Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
File: 87cbc454-e777-437d-a43a-911995d2a7ce.roa (raw, json)
Hash identifier: Q4yFmQnnzyox9ruvViGCSndsJISqiUNk+quWv3MQWno=
Subject key identifier: 5A:36:CB:27:19:23:57:2D:38:5B:AE:22:62:97:17:D2:F5:7B:EF:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48057FAD7DE474FB60601E5177F0CC4136C212DE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
Signing time: Wed 18 Jun 2025 00:30:34 +0000
ROA not before: Wed 18 Jun 2025 00:30:34 +0000
ROA not after: Wed 23 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:05:7f:ad:7d:e4:74:fb:60:60:1e:51:77:f0:cc:41:36:c2:12:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 18 00:30:34 2025 GMT
Not After : Jul 23 23:59:59 2025 GMT
Subject: serialNumber=6b3f465e8a1ce8a2d9254918bb2302064b1dea4ccb1651c70cd5a0f4856fee18, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8f:53:ea:95:40:a1:98:18:f9:66:00:32:cb:
9a:9c:c4:a1:96:e9:67:cf:cb:f9:6c:04:03:5d:24:
d1:19:cf:20:bd:d0:6a:5c:14:99:ac:d1:69:9a:29:
35:b0:1e:3c:83:8b:5c:3d:8e:0f:ea:53:71:6e:0a:
64:42:b0:6d:de:70:0d:52:b0:9b:81:ec:3d:02:82:
3b:ea:15:bf:fe:c0:8c:6c:e1:85:40:23:7b:8a:ca:
22:0b:99:5b:10:cc:e4:e1:bb:d6:5a:19:02:12:57:
b3:29:48:47:d6:f8:e2:c7:b1:37:6f:a3:1e:7d:21:
1d:d5:0d:03:06:f2:6a:bc:67:8a:50:48:0b:b9:49:
a7:71:9f:5f:1e:75:2b:34:f8:f8:4d:71:28:e1:0d:
8a:24:57:73:52:0c:66:6e:49:2a:06:5d:3a:cb:50:
79:2d:7d:90:49:8f:02:c5:33:fb:b9:c3:5e:fa:6c:
f1:90:64:2a:f6:6b:0c:39:17:98:e5:e8:16:27:95:
98:31:1d:e8:d2:46:9d:01:b2:cf:48:76:48:18:c7:
b1:e5:89:31:f6:d4:56:d1:63:52:e3:3d:00:c9:1d:
44:26:dc:53:00:d7:c5:61:27:3d:17:9e:b7:c2:8e:
2f:cf:1a:3c:ec:d6:5e:7d:b9:e1:28:2b:b5:27:79:
70:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:36:CB:27:19:23:57:2D:38:5B:AE:22:62:97:17:D2:F5:7B:EF:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c4:e0:ba:cb:f8:8f:ff:4f:52:3c:20:ae:47:ba:39:0a:77:aa:
a0:56:da:1b:18:71:ce:da:54:dd:31:5c:92:f2:6b:bd:c4:4c:
e7:de:34:6d:d0:87:0f:be:91:4e:9c:a2:51:12:c3:85:b2:70:
81:20:89:c0:05:99:f2:4f:5a:53:7c:cd:c7:7a:11:57:88:67:
9d:bd:c4:a1:6c:14:58:76:88:b1:2f:d6:32:96:2e:9f:f8:08:
39:51:3b:aa:95:ac:78:05:66:96:c2:d0:0e:f9:30:ce:2a:fb:
fa:e3:bc:8d:9d:70:74:1e:75:55:17:e4:87:84:d6:4a:3a:fe:
4d:65:7a:12:3e:40:58:21:ea:46:69:43:c2:d0:98:55:3f:15:
4e:3a:40:dd:1f:41:76:27:4e:84:0a:24:b9:02:25:1c:2e:30:
83:04:6d:76:b9:4f:6f:38:0e:e8:28:ca:44:38:e1:c2:87:fd:
cf:74:ad:36:f3:19:b6:bd:be:29:7f:4f:0f:aa:4d:c9:58:76:
f1:66:c0:1d:04:cc:f7:ba:b6:7e:c2:72:d1:81:fa:ad:c8:ce:
28:34:a3:6e:03:75:ed:8c:94:78:cb:5e:be:ae:87:c3:9e:11:
22:1e:a2:8a:5d:95:29:15:05:78:bd:e5:40:45:be:7b:14:a0:
82:c3:35:15
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSAV/rX3kdPtgYB5Rd/DMQTbCEt4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTgwMDMwMzRaFw0yNTA3MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiM2Y0NjVlOGExY2U4YTJkOTI1NDkxOGJiMjMwMjA2NGIxZGVhNGNjYjE2
NTFjNzBjZDVhMGY0ODU2ZmVlMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmPU+qVQKGYGPlmADLLmpzEoZbpZ8/L+WwEA10k0RnPIL3QalwUmazRaZop
NbAePIOLXD2OD+pTcW4KZEKwbd5wDVKwm4HsPQKCO+oVv/7AjGzhhUAje4rKIguZ
WxDM5OG71loZAhJXsylIR9b44sexN2+jHn0hHdUNAwbyarxnilBIC7lJp3GfXx51
KzT4+E1xKOENiiRXc1IMZm5JKgZdOstQeS19kEmPAsUz+7nDXvps8ZBkKvZrDDkX
mOXoFieVmDEd6NJGnQGyz0h2SBjHseWJMfbUVtFjUuM9AMkdRCbcUwDXxWEnPRee
t8KOL88aPOzWXn254SgrtSd5cIMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRaNssn
GSNXLThbriJilxfS9XvvSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODdjYmM0NTQtZTc3Ny00MzdkLWE0M2EtOTExOTk1ZDJhN2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G
CSqGSIb3DQEBCwUAA4IBAQDE4LrL+I//T1I8IK5HujkKd6qgVtobGHHO2lTdMVyS
8mu9xEzn3jRt0IcPvpFOnKJREsOFsnCBIInABZnyT1pTfM3HehFXiGedvcShbBRY
doixL9Yyli6f+Ag5UTuqlax4BWaWwtAO+TDOKvv647yNnXB0HnVVF+SHhNZKOv5N
ZXoSPkBYIepGaUPC0JhVPxVOOkDdH0F2J06ECiS5AiUcLjCDBG12uU9vOA7oKMpE
OOHCh/3PdK028xm2vb4pf08Pqk3JWHbxZsAdBMz3urZ+wnLRgfqtyM4oNKNuA3Xt
jJR4y16+rofDnhEiHqKKXZUpFQV4veVARb57FKCCwzUV
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:24:35 2025 by rpki-client