Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json)
Hash identifier: swLSSRy4GKrnjFaNBtfZzPlNJHyPjMJDQ9wY3ATdw3w=
Subject key identifier: 43:82:47:6E:2F:AF:C0:D3:A1:B0:5F:4A:F6:8B:FF:36:98:22:97:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AF79CEDA56311A7B15B621AE2829B46619829A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
Signing time: Tue 17 Jun 2025 00:51:07 +0000
ROA not before: Tue 17 Jun 2025 00:51:07 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:f7:9c:ed:a5:63:11:a7:b1:5b:62:1a:e2:82:9b:46:61:98:29:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:07 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=3e77620504f3b068fc1aa0dba9fc6490cf8043de8e37eb4ae65a24fd2e1105bf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b3:4a:4a:8f:87:ec:74:60:89:93:07:30:b2:
70:42:b3:3b:80:00:f7:67:00:78:47:2f:ad:0a:1d:
56:14:25:5b:4d:73:31:99:89:c2:e1:b2:5b:33:e9:
b2:c4:8f:a7:40:69:0e:9c:65:ee:22:66:b1:ff:89:
a9:90:1e:5f:a0:d9:ef:4d:de:4c:e3:e9:b2:d7:90:
5f:27:56:52:c2:5c:8e:b5:bc:38:a4:da:f5:cb:e6:
29:ba:5c:8c:ae:85:c4:00:09:64:dd:97:6a:72:66:
1b:d2:39:a3:6d:d8:a0:99:e2:7b:f5:03:3c:cf:26:
97:76:e9:e2:ef:7e:fa:c6:56:c7:7b:86:29:71:ad:
03:11:13:a9:54:d5:f2:16:b0:d1:43:ce:b4:07:bd:
38:03:3f:e9:a6:7c:b6:5a:31:ff:4f:6c:bc:de:52:
7b:13:35:18:8a:e6:9c:5e:60:f5:2f:c8:c6:95:cb:
04:0b:e1:72:f1:72:f2:0e:13:dd:7e:4e:97:47:92:
51:1f:46:17:11:cb:cc:4a:9b:16:e2:be:4b:8d:ad:
74:47:94:c2:84:9a:c3:f1:5c:22:f7:0b:de:7a:ca:
70:d7:16:64:e6:8c:e4:9d:61:77:ba:88:85:52:aa:
74:65:4f:93:46:5a:b1:86:00:af:5c:ec:2c:9c:da:
a7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:82:47:6E:2F:AF:C0:D3:A1:B0:5F:4A:F6:8B:FF:36:98:22:97:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e6:3a:fb:7e:41:5a:4f:69:28:37:52:d2:aa:b7:71:48:df:
54:9c:fa:c4:75:22:28:49:18:9e:aa:22:ed:58:63:6b:96:64:
ce:a6:bb:ef:15:ce:73:24:c8:e6:e0:4a:c2:df:d2:f9:9f:8d:
ec:3e:54:a8:b5:60:da:52:25:f7:5f:3a:f7:f1:48:68:03:d4:
ee:b4:b6:94:dd:4c:a8:67:93:45:9a:65:73:55:2f:09:ba:36:
fc:88:a1:36:f4:61:46:5b:b2:c8:da:d6:ba:43:17:10:dc:ed:
44:41:21:00:d2:d5:a5:03:f2:91:d2:d7:a9:d9:dc:73:e4:3d:
c0:78:fa:92:7c:cd:f5:8b:34:80:78:12:df:0d:cf:82:18:3d:
d3:aa:ea:c2:7c:96:ed:13:97:dd:4e:48:ca:16:a1:22:d8:31:
b9:2b:88:c6:f8:4f:fb:d4:f6:2f:50:c7:67:18:29:e2:e4:24:
09:b0:a9:b5:74:cc:73:aa:bf:32:79:e4:5c:50:34:f0:3f:f0:
d7:ed:8c:1c:14:e6:29:44:1d:03:72:07:1b:ad:63:ce:22:fa:
af:2a:9f:b6:7e:4d:6d:11:1e:be:8d:a9:fa:69:55:e7:12:29:
e0:82:eb:62:11:3d:e9:87:16:4d:36:0f:46:36:6c:49:4d:ff:
9e:f9:45:71
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWvec7aVjEaexW2Ia4oKbRmGYKaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlNzc2MjA1MDRmM2IwNjhmYzFhYTBkYmE5ZmM2NDkwY2Y4MDQzZGU4ZTM3
ZWI0YWU2NWEyNGZkMmUxMTA1YmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALezSkqPh+x0YImTBzCycEKzO4AA92cAeEcvrQodVhQlW01zMZmJwuGyWzPp
ssSPp0BpDpxl7iJmsf+JqZAeX6DZ703eTOPpsteQXydWUsJcjrW8OKTa9cvmKbpc
jK6FxAAJZN2XanJmG9I5o23YoJnie/UDPM8ml3bp4u9++sZWx3uGKXGtAxETqVTV
8haw0UPOtAe9OAM/6aZ8tlox/09svN5SexM1GIrmnF5g9S/IxpXLBAvhcvFy8g4T
3X5Ol0eSUR9GFxHLzEqbFuK+S42tdEeUwoSaw/FcIvcL3nrKcNcWZOaM5J1hd7qI
hVKqdGVPk0ZasYYAr1zsLJzap4ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDgkdu
L6/A06GwX0r2i/82mCKX3zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAGeY6+35BWk9pKDdS0qq3cUjfVJz6xHUiKEkYnqoi
7Vhja5Zkzqa77xXOcyTI5uBKwt/S+Z+N7D5UqLVg2lIl91869/FIaAPU7rS2lN1M
qGeTRZplc1UvCbo2/IihNvRhRluyyNrWukMXENztREEhANLVpQPykdLXqdncc+Q9
wHj6knzN9Ys0gHgS3w3Pghg906rqwnyW7ROX3U5IyhahItgxuSuIxvhP+9T2L1DH
Zxgp4uQkCbCptXTMc6q/MnnkXFA08D/w1+2MHBTmKUQdA3IHG61jziL6ryqftn5N
bREevo2p+mlV5xIp4ILrYhE96YcWTTYPRjZsSU3/nvlFcQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:12:48 2025 by rpki-client