Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: DiBFg/pUkmHMpx8dYm1pCb2z7SQVdnYmtuPXs2gOnJs=
Subject key identifier: 0C:15:4A:5B:0E:19:35:4B:50:54:9A:F9:30:AD:1B:15:C8:7D:AF:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 244D66406AF2FD8C364842B0B4E471CEE38DCBEB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Wed 25 Jun 2025 00:50:30 +0000
ROA not before: Wed 25 Jun 2025 00:50:30 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:4d:66:40:6a:f2:fd:8c:36:48:42:b0:b4:e4:71:ce:e3:8d:cb:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:30 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=a762ef8edbb10f0713d66fbfb0ea79abacbb8b5956df79d075d38cedc4a651d2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:94:97:00:18:71:f1:7f:61:7d:d0:20:73:
e4:21:cf:b8:c7:da:f1:06:1a:39:93:2b:36:7a:94:
07:7c:60:dd:17:6f:3f:b7:cc:31:fa:cc:2c:49:3b:
28:67:a6:08:82:af:6f:cb:f8:a1:45:b1:1d:46:31:
17:62:b6:42:35:28:57:cd:e1:b2:84:e7:ca:37:82:
09:66:5a:4b:35:14:ad:a8:72:23:38:54:45:97:4a:
ba:b1:73:3d:10:1a:39:4e:46:e4:6c:35:10:97:34:
88:c1:c8:ce:a8:92:4c:2e:c2:5b:05:f5:d7:f1:3f:
eb:6e:59:f5:d2:ea:60:82:a8:3d:83:4c:2a:13:ba:
b5:72:a8:ac:a2:71:dd:18:9a:03:56:29:d1:75:7f:
f7:88:f7:a2:0c:34:6f:82:1a:a4:3d:60:d6:32:87:
f7:c9:19:ba:26:31:35:a2:cc:fd:5e:d5:c0:79:bf:
97:29:85:cc:2c:a3:7b:8f:77:8c:0d:fa:71:f7:9e:
2e:37:66:39:40:9f:ee:74:8d:c0:6f:24:ba:45:14:
7a:e9:a2:4e:da:8a:42:4f:8b:f3:ec:36:5f:15:0f:
dd:73:d9:15:0a:32:4a:11:ae:e4:a6:b4:c1:e2:b1:
97:d7:42:f9:7e:3c:5b:b5:c4:7e:95:97:bd:41:fc:
7b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:15:4A:5B:0E:19:35:4B:50:54:9A:F9:30:AD:1B:15:C8:7D:AF:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:ce:5b:b7:4f:88:f8:28:87:0d:35:61:c9:ca:05:6a:c2:f4:
9f:63:7e:aa:61:00:34:90:cd:4a:cc:94:06:ab:4b:35:cc:f4:
f6:c0:2a:4a:10:14:8b:62:1b:c6:59:7a:43:d3:e5:ab:98:2e:
c7:91:4e:bc:44:7d:f6:20:33:d2:19:2f:81:ac:a8:2d:90:3c:
15:fd:ee:1b:68:2a:ff:55:b9:ab:71:61:9d:5c:a5:28:d0:55:
09:4e:05:29:df:42:d1:cf:b4:29:7f:93:cc:f3:ce:46:3b:a8:
f7:2d:ab:1a:1d:2a:8d:f3:ee:72:bc:63:37:e8:0e:a0:20:e8:
d3:46:2f:ae:68:ca:2e:92:77:04:ad:75:b3:cc:a3:6a:74:ba:
49:af:72:f2:bb:d7:d8:65:f2:a6:e1:ce:ce:eb:fe:d7:38:7d:
08:10:66:3f:38:76:52:ff:26:28:da:8f:da:c2:0d:7f:a2:3d:
2b:a3:be:01:c3:d0:74:6e:aa:48:a9:df:4f:49:05:77:a7:1b:
b7:21:35:09:9d:ad:81:23:74:30:4e:67:50:df:f9:c1:0a:1a:
72:a5:09:a7:90:24:a9:aa:ad:b5:98:0a:98:ab:e3:31:04:c8:
dc:b0:78:b6:6e:2b:ce:96:c8:32:c2:63:59:21:e2:51:e2:0c:
29:14:72:f3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJE1mQGry/Yw2SEKwtORxzuONy+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMzBaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NjJlZjhlZGJiMTBmMDcxM2Q2NmZiZmIwZWE3OWFiYWNiYjhiNTk1NmRm
NzlkMDc1ZDM4Y2VkYzRhNjUxZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANiZlJcAGHHxf2F90CBz5CHPuMfa8QYaOZMrNnqUB3xg3RdvP7fMMfrMLEk7
KGemCIKvb8v4oUWxHUYxF2K2QjUoV83hsoTnyjeCCWZaSzUUrahyIzhURZdKurFz
PRAaOU5G5Gw1EJc0iMHIzqiSTC7CWwX11/E/625Z9dLqYIKoPYNMKhO6tXKorKJx
3RiaA1Yp0XV/94j3ogw0b4IapD1g1jKH98kZuiYxNaLM/V7VwHm/lymFzCyje493
jA36cfeeLjdmOUCf7nSNwG8kukUUeumiTtqKQk+L8+w2XxUP3XPZFQoyShGu5Ka0
weKxl9dC+X48W7XEfpWXvUH8e1cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQMFUpb
Dhk1S1BUmvkwrRsVyH2vQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQA2zlu3T4j4KIcNNWHJygVqwvSfY36qYQA0kM1KzJQG
q0s1zPT2wCpKEBSLYhvGWXpD0+WrmC7HkU68RH32IDPSGS+BrKgtkDwV/e4baCr/
VbmrcWGdXKUo0FUJTgUp30LRz7Qpf5PM885GO6j3LasaHSqN8+5yvGM36A6gIOjT
Ri+uaMoukncErXWzzKNqdLpJr3Lyu9fYZfKm4c7O6/7XOH0IEGY/OHZS/yYo2o/a
wg1/oj0ro74Bw9B0bqpIqd9PSQV3pxu3ITUJna2BI3QwTmdQ3/nBChpypQmnkCSp
qq21mAqYq+MxBMjcsHi2bivOlsgywmNZIeJR4gwpFHLz
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:44:05 2025 by rpki-client