Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
File: 94c2a36e-245b-439a-bf61-04132c5df5a4.roa (raw, json)
Hash identifier: LxKF2eqKz0b3qAf13DqRiw3wm0x9hg8CYcvZOCIvLIo=
Subject key identifier: 13:4C:39:D3:62:38:0F:50:E2:C9:9C:DD:47:43:7D:5B:12:84:6D:06
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32F62D2723F209FE438D8023BC78609B29E34F69
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
Signing time: Mon 16 Jun 2025 22:00:17 +0000
ROA not before: Mon 16 Jun 2025 22:00:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:f6:2d:27:23:f2:09:fe:43:8d:80:23:bc:78:60:9b:29:e3:4f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=5b9ea9d596cecf1801cb4d46be23ef949de67f67bc65f1185c281b39b00b5d34, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:55:4f:6c:10:ed:02:00:09:37:6e:88:24:74:
60:a4:df:1a:f1:35:d9:ba:2c:e3:9d:55:0b:9a:ab:
3c:33:30:9d:a3:9e:87:80:23:17:32:a3:11:55:62:
3f:40:18:13:dc:fe:f2:6b:6e:b9:77:6c:67:89:fc:
db:b9:a9:0d:b8:ab:e1:04:02:49:cd:84:90:a2:b8:
d2:15:64:cd:f9:bc:90:7a:81:84:3d:c3:15:f9:0b:
64:df:89:59:f3:a0:6c:36:73:df:53:e9:e6:c1:9e:
54:bb:79:12:e1:87:ee:e0:6d:3a:5b:56:f1:67:77:
5e:92:76:df:f7:45:bc:31:90:59:54:b1:00:88:a2:
df:ad:d5:76:e6:05:a9:5b:db:73:2a:79:99:98:af:
37:94:e0:dc:32:dd:86:4c:c9:ee:3e:96:03:6f:60:
04:3a:12:15:e2:6b:ff:ad:96:bf:3b:a3:d0:76:87:
2d:55:48:fb:1f:22:5c:b8:f1:f9:21:27:64:ad:b8:
0f:37:b5:8d:67:37:58:3b:ab:38:8f:3c:71:d8:94:
22:58:53:fe:d7:bd:ee:4e:5e:51:e6:a9:3f:e4:f0:
b5:c0:92:39:6f:26:70:16:d6:d5:7e:f1:bd:d5:48:
bb:3f:94:bd:a8:16:a6:2a:2d:81:20:cc:8d:2e:cb:
30:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:4C:39:D3:62:38:0F:50:E2:C9:9C:DD:47:43:7D:5B:12:84:6D:06
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:4a:7f:80:9f:ab:4f:fd:d0:51:6c:17:31:22:46:93:c2:b9:
7e:0d:ce:50:5a:af:95:6a:2f:ce:90:ed:55:16:da:83:d2:b9:
7f:3b:60:c0:ac:9a:27:81:46:e4:fd:5c:e4:5a:9e:38:77:fe:
a6:74:cd:5d:e3:8c:80:8d:b6:8d:4a:ec:92:b4:3e:d6:6d:3b:
92:49:42:f7:87:5a:ee:e6:6e:42:dd:42:55:4b:18:f6:cd:03:
71:82:6a:f0:52:cd:c0:f2:ec:16:e4:1a:60:9f:18:53:08:af:
53:ed:fb:4f:10:b4:f5:58:e9:1d:f3:12:17:85:fd:c7:4d:79:
4b:3b:01:dd:81:7b:ee:11:ca:26:d9:2b:4e:41:e3:3f:fb:36:
b5:f4:b7:d8:91:7c:22:a4:18:45:9d:bd:33:07:39:96:cb:cc:
99:65:1e:a1:cd:ac:34:8e:49:7b:79:30:44:6f:16:af:20:20:
47:c7:c2:58:db:21:37:55:77:42:ba:f9:ca:70:b6:fb:4f:ac:
61:2f:ac:34:ce:bd:89:44:c1:26:a5:28:6c:b3:6e:26:d1:64:
14:40:aa:f5:5f:f2:10:d5:79:25:be:42:e2:ec:e3:08:7b:85:
a8:42:36:5f:fb:7f:ff:ab:50:7c:2a:c0:1b:c9:6f:79:89:bf:
b5:47:72:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMvYtJyPyCf5DjYAjvHhgmynjT2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDViOWVhOWQ1OTZjZWNmMTgwMWNiNGQ0NmJlMjNlZjk0OWRlNjdmNjdiYzY1
ZjExODVjMjgxYjM5YjAwYjVkMzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlVT2wQ7QIACTduiCR0YKTfGvE12bos451VC5qrPDMwnaOeh4AjFzKjEVVi
P0AYE9z+8mtuuXdsZ4n827mpDbir4QQCSc2EkKK40hVkzfm8kHqBhD3DFfkLZN+J
WfOgbDZz31Pp5sGeVLt5EuGH7uBtOltW8Wd3XpJ23/dFvDGQWVSxAIii363VduYF
qVvbcyp5mZivN5Tg3DLdhkzJ7j6WA29gBDoSFeJr/62Wvzuj0HaHLVVI+x8iXLjx
+SEnZK24Dze1jWc3WDurOI88cdiUIlhT/te97k5eUeapP+TwtcCSOW8mcBbW1X7x
vdVIuz+UvagWpiotgSDMjS7LMMsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQTTDnT
YjgPUOLJnN1HQ31bEoRtBjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTRjMmEzNmUtMjQ1Yi00MzlhLWJmNjEtMDQxMzJjNWRmNWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G
CSqGSIb3DQEBCwUAA4IBAQBHSn+An6tP/dBRbBcxIkaTwrl+Dc5QWq+Vai/OkO1V
FtqD0rl/O2DArJongUbk/VzkWp44d/6mdM1d44yAjbaNSuyStD7WbTuSSUL3h1ru
5m5C3UJVSxj2zQNxgmrwUs3A8uwW5BpgnxhTCK9T7ftPELT1WOkd8xIXhf3HTXlL
OwHdgXvuEcom2StOQeM/+za19LfYkXwipBhFnb0zBzmWy8yZZR6hzaw0jkl7eTBE
bxavICBHx8JY2yE3VXdCuvnKcLb7T6xhL6w0zr2JRMEmpShss24m0WQUQKr1X/IQ
1XklvkLi7OMIe4WoQjZf+3//q1B8KsAbyW95ib+1R3KT
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:12:38 2025 by rpki-client