Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
File: 9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa (raw, json)
Hash identifier: lZHjZLm2IVgFSRPGKtafHMM3X+FGId3LlkAeyAh7qLU=
Subject key identifier: 70:0C:23:AA:34:AD:5C:9B:B7:A9:20:19:6E:2E:B9:33:3B:E9:52:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F300E1BCC03FC19853DDBFBC4EC67E1B5912E19
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
Signing time: Tue 17 Jun 2025 00:50:33 +0000
ROA not before: Tue 17 Jun 2025 00:50:33 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:30:0e:1b:cc:03:fc:19:85:3d:db:fb:c4:ec:67:e1:b5:91:2e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:33 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=812d996bdee6a023bef9ae11e120f7f5a3b9668f1d6b10b29d1c78e98735c961, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:e2:6b:ab:d3:b0:98:e1:5a:ab:45:1b:c6:
0b:e1:90:bf:f8:ac:b9:a0:12:a3:ce:f7:3b:5d:20:
ae:73:86:9c:97:f5:7b:fc:92:d8:d3:a1:2d:bf:ff:
b1:1b:9b:61:94:11:14:75:75:97:bb:32:78:a5:b2:
84:2a:80:e2:e2:da:f1:f9:6e:b3:70:7c:08:65:aa:
46:38:3b:e9:e4:a8:53:f3:1b:69:f2:78:89:7a:d6:
ee:47:2c:b3:32:b1:26:1a:57:5f:c3:3a:42:31:91:
5a:a2:e1:bf:38:45:40:ae:ec:00:ba:6d:0f:9c:f5:
d1:fe:37:a1:a2:56:1c:37:e0:14:18:25:2a:56:0b:
84:9b:b2:5c:1d:14:b0:5f:be:55:b3:e1:da:db:4c:
b8:c3:37:00:43:e5:1b:67:78:4a:40:e9:d2:a6:ad:
ad:33:a7:e7:f1:07:71:27:54:67:f4:ae:94:ae:2a:
b8:06:94:97:f5:76:f4:91:64:20:49:f1:7a:44:66:
ae:a6:da:5a:78:dc:6c:c9:0f:24:28:7d:a0:24:e7:
a5:3b:67:3a:b8:b4:57:c3:b3:1c:40:99:dc:00:71:
1f:7a:bb:b4:a2:f2:43:3c:78:a6:3c:69:f4:73:57:
0e:bc:a8:a1:86:44:77:db:db:55:c0:32:89:68:ae:
41:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:0C:23:AA:34:AD:5C:9B:B7:A9:20:19:6E:2E:B9:33:3B:E9:52:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
8d:a4:e2:08:15:5d:6e:1b:88:b9:2b:d2:ba:c0:f0:35:92:06:
64:2b:44:99:80:b9:2e:a4:df:8d:c1:a6:eb:1d:f7:3c:b7:58:
7c:84:be:98:b8:f0:a7:cb:b0:4a:e0:b8:54:d3:bc:24:d9:e3:
2a:09:eb:1c:9f:4c:aa:ad:5a:2e:72:61:fc:64:cf:35:1c:c0:
de:42:8f:f2:15:83:ce:bc:5a:d7:ad:11:48:77:54:93:ce:62:
6f:65:03:72:7d:c9:dd:6e:7a:3b:da:34:4e:a2:54:55:b6:be:
02:96:a8:5d:0d:11:6c:75:8c:4e:bf:07:98:2f:bc:8c:20:1d:
b1:bf:29:5f:46:fb:3c:bb:53:51:bd:04:ac:71:ee:e0:b7:f5:
a0:ea:22:b3:38:69:f7:44:d0:7b:b4:7f:9d:65:d1:61:e7:9c:
65:9f:b7:c6:93:c8:7c:10:93:64:cf:d5:d6:54:6d:58:4a:e3:
75:42:71:0d:d2:96:a0:6f:2c:b4:70:55:c1:fd:8d:b3:d8:58:
7c:20:6e:a4:19:db:02:8b:c6:0e:d1:f6:75:24:bd:8f:8d:ad:
e9:77:7e:d1:35:bd:f3:dc:d8:ed:e2:95:48:ad:c7:ae:60:a8:
a2:42:5a:80:65:6c:96:6c:c4:bf:03:b4:a9:22:83:73:3a:81:
d3:df:8f:33
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULzAOG8wD/BmFPdv7xOxn4bWRLhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMmQ5OTZiZGVlNmEwMjNiZWY5YWUxMWUxMjBmN2Y1YTNiOTY2OGYxZDZi
MTBiMjlkMWM3OGU5ODczNWM5NjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1t4mur07CY4VqrRRvGC+GQv/isuaASo873O10grnOGnJf1e/yS2NOhLb//
sRubYZQRFHV1l7syeKWyhCqA4uLa8flus3B8CGWqRjg76eSoU/MbafJ4iXrW7kcs
szKxJhpXX8M6QjGRWqLhvzhFQK7sALptD5z10f43oaJWHDfgFBglKlYLhJuyXB0U
sF++VbPh2ttMuMM3AEPlG2d4SkDp0qatrTOn5/EHcSdUZ/SulK4quAaUl/V29JFk
IEnxekRmrqbaWnjcbMkPJCh9oCTnpTtnOri0V8OzHECZ3ABxH3q7tKLyQzx4pjxp
9HNXDryooYZEd9vbVcAyiWiuQUsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRwDCOq
NK1cm7epIBluLrkzO+lS6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWExZmEzOTEtNDM3Ny00NGJhLWE2YzctYzc4NWZjOWE3NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQCNpOIIFV1uG4i5K9K6wPA1kgZkK0SZgLkupN+Nwabr
Hfc8t1h8hL6YuPCny7BK4LhU07wk2eMqCescn0yqrVoucmH8ZM81HMDeQo/yFYPO
vFrXrRFId1STzmJvZQNyfcndbno72jROolRVtr4ClqhdDRFsdYxOvweYL7yMIB2x
vylfRvs8u1NRvQSsce7gt/Wg6iKzOGn3RNB7tH+dZdFh55xln7fGk8h8EJNkz9XW
VG1YSuN1QnEN0pagbyy0cFXB/Y2z2Fh8IG6kGdsCi8YO0fZ1JL2Pja3pd37RNb3z
3Njt4pVIrceuYKiiQlqAZWyWbMS/A7SpIoNzOoHT348z
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:07:09 2025 by rpki-client