Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json)
Hash identifier: Li8cfncwFpc0jIfZMQ9Cn5bo0AqRs+LbFXzsHjs/vgk=
Subject key identifier: C4:43:19:B7:29:34:48:C0:C4:EB:89:A8:11:BC:B9:1A:48:6A:D6:79
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B8942355B1D74F21FC51C16BB65FC3FAAD70AB4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
Signing time: Mon 16 Jun 2025 22:00:17 +0000
ROA not before: Mon 16 Jun 2025 22:00:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:89:42:35:5b:1d:74:f2:1f:c5:1c:16:bb:65:fc:3f:aa:d7:0a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8bd02c287b8c05926ce58eec2fe883502b58b3bf85a0414c173ce07b0e9c4a8b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:11:2a:76:2b:17:c7:8c:65:a0:24:d0:48:f4:
7b:a3:9c:b1:74:a1:96:40:a5:36:49:de:ca:dd:c5:
ed:58:ea:4c:0f:73:9f:63:8e:e3:a2:f2:9b:13:1d:
a8:1e:ae:5c:e3:bc:fc:38:14:09:09:77:a6:60:e5:
df:47:eb:3c:b2:11:dd:86:a3:89:1d:98:80:7a:f5:
95:57:35:77:a3:1f:3d:b8:57:53:dc:f1:57:4d:3a:
b3:e3:bd:3c:07:64:21:dd:9a:95:6a:aa:f7:85:19:
a4:bb:83:2a:58:98:c9:18:9d:31:db:71:2e:03:4c:
8e:21:98:0a:cd:47:60:35:19:81:a7:4f:c4:3e:6d:
6c:46:b7:f9:7e:e1:df:bc:c7:8b:4d:91:18:48:6f:
28:ea:e6:3e:2b:58:df:98:f4:b2:79:48:a0:37:4e:
94:9b:0e:04:1b:a2:83:fb:8a:44:17:3f:e4:6c:73:
13:4f:38:56:5c:37:45:6f:5c:6b:15:a0:08:58:cf:
7e:a6:d9:c9:32:12:b7:24:94:8d:7c:a6:ee:bc:95:
56:bc:93:37:6f:b2:27:fd:ca:30:e1:ee:a4:37:51:
83:e2:25:e7:1f:b6:61:04:48:23:3c:34:41:1b:63:
30:41:b3:24:2f:bb:71:c8:b6:18:42:8e:12:39:bc:
79:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:43:19:B7:29:34:48:C0:C4:EB:89:A8:11:BC:B9:1A:48:6A:D6:79
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
49:26:38:0d:95:fc:24:da:c7:cb:d8:aa:dd:cc:da:67:2d:39:
9e:a5:af:0f:09:82:38:ac:55:d4:8e:c6:72:fd:8e:14:64:2f:
16:43:65:ae:7a:16:6c:e3:8d:83:68:ec:fc:0e:33:42:e8:16:
f2:b7:b6:35:cd:c4:1f:a7:bd:4a:11:96:e9:15:8f:f7:dc:2a:
1e:10:48:14:ad:e9:0f:a1:77:b4:77:b1:93:66:58:3a:a7:b9:
fb:a6:01:fc:47:01:6d:02:44:17:04:57:f6:dd:93:e0:49:3c:
81:ca:fb:0b:0c:07:e1:fb:10:9b:2f:06:30:91:45:d1:48:98:
76:8d:70:07:78:00:6e:d9:33:65:6b:47:df:63:04:e6:d7:59:
64:c5:87:dc:16:4e:c7:e1:3f:75:57:43:8b:1d:fa:fe:cc:0b:
d9:36:42:90:9c:b0:8e:2c:4e:d9:ac:48:de:e4:1a:66:76:0d:
9d:da:12:cf:11:9e:44:30:ac:12:76:07:f5:7f:94:7b:b5:63:
b5:d9:56:20:bd:a7:c4:1d:76:da:e4:99:bf:0d:72:76:45:34:
c7:e8:77:1d:b0:73:76:1a:c2:70:8f:2c:83:6d:ff:3f:ef:fc:
3e:bd:ba:f2:18:e5:c7:c5:c9:76:94:05:64:c4:06:9b:82:2a:
ed:49:21:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa4lCNVsddPIfxRwWu2X8P6rXCrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiZDAyYzI4N2I4YzA1OTI2Y2U1OGVlYzJmZTg4MzUwMmI1OGIzYmY4NWEw
NDE0YzE3M2NlMDdiMGU5YzRhOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoRKnYrF8eMZaAk0Ej0e6OcsXShlkClNkneyt3F7VjqTA9zn2OO46LymxMd
qB6uXOO8/DgUCQl3pmDl30frPLIR3YajiR2YgHr1lVc1d6MfPbhXU9zxV006s+O9
PAdkId2alWqq94UZpLuDKliYyRidMdtxLgNMjiGYCs1HYDUZgadPxD5tbEa3+X7h
37zHi02RGEhvKOrmPitY35j0snlIoDdOlJsOBBuig/uKRBc/5GxzE084Vlw3RW9c
axWgCFjPfqbZyTIStySUjXym7ryVVryTN2+yJ/3KMOHupDdRg+Il5x+2YQRIIzw0
QRtjMEGzJC+7cci2GEKOEjm8eUMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTEQxm3
KTRIwMTriagRvLkaSGrWeTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBJJjgNlfwk2sfL2KrdzNpnLTmepa8PCYI4rFXUjsZy
/Y4UZC8WQ2WuehZs442DaOz8DjNC6Bbyt7Y1zcQfp71KEZbpFY/33CoeEEgUrekP
oXe0d7GTZlg6p7n7pgH8RwFtAkQXBFf23ZPgSTyByvsLDAfh+xCbLwYwkUXRSJh2
jXAHeABu2TNla0ffYwTm11lkxYfcFk7H4T91V0OLHfr+zAvZNkKQnLCOLE7ZrEje
5Bpmdg2d2hLPEZ5EMKwSdgf1f5R7tWO12VYgvafEHXba5Jm/DXJ2RTTH6HcdsHN2
GsJwjyyDbf8/7/w+vbryGOXHxcl2lAVkxAabgirtSSEn
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:33:59 2025 by rpki-client