Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json)
Hash identifier: /+5qk3UwYigSNZFkfYIEJMSn4B2tF9mC5Pm2hnDRBDc=
Subject key identifier: 24:36:51:30:AA:1C:E8:46:A5:AC:64:45:CA:B6:DF:80:C1:DA:CA:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A536820964697FBE289F4A9EB982BCD8045D8DF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
Signing time: Tue 17 Jun 2025 00:50:57 +0000
ROA not before: Tue 17 Jun 2025 00:50:57 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:53:68:20:96:46:97:fb:e2:89:f4:a9:eb:98:2b:cd:80:45:d8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:57 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=dcfbf3ecd73ef2aad4d811b3fba647b30895641fcb794f8a4e9a8bb6d1b2b264, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ce:4c:9f:35:5a:8e:9b:0c:71:0b:8c:ab:e5:
4b:80:1c:a7:ad:ee:46:9f:a7:15:e5:fa:74:fb:53:
7a:27:7f:44:5c:2d:d5:64:54:f2:9d:ba:6e:f5:18:
e4:d8:8c:54:cd:3b:98:20:de:bb:be:52:1e:49:e4:
18:c0:7d:64:ff:59:79:75:a9:d8:e6:b7:4d:2a:20:
69:ad:63:81:1b:e4:a9:5a:20:35:4e:fc:fb:9f:2c:
f6:f8:f2:35:f6:49:2c:81:2c:9c:d1:9d:41:27:a0:
a0:e6:91:4b:8e:13:7f:f7:14:86:81:c0:17:20:70:
26:06:09:4a:54:20:d6:e2:63:44:48:5b:01:07:eb:
ea:c5:f8:ef:41:92:93:cc:ad:03:a4:20:c2:df:6f:
72:4c:66:1a:97:4e:9c:01:de:81:ea:85:bc:13:f7:
84:60:fa:48:e5:dd:91:0a:fb:8b:c4:f8:68:9a:81:
56:0f:98:04:8a:83:30:29:69:2f:bd:19:c6:a1:2f:
21:2b:cb:3b:85:87:e9:ad:5b:5e:bd:b4:bd:db:ca:
f5:99:7b:cd:73:67:e7:4f:c8:ab:a5:52:94:c1:df:
02:25:1c:d0:dc:0c:4f:ed:76:f6:77:8b:cf:a1:24:
73:46:c8:b5:55:6f:f8:d5:23:7a:50:bf:99:84:e2:
51:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:36:51:30:AA:1C:E8:46:A5:AC:64:45:CA:B6:DF:80:C1:DA:CA:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:85:33:7a:9f:9b:47:0f:65:6e:d8:e6:cb:2f:5a:5c:31:8c:
1c:9a:40:ef:57:df:c4:10:c4:1e:9c:83:1d:4d:5d:dc:48:09:
d5:d2:d7:c0:b8:9a:69:3a:cd:2b:ef:3b:75:77:47:63:c6:c8:
a8:60:d2:f4:5c:26:21:c1:82:d0:1b:14:c3:7e:a1:0d:f4:e3:
c8:08:5d:bc:3f:c4:f5:07:53:71:5a:69:1a:0a:2c:77:2b:6b:
83:c4:ad:39:c5:29:d0:4c:c3:fd:b9:45:f1:2b:bc:67:1e:0a:
05:c7:2b:2c:7b:a4:c1:1b:d1:8c:f4:85:cb:f1:b6:a5:8c:4a:
19:69:c3:ce:a8:cd:30:26:79:b6:30:6f:3a:6f:2a:92:98:66:
05:70:e6:23:23:9d:58:16:72:81:ce:ae:26:f6:60:bb:4d:ca:
0e:20:04:d0:72:3c:11:a7:48:e3:c4:9c:de:c5:6f:1d:5d:d9:
71:8f:89:1b:af:6a:3c:88:d5:fa:6b:71:c9:22:f5:cc:79:82:
93:5c:f3:e9:69:fd:ec:b7:06:e4:24:c6:18:97:7f:3c:f2:26:
68:78:85:58:8b:51:f2:9d:56:93:ea:1b:3b:1a:8f:71:9b:33:
9f:b2:be:1e:64:6e:d4:c6:a0:52:ae:a0:2f:53:04:41:08:d6:
8b:3a:b9:5f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUClNoIJZGl/viifSp65grzYBF2N8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwNTdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjZmJmM2VjZDczZWYyYWFkNGQ4MTFiM2ZiYTY0N2IzMDg5NTY0MWZjYjc5
NGY4YTRlOWE4YmI2ZDFiMmIyNjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIHOTJ81Wo6bDHELjKvlS4Acp63uRp+nFeX6dPtTeid/RFwt1WRU8p26bvUY
5NiMVM07mCDeu75SHknkGMB9ZP9ZeXWp2Oa3TSogaa1jgRvkqVogNU78+58s9vjy
NfZJLIEsnNGdQSegoOaRS44Tf/cUhoHAFyBwJgYJSlQg1uJjREhbAQfr6sX470GS
k8ytA6Qgwt9vckxmGpdOnAHegeqFvBP3hGD6SOXdkQr7i8T4aJqBVg+YBIqDMClp
L70ZxqEvISvLO4WH6a1bXr20vdvK9Zl7zXNn50/Iq6VSlMHfAiUc0NwMT+129neL
z6Ekc0bItVVv+NUjelC/mYTiUc0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQkNlEw
qhzoRqWsZEXKtt+AwdrKpTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEAX4Uzep+bRw9lbtjmyy9aXDGMHJpA71ffxBDEHpyD
HU1d3EgJ1dLXwLiaaTrNK+87dXdHY8bIqGDS9FwmIcGC0BsUw36hDfTjyAhdvD/E
9QdTcVppGgosdytrg8StOcUp0EzD/blF8Su8Zx4KBccrLHukwRvRjPSFy/G2pYxK
GWnDzqjNMCZ5tjBvOm8qkphmBXDmIyOdWBZygc6uJvZgu03KDiAE0HI8EadI48Sc
3sVvHV3ZcY+JG69qPIjV+mtxySL1zHmCk1zz6Wn97LcG5CTGGJd/PPImaHiFWItR
8p1Wk+obOxqPcZszn7K+HmRu1MagUq6gL1MEQQjWizq5Xw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:27:25 2025 by rpki-client