Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: xzM1PqGuVfjju+/PPClbJWSNHru7tbp8k47j0w5BzTo=
Subject key identifier: D8:CB:62:99:0D:34:EB:92:4A:52:58:37:D4:63:C1:EE:46:14:D0:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BFE033F11DB683C702B5D3086FBBD298525D34B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Mon 16 Jun 2025 22:00:14 +0000
ROA not before: Mon 16 Jun 2025 22:00:14 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:fe:03:3f:11:db:68:3c:70:2b:5d:30:86:fb:bd:29:85:25:d3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:14 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8a54c77c195039c24728161140b5878c5a650d006f1155091737d97ee220a840, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:2f:16:39:f8:7e:5b:a8:61:e4:32:5e:3d:
06:61:ac:af:2a:ab:9e:90:b2:2e:9f:5e:b2:93:28:
25:cb:56:58:a0:5a:7d:43:94:0f:f7:06:fa:06:8a:
8b:f5:a1:a9:aa:5b:ec:41:1f:09:e4:60:6c:e9:66:
ac:b5:ea:2f:0d:32:c3:1e:0e:9f:7e:58:87:a9:c3:
7b:a3:11:3a:8c:e3:c4:24:33:14:3b:c6:9c:ab:68:
8c:f0:25:eb:db:c2:96:e7:0b:b4:f0:fd:bb:ef:be:
2d:c2:47:ee:de:c4:fe:6b:10:a9:b1:7a:08:c9:89:
ad:17:51:48:0c:55:f6:7b:cf:37:18:53:ab:15:83:
2e:b4:f1:2c:29:f6:44:1f:69:42:af:6a:c6:b2:00:
20:00:99:48:f5:f3:17:4b:80:bb:88:db:24:be:88:
58:ec:a8:bf:8f:95:56:a2:97:12:8a:18:d5:6d:ba:
64:c5:7a:34:e1:3c:6d:7b:49:ba:5a:ab:47:c3:e6:
df:5a:37:9e:ae:a3:18:3a:bd:34:16:6b:26:0b:19:
a8:97:81:c6:29:c9:a8:8b:e2:ba:ff:f3:99:c2:4f:
63:5c:ea:d6:ed:44:7f:e8:32:92:cc:46:e5:86:08:
00:e8:ea:5b:f2:ee:c6:79:83:e3:bd:4d:69:03:eb:
80:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CB:62:99:0D:34:EB:92:4A:52:58:37:D4:63:C1:EE:46:14:D0:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b5:a0:5c:78:63:bc:e5:b1:b6:31:1b:f2:d9:79:40:2e:4f:c5:
8f:06:da:59:30:0f:e3:8b:74:62:dd:c1:cc:3d:43:9b:a9:1a:
7a:3c:66:b7:e8:6e:fa:06:63:55:22:f4:c8:db:f8:1c:5f:52:
71:7c:80:ea:b3:91:fb:ea:36:fa:bd:6f:8a:e3:84:71:28:25:
04:aa:44:ba:3e:35:23:0b:ec:90:f7:ab:25:69:fa:c8:d4:69:
18:53:ba:84:e0:75:34:7a:47:b4:42:97:cc:5b:80:43:a4:15:
1d:fb:10:f9:93:ef:4f:6d:b7:f4:36:e6:6f:df:7c:e0:b7:09:
14:a8:bf:cd:b4:fc:37:4a:68:78:dc:f5:1a:a3:f1:17:68:e4:
7b:04:4d:6d:f7:83:a0:0e:bd:32:e1:a9:a3:12:5f:6d:04:66:
b2:48:8c:99:0f:0b:9f:4c:33:a1:b3:fe:2a:ce:17:fb:17:32:
10:f3:85:4f:0a:12:64:45:16:17:72:00:8e:37:d4:72:c4:73:
4b:0b:9a:98:29:e9:c1:5b:81:63:86:c7:92:27:b9:00:c4:10:
8c:67:b3:15:d6:ae:f6:cd:05:be:52:46:2f:7f:52:5f:06:ef:
9f:7e:a1:bf:83:a0:44:97:12:28:3a:f3:c1:bb:1b:0f:b7:ff:
f7:54:97:c8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS/4DPxHbaDxwK10whvu9KYUl00swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhNTRjNzdjMTk1MDM5YzI0NzI4MTYxMTQwYjU4NzhjNWE2NTBkMDA2ZjEx
NTUwOTE3MzdkOTdlZTIyMGE4NDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4mLxY5+H5bqGHkMl49BmGsryqrnpCyLp9espMoJctWWKBafUOUD/cG+gaK
i/Whqapb7EEfCeRgbOlmrLXqLw0ywx4On35Yh6nDe6MROozjxCQzFDvGnKtojPAl
69vClucLtPD9u+++LcJH7t7E/msQqbF6CMmJrRdRSAxV9nvPNxhTqxWDLrTxLCn2
RB9pQq9qxrIAIACZSPXzF0uAu4jbJL6IWOyov4+VVqKXEooY1W26ZMV6NOE8bXtJ
ulqrR8Pm31o3nq6jGDq9NBZrJgsZqJeBxinJqIviuv/zmcJPY1zq1u1Ef+gyksxG
5YYIAOjqW/LuxnmD471NaQPrgOMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTYy2KZ
DTTrkkpSWDfUY8HuRhTQtzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQC1oFx4Y7zlsbYxG/LZeUAuT8WPBtpZMA/ji3Ri3cHM
PUObqRp6PGa36G76BmNVIvTI2/gcX1JxfIDqs5H76jb6vW+K44RxKCUEqkS6PjUj
C+yQ96slafrI1GkYU7qE4HU0eke0QpfMW4BDpBUd+xD5k+9Pbbf0NuZv33zgtwkU
qL/NtPw3Smh43PUao/EXaOR7BE1t94OgDr0y4amjEl9tBGaySIyZDwufTDOhs/4q
zhf7FzIQ84VPChJkRRYXcgCON9RyxHNLC5qYKenBW4FjhseSJ7kAxBCMZ7MV1q72
zQW+UkYvf1JfBu+ffqG/g6BElxIoOvPBuxsPt//3VJfI
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:10 2025 by rpki-client