C7:FE:95:6C:2B:EB:7D:5F:B1:39:FF:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.86.0.0/15
Signature Algorithm: sha256WithRSAEncryption
83:e9:c7:a7:ca:d2:70:86:e2:d9:0e:92:31:b4:d1:4b:29:01:
62:3a:cc:cb:5a:3b:d7:45:7d:88:89:89:3a:8f:c1:eb:e2:a2:
0d:52:9c:2d:b6:bb:eb:a0:0b:fa:08:9c:9c:eb:4f:f3:dd:45:
2f:e3:85:6a:32:0b:49:32:fa:cc:33:20:d4:40:9b:85:10:21:
0d:cd:c1:0c:f8:86:2c:5e:51:8f:60:39:c7:33:09:55:f0:fa:
14:1a:d4:68:fb:d9:88:74:11:9a:4e:fa:18:87:82:28:ef:4a:
11:74:c1:0e:25:50:b8:59:c1:5e:42:02:1a:27:31:23:ac:75:
84:59:16:a2:0a:2a:72:8c:7d:a8:78:9a:bb:fe:cf:45:92:4c:
15:ac:04:ca:50:f2:bf:9e:7e:83:3d:7e:a7:8c:f7:a0:b9:c7:
1e:a5:ee:3e:a9:54:c7:84:fb:c9:bf:78:ba:76:11:df:d1:84:
8d:81:cc:4e:9f:ab:b3:e3:f5:4f:3a:65:6d:f6:74:f0:69:4d:
23:a8:f2:bc:51:e2:e3:cd:33:df:23:b8:45:55:0c:45:86:fe:
e6:56:39:d7:92:8a:89:9f:c4:3b:20:95:df:03:90:c0:49:d4:
7e:f1:aa:b0:cc:36:8a:e4:ca:8c:ca:3f:1f:15:35:be:f3:0c:
2f:de:e1:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE2D6e/64wkZ0S3uto3i51EbKE/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzRaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0YTUwZWNhZDFiYjgyMzg5MmQ2NGQ5M2Q1ZTZjZTlmMzMxNTZlZDU2NmI2
ZmE2NGJmOGE1NjU2ZTJhNjE3YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgRSQZjfnOEAXunzf0AdUdg8kCOQ9FabqiMpu71/F+q+iWk1zEUlUQhSPo4
dH8E0sgtJH7AgPiM6Tk59stWwPxZ6S133zFi30YCBGgVF1zFy62sFJIAWbHiK6kz
vS2dxhhZW/dsuY200ujsc1FC1zxBxgNrdy/+iba81w8ttrqLCM/o0vuaa8ZAvl77
ozpzGgLliM0JXBqiGf4y1AuZqjgY+yDJLjr7i+mg54dM+WI6Van0chKPVsf/KRKA
QsKC5g3DHppEkLoCxgmasqm1942Ewo9z2l59mHtO44Wlo+O9OKveB8Yg70YptJ/0
Cn2HM68GSt8+571jfcXVC+YS7P0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQvGLae
rfjPxMf+lWwr631fsTn/ETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjMTI2OTMtMTUyNi00NmFlLWFhNDUtZDUyNzZhMGMwZjc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G
CSqGSIb3DQEBCwUAA4IBAQCD6cenytJwhuLZDpIxtNFLKQFiOszLWjvXRX2IiYk6
j8Hr4qINUpwttrvroAv6CJyc60/z3UUv44VqMgtJMvrMMyDUQJuFECENzcEM+IYs
XlGPYDnHMwlV8PoUGtRo+9mIdBGaTvoYh4Io70oRdMEOJVC4WcFeQgIaJzEjrHWE
WRaiCipyjH2oeJq7/s9FkkwVrATKUPK/nn6DPX6njPeguccepe4+qVTHhPvJv3i6
dhHf0YSNgcxOn6uz4/VPOmVt9nTwaU0jqPK8UeLjzTPfI7hFVQxFhv7mVjnXkoqJ
n8Q7IJXfA5DASdR+8aqwzDaK5MqMyj8fFTW+8wwv3uEB
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:03:46 2025 by rpki-client