Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: jHeiAnPqWiKmBO7RiflwLF56AF/lovGqWE01Vi6b1UM=
Subject key identifier: E7:29:A3:20:AE:97:E9:2B:A4:ED:6C:52:A6:8F:1D:D5:A1:F9:DC:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1CDC67FAEA227E8F7561CE727AB69ABE8190B7D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Mon 16 Jun 2025 22:00:12 +0000
ROA not before: Mon 16 Jun 2025 22:00:12 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:dc:67:fa:ea:22:7e:8f:75:61:ce:72:7a:b6:9a:be:81:90:b7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:12 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=005864113dd618490aee36d0436a97b71e48bce022e0455171eeae1921715d9f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:eb:8e:19:30:75:29:d0:bd:46:d8:1d:fc:60:
3e:32:ae:ce:b0:5f:a4:e9:6e:de:dd:3d:42:93:8d:
a6:23:22:56:7e:96:8c:8e:b0:5c:05:52:20:ae:bf:
d9:7e:17:f0:ee:5b:c6:f1:9b:e6:d8:a2:5f:af:de:
d4:b7:1f:9a:a4:df:7d:d1:ef:59:e7:cb:79:f9:d9:
d6:db:d0:d2:72:6f:24:b3:4f:ea:4c:30:cb:7d:61:
a3:6b:78:c5:b2:47:98:4d:f0:d9:c6:1a:c6:42:ae:
b5:d9:2e:af:a8:ef:c4:a8:b1:81:79:d2:5b:70:d3:
e6:ea:6f:26:ae:a8:cf:20:9b:d3:47:9c:70:43:ae:
85:08:27:6e:80:e3:db:56:bf:bb:8e:c6:0f:6e:8c:
a3:04:e8:76:f0:3d:61:47:7d:47:6b:b0:6c:8c:5b:
1b:14:2f:63:b8:cb:29:41:a0:9d:50:e8:24:75:28:
40:6a:37:3f:4c:68:5a:40:f9:03:cb:35:12:fa:f8:
25:09:c3:eb:bc:67:b8:35:51:08:61:e7:b6:eb:77:
75:10:61:99:2b:33:28:19:35:7f:ea:ea:6e:2c:d8:
8b:8e:6c:2b:77:7b:74:65:87:4f:31:8d:37:cc:9c:
d1:b0:14:04:02:40:7e:e1:8d:ed:df:95:d4:3e:8a:
cc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:29:A3:20:AE:97:E9:2B:A4:ED:6C:52:A6:8F:1D:D5:A1:F9:DC:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9d:c7:84:29:c7:b2:28:c6:2b:4b:cb:af:de:cd:2e:be:ef:71:
a1:b5:e0:63:bf:87:cd:f2:d6:5e:e7:5f:fb:d6:33:13:a0:9e:
07:b5:79:53:a8:0f:ee:2b:06:65:db:29:13:04:c0:2b:42:b1:
45:0f:f0:f7:ca:dc:ad:16:53:9e:05:78:64:82:7c:b4:2e:e1:
8b:e3:d0:3a:2e:cd:2d:69:85:0b:ed:b6:a4:2f:5b:30:b8:e5:
9f:52:05:cf:2a:be:0d:b4:cf:dd:79:76:ff:ec:0a:03:84:25:
07:cb:03:2a:36:98:b1:84:9d:50:ba:df:da:bd:5f:fd:2f:b6:
da:27:73:19:1d:2d:cc:26:43:4e:a8:26:87:da:52:85:02:78:
11:35:59:0b:9c:83:ac:04:71:e3:0d:30:0c:f5:32:ba:4b:5c:
42:83:38:ef:6b:19:6e:e7:c0:83:a5:25:eb:a6:9c:31:c2:c5:
d0:9b:b4:07:80:f7:dd:e6:e7:4f:a6:0f:8c:c4:b4:45:78:56:
d1:5e:44:ba:e1:0c:36:d4:eb:3c:71:f9:60:b4:e0:c7:e7:ba:
f3:af:0d:08:57:34:f0:95:a0:c4:16:7b:a8:b2:4a:14:26:73:
ed:07:59:f5:4f:ef:71:f4:db:b3:f2:87:fa:72:3b:30:d8:89:
17:0f:de:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHNxn+uoifo91Yc5yeraavoGQt9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNTg2NDExM2RkNjE4NDkwYWVlMzZkMDQzNmE5N2I3MWU0OGJjZTAyMmUw
NDU1MTcxZWVhZTE5MjE3MTVkOWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIvrjhkwdSnQvUbYHfxgPjKuzrBfpOlu3t09QpONpiMiVn6WjI6wXAVSIK6/
2X4X8O5bxvGb5tiiX6/e1LcfmqTffdHvWefLefnZ1tvQ0nJvJLNP6kwwy31ho2t4
xbJHmE3w2cYaxkKutdkur6jvxKixgXnSW3DT5upvJq6ozyCb00eccEOuhQgnboDj
21a/u47GD26MowTodvA9YUd9R2uwbIxbGxQvY7jLKUGgnVDoJHUoQGo3P0xoWkD5
A8s1Evr4JQnD67xnuDVRCGHntut3dRBhmSszKBk1f+rqbizYi45sK3d7dGWHTzGN
N8yc0bAUBAJAfuGN7d+V1D6KzJkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTnKaMg
rpfpK6TtbFKmjx3VofncXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQCdx4Qpx7IoxitLy6/ezS6+73GhteBjv4fN8tZe51/7
1jMToJ4HtXlTqA/uKwZl2ykTBMArQrFFD/D3ytytFlOeBXhkgny0LuGL49A6Ls0t
aYUL7bakL1swuOWfUgXPKr4NtM/deXb/7AoDhCUHywMqNpixhJ1Qut/avV/9L7ba
J3MZHS3MJkNOqCaH2lKFAngRNVkLnIOsBHHjDTAM9TK6S1xCgzjvaxlu58CDpSXr
ppwxwsXQm7QHgPfd5udPpg+MxLRFeFbRXkS64Qw21Os8cflgtODH57rzrw0IVzTw
laDEFnuoskoUJnPtB1n1T+9x9Nuz8of6cjsw2IkXD94U
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:17:21 2025 by rpki-client