Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: /PKNpv7sKNiax0LQvTsuoTYH3U5LqsbbYQ4fUcvv0ss=
Subject key identifier: 66:1B:90:68:FC:3C:BE:88:07:C5:33:CE:46:EB:0B:85:95:CF:9C:89
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54430E9E60E762C9C845E12034565C97BF8C5805
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Tue 17 Jun 2025 00:51:05 +0000
ROA not before: Tue 17 Jun 2025 00:51:05 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:43:0e:9e:60:e7:62:c9:c8:45:e1:20:34:56:5c:97:bf:8c:58:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:05 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=967eddaa0a6ee80696365ab890a401736a5102920069206e6b8392f2a90c8077, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1b:c8:ea:86:e7:c5:b5:1a:57:38:cb:96:a3:
f3:6d:e7:00:8d:47:69:6b:69:97:4b:10:b6:01:a0:
25:24:ab:87:25:23:fd:03:b7:09:c0:9e:fc:0c:c0:
9d:c6:38:3f:87:6e:0f:3c:8e:16:da:b5:1a:76:8f:
0e:8f:f7:ed:d3:cb:f3:f9:77:7a:61:36:eb:63:a2:
40:fd:06:84:df:3e:18:83:03:0b:d4:cc:53:3c:c0:
00:2f:20:d9:e9:a5:d6:ab:a6:e0:1e:11:2a:6c:1c:
82:02:0b:45:b3:dd:ef:95:d0:48:ff:6d:19:ae:b2:
b9:b4:e9:0c:e9:94:d8:fe:34:bf:03:68:db:2e:9f:
48:40:8c:da:8c:b2:75:c5:11:f5:9f:15:ad:15:67:
f9:9f:78:0f:74:30:a5:b4:c5:db:92:cc:05:8f:fc:
87:07:4f:1e:f1:2e:8d:23:e6:fe:c9:e6:26:b1:c1:
6a:c4:62:eb:1a:a1:12:c1:48:68:db:97:ea:c1:ef:
87:15:b6:4b:2f:c0:a3:d3:f9:50:c6:a8:09:6d:18:
2d:b7:cd:49:e2:c8:d8:d3:47:8e:4c:9e:40:6d:93:
c2:a6:ef:4d:88:e1:23:68:d9:f2:03:ac:bc:18:b2:
64:47:69:53:c5:7e:15:ae:d4:da:11:5a:ee:da:c7:
65:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1B:90:68:FC:3C:BE:88:07:C5:33:CE:46:EB:0B:85:95:CF:9C:89
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:31:4c:8a:96:3b:2a:58:85:35:4f:fa:9a:84:f7:ff:0a:d0:
42:c7:7a:8e:0e:3b:b7:68:e6:40:0d:f1:75:d7:35:5f:82:d2:
b4:25:81:bb:ad:ab:99:d8:a3:5e:6c:b2:89:f7:bb:05:27:e3:
68:9b:24:08:1b:00:d1:dc:c0:58:a4:fe:04:b0:04:50:b4:91:
43:6d:fc:00:8c:c7:20:d1:25:9a:ed:9b:46:21:b1:e8:ac:3f:
29:20:f7:de:c9:c9:f5:4b:64:ad:7f:d7:2f:7c:6c:69:82:a6:
d9:db:5a:bc:0d:3b:84:d6:4c:36:90:35:a6:52:d6:86:02:cb:
1d:d8:58:4c:18:92:22:92:38:f6:29:23:de:a0:76:81:d9:bc:
8e:3a:b9:0f:71:2f:ce:45:1b:2f:96:d0:1f:6b:74:b8:e7:51:
10:ff:86:26:29:41:d0:5a:75:1e:be:2e:28:f3:7b:5d:6d:c9:
b2:22:dd:d8:aa:24:75:58:40:aa:01:b7:20:da:52:1f:66:e6:
cf:37:1c:ca:b5:c1:22:4c:f1:02:f9:f6:b6:b5:34:6d:5e:60:
85:36:f3:8e:4c:85:cb:23:8e:68:6d:46:68:68:9e:63:26:67:
8f:b3:a6:6a:a2:e2:50:3d:90:b0:ba:55:2e:41:8a:a5:82:ec:
7b:5e:dc:72
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVEMOnmDnYsnIReEgNFZcl7+MWAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDVaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2N2VkZGFhMGE2ZWU4MDY5NjM2NWFiODkwYTQwMTczNmE1MTAyOTIwMDY5
MjA2ZTZiODM5MmYyYTkwYzgwNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsbyOqG58W1Glc4y5aj823nAI1HaWtpl0sQtgGgJSSrhyUj/QO3CcCe/AzA
ncY4P4duDzyOFtq1GnaPDo/37dPL8/l3emE262OiQP0GhN8+GIMDC9TMUzzAAC8g
2eml1qum4B4RKmwcggILRbPd75XQSP9tGa6yubTpDOmU2P40vwNo2y6fSECM2oyy
dcUR9Z8VrRVn+Z94D3QwpbTF25LMBY/8hwdPHvEujSPm/snmJrHBasRi6xqhEsFI
aNuX6sHvhxW2Sy/Ao9P5UMaoCW0YLbfNSeLI2NNHjkyeQG2TwqbvTYjhI2jZ8gOs
vBiyZEdpU8V+Fa7U2hFa7trHZUcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRmG5Bo
/Dy+iAfFM85G6wuFlc+ciTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEAbTFMipY7KliFNU/6moT3/wrQQsd6jg47t2jmQA3x
ddc1X4LStCWBu62rmdijXmyyife7BSfjaJskCBsA0dzAWKT+BLAEULSRQ238AIzH
INElmu2bRiGx6Kw/KSD33snJ9UtkrX/XL3xsaYKm2dtavA07hNZMNpA1plLWhgLL
HdhYTBiSIpI49ikj3qB2gdm8jjq5D3EvzkUbL5bQH2t0uOdREP+GJilB0Fp1Hr4u
KPN7XW3JsiLd2KokdVhAqgG3INpSH2bmzzccyrXBIkzxAvn2trU0bV5ghTbzjkyF
yyOOaG1GaGieYyZnj7OmaqLiUD2QsLpVLkGKpYLse17ccg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:04:59 2025 by rpki-client