Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
File: 9adb83e6-fa36-47fa-b5be-856fd7247898.roa (raw, json)
Hash identifier: uMYU795JvpbTLWQp1LEWBhlFf44oScmZb+7bVEwNGzA=
Subject key identifier: 6D:FE:63:D6:6B:7C:FA:CD:8C:2F:88:7E:8C:2E:21:A1:87:EC:EE:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B6FA9510636AF51ADECBB9B9A1EB6EC3C86D1F7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
Signing time: Tue 17 Jun 2025 00:51:09 +0000
ROA not before: Tue 17 Jun 2025 00:51:09 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:6f:a9:51:06:36:af:51:ad:ec:bb:9b:9a:1e:b6:ec:3c:86:d1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:09 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=d1b27cd11c350f6d0b49aca18b4857fc1a774f4235bbdb29b51bdd144d66be5e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:74:28:11:7f:d0:a3:a3:5f:75:f3:d4:5e:1e:
68:ac:a7:6f:77:23:f5:c2:22:79:c3:db:fa:e2:03:
d1:4f:45:5b:69:4b:fd:ff:41:30:d8:79:01:6e:d4:
d5:46:60:7d:85:2e:59:98:ec:9e:7a:f8:b7:77:0d:
d4:53:c4:f5:1b:a1:ef:41:73:ec:e0:90:72:bf:82:
cc:b1:0c:99:d6:7b:27:9b:7c:f9:b3:ac:4d:ce:f5:
d1:c0:88:72:09:7b:7d:da:d2:31:4b:45:23:14:10:
1f:9e:7b:23:3c:8c:7b:c1:3d:4c:ae:0c:e9:df:96:
26:7d:af:db:65:9a:25:56:27:52:49:21:c5:e3:3b:
24:f1:8c:53:ab:06:c6:ae:fc:af:79:38:93:aa:c0:
d4:2c:3f:5d:ac:54:26:b5:6d:a5:ec:c6:07:bf:80:
8d:fc:7b:b2:ab:dd:35:74:e6:ae:c2:65:48:30:69:
b0:ef:d4:e4:d5:6a:3e:76:35:b8:57:1a:4f:cd:5b:
32:48:62:b6:1b:36:99:3c:c2:66:08:7c:e0:12:fe:
ce:dc:85:30:8b:e7:80:7d:06:e4:c5:89:ce:c2:9b:
6b:63:39:e1:6a:41:68:c4:7b:c3:f3:59:a8:45:37:
cb:72:76:67:25:cc:a1:23:d8:da:0f:93:54:6c:f2:
e8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FE:63:D6:6B:7C:FA:CD:8C:2F:88:7E:8C:2E:21:A1:87:EC:EE:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.104.0/23
Signature Algorithm: sha256WithRSAEncryption
86:4e:cd:78:de:3d:c9:42:dc:de:a1:0e:14:51:bd:4f:82:ff:
83:39:41:63:47:ef:50:b3:71:3e:d7:39:ea:11:ac:c7:f1:e6:
54:a2:89:f3:19:aa:68:73:77:4d:5d:b6:35:e9:7a:81:b6:71:
8e:c7:9e:84:ba:aa:cc:4a:18:45:7f:c3:88:72:af:62:b3:9a:
76:b9:ff:e7:1d:4f:0c:47:df:eb:1e:a5:34:43:3d:81:d0:92:
f8:82:4c:dd:4d:d4:fb:56:66:c3:cd:35:85:63:e6:67:04:d9:
96:f4:c8:fd:72:18:11:70:fb:ef:c6:c2:d5:7c:1c:f1:4e:de:
3d:61:b9:f6:4a:83:15:16:9b:7c:51:f6:72:b3:4d:05:a9:e4:
60:94:3a:9b:ae:27:71:9f:95:95:2a:4b:95:bc:b1:65:5c:0a:
2b:3c:5e:c1:01:b4:7b:cb:e4:c5:22:87:50:61:84:45:9f:e0:
e9:ef:54:d3:e9:25:84:95:d6:35:7e:e5:a5:a0:e7:96:d6:09:
58:e0:a9:12:58:50:62:4f:36:04:b6:88:dc:f1:c4:83:58:8c:
f7:1e:e5:8e:2d:df:d5:6f:4e:9a:58:2b:32:0b:8b:ae:7b:7c:
37:dc:64:ba:32:b2:fa:c6:0b:b7:c0:27:14:78:0e:7e:bb:69:
b7:86:8f:cb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC2+pUQY2r1Gt7Lubmh627DyG0fcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDlaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxYjI3Y2QxMWMzNTBmNmQwYjQ5YWNhMThiNDg1N2ZjMWE3NzRmNDIzNWJi
ZGIyOWI1MWJkZDE0NGQ2NmJlNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV0KBF/0KOjX3Xz1F4eaKynb3cj9cIiecPb+uID0U9FW2lL/f9BMNh5AW7U
1UZgfYUuWZjsnnr4t3cN1FPE9Ruh70Fz7OCQcr+CzLEMmdZ7J5t8+bOsTc710cCI
cgl7fdrSMUtFIxQQH557IzyMe8E9TK4M6d+WJn2v22WaJVYnUkkhxeM7JPGMU6sG
xq78r3k4k6rA1Cw/XaxUJrVtpezGB7+Ajfx7sqvdNXTmrsJlSDBpsO/U5NVqPnY1
uFcaT81bMkhiths2mTzCZgh84BL+ztyFMIvngH0G5MWJzsKba2M54WpBaMR7w/NZ
qEU3y3J2ZyXMoSPY2g+TVGzy6KMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRt/mPW
a3z6zYwviH6MLiGhh+zuOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWFkYjgzZTYtZmEzNi00N2ZhLWI1YmUtODU2ZmQ3MjQ3ODk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQaDAN
BgkqhkiG9w0BAQsFAAOCAQEAhk7NeN49yULc3qEOFFG9T4L/gzlBY0fvULNxPtc5
6hGsx/HmVKKJ8xmqaHN3TV22Nel6gbZxjseehLqqzEoYRX/DiHKvYrOadrn/5x1P
DEff6x6lNEM9gdCS+IJM3U3U+1Zmw801hWPmZwTZlvTI/XIYEXD778bC1Xwc8U7e
PWG59kqDFRabfFH2crNNBankYJQ6m64ncZ+VlSpLlbyxZVwKKzxewQG0e8vkxSKH
UGGERZ/g6e9U0+klhJXWNX7lpaDnltYJWOCpElhQYk82BLaI3PHEg1iM9x7lji3f
1W9OmlgrMguLrnt8N9xkujKy+sYLt8AnFHgOfrtpt4aPyw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:10:11 2025 by rpki-client