Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: kbu9W6ITuPo8pLebOp1vyfXawWQ12S++BLsxP0Ns3TQ=
Subject key identifier: 9B:05:FB:D1:63:44:8F:25:CF:48:D3:DF:9A:85:EE:33:38:3D:A6:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4DD3E3E206DC5038AC352620F318FB97BC1C1577
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Tue 17 Jun 2025 00:51:02 +0000
ROA not before: Tue 17 Jun 2025 00:51:02 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:d3:e3:e2:06:dc:50:38:ac:35:26:20:f3:18:fb:97:bc:1c:15:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:02 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=a49e4760a33e9f825b52c7dbc96f680183ec3791755ed30d1c8a75f1532c265e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dc:3f:4c:ec:a3:5b:f2:5e:22:74:de:e3:05:
29:45:4a:66:1a:9e:af:c3:b3:ea:ce:e3:60:f6:ba:
cb:bf:ff:7c:2b:43:2e:d9:1b:db:ac:59:55:cc:b0:
cf:ce:d9:56:a9:20:16:0c:a1:e5:28:f3:93:b2:8b:
3b:2e:15:fe:b0:48:56:0b:fd:84:3b:8b:80:f9:4f:
0a:81:ae:30:23:ba:b9:26:7e:34:55:a5:18:48:f9:
e2:83:65:f3:a3:10:b5:31:13:b0:84:52:17:81:83:
ae:2e:37:2b:0b:67:17:05:cb:93:f9:42:c1:dc:ef:
56:05:bf:5d:c0:12:8b:4d:12:c7:99:a9:69:3e:a5:
a0:7b:00:ee:c3:c6:44:27:b8:67:e9:47:f3:0e:07:
06:b0:51:2c:3d:14:ad:cb:44:1a:0f:14:b4:d2:45:
09:67:fa:0d:9e:39:24:e3:6c:32:a5:00:8c:05:c6:
ed:7d:fa:d0:23:ab:a6:6f:61:0a:f5:f5:7b:3e:ed:
df:35:b5:46:1f:3e:7a:4b:04:71:88:fb:6e:0e:55:
b2:7d:fa:13:5d:83:8f:1f:66:13:96:a7:31:3c:38:
bf:a0:dd:6f:42:fb:dc:a2:99:72:8b:05:10:78:94:
46:dc:3d:9a:92:cf:17:d0:60:01:52:3b:ad:49:c2:
59:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:05:FB:D1:63:44:8F:25:CF:48:D3:DF:9A:85:EE:33:38:3D:A6:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:34:8b:f5:80:c2:9f:29:94:12:19:c0:78:24:5f:ac:0b:4a:
12:cf:15:3a:fd:8f:75:6f:ea:9f:ee:f6:36:85:d1:bc:bc:3b:
54:b6:e7:23:49:e1:47:4f:59:11:65:b3:5d:97:d9:7e:8b:1b:
48:75:3e:a6:3e:7c:4c:29:42:ea:da:5b:65:a7:eb:0a:68:7e:
31:bf:50:59:0c:50:39:86:58:08:1a:92:7b:9a:11:ae:7a:cb:
e3:a2:d9:96:71:26:d2:f7:bd:1f:9f:0f:7b:a4:15:ae:e1:40:
e9:c1:cc:9a:e8:32:7c:31:c9:d9:90:ef:8a:05:17:8a:e5:99:
56:1f:8b:1b:20:a3:66:e6:86:67:13:78:dd:ca:b6:e1:d1:a8:
c4:20:b9:cb:3a:65:ee:09:02:99:27:81:bf:31:73:66:74:9e:
c1:2b:b5:71:93:95:cb:78:5c:8e:1b:7c:da:8e:f5:5d:36:20:
3c:52:c8:ac:49:52:bd:5c:1a:77:f3:70:d6:6d:f3:31:be:3d:
1a:a9:ae:bf:4b:cd:73:21:a5:9c:fe:1c:c2:08:94:b1:52:ea:
de:cf:1b:53:24:09:c4:2e:a2:98:f8:af:39:1b:28:2d:01:b3:
aa:8f:2c:18:59:02:23:e0:e7:08:47:96:f0:93:4c:13:bf:5e:
bb:8b:8f:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTdPj4gbcUDisNSYg8xj7l7wcFXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0OWU0NzYwYTMzZTlmODI1YjUyYzdkYmM5NmY2ODAxODNlYzM3OTE3NTVl
ZDMwZDFjOGE3NWYxNTMyYzI2NWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvcP0zso1vyXiJ03uMFKUVKZhqer8Oz6s7jYPa6y7//fCtDLtkb26xZVcyw
z87ZVqkgFgyh5Sjzk7KLOy4V/rBIVgv9hDuLgPlPCoGuMCO6uSZ+NFWlGEj54oNl
86MQtTETsIRSF4GDri43KwtnFwXLk/lCwdzvVgW/XcASi00Sx5mpaT6loHsA7sPG
RCe4Z+lH8w4HBrBRLD0UrctEGg8UtNJFCWf6DZ45JONsMqUAjAXG7X360COrpm9h
CvX1ez7t3zW1Rh8+eksEcYj7bg5Vsn36E12Djx9mE5anMTw4v6Ddb0L73KKZcosF
EHiURtw9mpLPF9BgAVI7rUnCWaUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbBfvR
Y0SPJc9I09+ahe4zOD2msTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQAYNIv1gMKfKZQSGcB4JF+sC0oSzxU6/Y91b+qf7vY2
hdG8vDtUtucjSeFHT1kRZbNdl9l+ixtIdT6mPnxMKULq2ltlp+sKaH4xv1BZDFA5
hlgIGpJ7mhGuesvjotmWcSbS970fnw97pBWu4UDpwcya6DJ8McnZkO+KBReK5ZlW
H4sbIKNm5oZnE3jdyrbh0ajEILnLOmXuCQKZJ4G/MXNmdJ7BK7Vxk5XLeFyOG3za
jvVdNiA8UsisSVK9XBp383DWbfMxvj0aqa6/S81zIaWc/hzCCJSxUurezxtTJAnE
LqKY+K85GygtAbOqjywYWQIj4OcIR5bwk0wTv167i4+P
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:20 2025 by rpki-client