Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
File: 6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa (raw, json)
Hash identifier: vCggI/ibeX/QhrZ/lG11yjJBuMdlw47f2JpU+GsiKsc=
Subject key identifier: 29:8E:75:7E:21:2F:03:FD:25:B4:F8:4A:73:83:46:03:FF:11:A7:21
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33748446B84BA893865DDDBF120C69A2516888F1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
Signing time: Tue 17 Jun 2025 00:50:32 +0000
ROA not before: Tue 17 Jun 2025 00:50:32 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:74:84:46:b8:4b:a8:93:86:5d:dd:bf:12:0c:69:a2:51:68:88:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:32 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=dff6168b4d45468d7a49e87ff902c35115163bf896d86bd59fe90f4ee888019b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b2:dd:ab:5d:f6:36:6e:56:48:f7:4b:33:84:
f2:4b:44:c7:1d:a1:73:d2:da:4e:7c:b8:dd:97:8d:
1d:18:0c:40:a0:d3:02:9c:19:5b:16:7a:b6:24:b7:
a4:ab:ec:f0:4f:82:09:3f:d7:e5:2a:70:02:6a:c5:
93:c6:93:17:ca:0b:af:31:4a:8e:5f:f5:fa:35:24:
c1:17:60:09:75:18:05:09:33:a1:03:e8:03:75:42:
d9:82:2a:64:34:f6:ae:1f:fd:b8:22:0b:03:80:c8:
11:18:f9:b3:94:43:ea:d9:af:a6:39:c9:b9:90:0b:
44:27:16:87:37:b0:68:64:dd:28:a5:e3:85:9d:bf:
e0:7f:04:d2:7e:fa:f0:76:06:7f:1b:54:8b:03:7f:
33:1d:97:4b:f6:5c:54:bc:4c:24:ba:79:8a:41:c3:
ca:86:83:09:11:3c:fa:d9:4c:af:bc:18:89:9c:68:
a8:2b:f1:0d:44:f5:ea:ee:41:b6:60:5d:0a:d1:bf:
8a:68:1e:b1:fc:cc:ea:dd:ac:6e:1b:a2:e2:82:ba:
56:7b:56:e3:50:d3:5f:57:0d:e2:aa:a5:03:de:72:
db:92:43:e3:11:7e:a2:76:d7:39:fa:bb:23:9a:c8:
66:0a:10:32:12:77:24:1b:4d:b2:34:f7:c3:97:ac:
cb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8E:75:7E:21:2F:03:FD:25:B4:F8:4A:73:83:46:03:FF:11:A7:21
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7f:9a:78:9c:4a:04:77:bf:a1:a9:c2:0d:e3:b2:37:19:8b:c3:
99:95:84:f6:75:01:4d:70:21:30:a9:f9:92:b9:11:7d:ab:eb:
14:94:d0:52:2f:0d:8d:81:c5:c5:e5:b5:92:21:a1:0d:cb:36:
bf:33:31:2e:28:5d:61:95:3d:b4:80:d3:2a:e8:24:a4:c5:39:
a8:7d:55:08:9c:78:98:af:6e:13:ad:f7:c0:17:67:f4:5c:44:
63:b4:cf:17:14:6e:db:ab:8c:d7:17:c3:ba:92:65:f2:b8:27:
94:61:5d:9e:00:1e:8c:2b:91:9a:c9:53:85:24:41:ea:9a:dc:
3e:3d:fc:e4:cb:3c:40:ba:38:73:0b:f0:5a:e0:b3:04:f0:bb:
c9:08:11:f8:57:4f:c6:92:f6:57:d5:b2:c3:8d:b5:b1:f8:5b:
da:05:8d:0f:d1:8e:f3:2c:f7:b4:10:78:81:cf:07:15:d0:b1:
16:a0:2b:19:00:c0:79:d1:74:ee:81:8b:7c:2d:2a:12:76:12:
9c:bc:ff:50:47:f6:c3:a4:ea:9c:67:89:98:c0:5d:f9:55:17:
2b:2c:36:54:cd:90:fd:ff:4f:27:9c:6f:aa:20:06:fb:a8:b2:
92:27:bf:a3:aa:10:72:9b:de:91:f4:20:3b:8f:53:64:0e:a4:
9b:fa:43:ee
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM3SERrhLqJOGXd2/EgxpolFoiPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmZjYxNjhiNGQ0NTQ2OGQ3YTQ5ZTg3ZmY5MDJjMzUxMTUxNjNiZjg5NmQ4
NmJkNTlmZTkwZjRlZTg4ODAxOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGy3atd9jZuVkj3SzOE8ktExx2hc9LaTny43ZeNHRgMQKDTApwZWxZ6tiS3
pKvs8E+CCT/X5SpwAmrFk8aTF8oLrzFKjl/1+jUkwRdgCXUYBQkzoQPoA3VC2YIq
ZDT2rh/9uCILA4DIERj5s5RD6tmvpjnJuZALRCcWhzewaGTdKKXjhZ2/4H8E0n76
8HYGfxtUiwN/Mx2XS/ZcVLxMJLp5ikHDyoaDCRE8+tlMr7wYiZxoqCvxDUT16u5B
tmBdCtG/imgesfzM6t2sbhui4oK6VntW41DTX1cN4qqlA95y25JD4xF+onbXOfq7
I5rIZgoQMhJ3JBtNsjT3w5esy60CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQpjnV+
IS8D/SW0+Epzg0YD/xGnITAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjI1MmU5YTMtNGZkYy00YzQzLWI5MWItZGViNThjYTJkZDdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G
CSqGSIb3DQEBCwUAA4IBAQB/mnicSgR3v6Gpwg3jsjcZi8OZlYT2dQFNcCEwqfmS
uRF9q+sUlNBSLw2NgcXF5bWSIaENyza/MzEuKF1hlT20gNMq6CSkxTmofVUInHiY
r24TrffAF2f0XERjtM8XFG7bq4zXF8O6kmXyuCeUYV2eAB6MK5GayVOFJEHqmtw+
PfzkyzxAujhzC/Ba4LME8LvJCBH4V0/GkvZX1bLDjbWx+FvaBY0P0Y7zLPe0EHiB
zwcV0LEWoCsZAMB50XTugYt8LSoSdhKcvP9QR/bDpOqcZ4mYwF35VRcrLDZUzZD9
/08nnG+qIAb7qLKSJ7+jqhBym96R9CA7j1NkDqSb+kPu
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:22:32 2025 by rpki-client