Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: RjBclUtJWAOtQ4AU+BdjNm5jw+nIXZwZP6+JSzky/kY=
Subject key identifier: 07:71:69:4F:39:AB:A3:20:A9:E1:2D:A8:18:C7:97:F9:23:F4:C8:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1AA023D558EB21949AEA32D75C780C290004D1E1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Mon 16 Jun 2025 22:00:39 +0000
ROA not before: Mon 16 Jun 2025 22:00:39 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:a0:23:d5:58:eb:21:94:9a:ea:32:d7:5c:78:0c:29:00:04:d1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:39 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d5af738eed76ac42a25bdec84920e446be7baeebe4ddb1ed9cb4a3a4e9b76fd9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4b:63:03:dc:04:09:df:92:c9:6e:1b:be:94:
46:c5:c5:6c:3e:11:02:30:7f:ad:97:2d:30:ae:76:
f4:77:49:0d:85:30:07:4c:2e:b5:6a:8f:f2:8f:61:
11:90:bf:4f:aa:94:67:d4:a1:8f:04:77:63:20:31:
89:a1:a6:4d:97:8d:a3:c4:15:8e:00:58:58:88:a5:
8e:65:d0:b6:ed:d8:72:d3:f6:be:c3:96:fe:5d:30:
80:6f:d0:dd:1f:db:83:cc:5c:07:e0:27:3b:00:7d:
98:66:aa:24:dd:ed:fc:50:87:c4:aa:c9:91:bd:20:
a2:66:72:e7:53:5a:ab:65:4c:de:92:5a:e5:c6:07:
d0:1b:b7:84:2d:1c:df:73:c0:6b:e3:03:12:cb:60:
b6:17:27:52:df:46:05:4d:13:43:d4:27:e7:ab:ac:
86:60:12:fd:a4:12:38:0c:f6:69:3a:f3:61:33:b9:
0d:06:17:5f:d9:f4:59:de:73:b0:57:57:c0:b1:b2:
4c:8a:bb:d9:95:e8:ad:d7:9a:89:a4:4c:93:05:1c:
4a:b7:47:ff:24:af:7b:f9:2e:42:5c:3a:8b:ad:54:
bf:d6:ca:20:a7:6a:88:e6:8c:aa:bc:89:21:43:c3:
f2:d2:ce:37:eb:8b:28:f4:56:d3:b6:6b:cc:70:fc:
60:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:71:69:4F:39:AB:A3:20:A9:E1:2D:A8:18:C7:97:F9:23:F4:C8:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:40:f4:be:04:d2:27:8e:09:23:f2:9c:fe:fa:53:fe:c5:9c:
c3:35:1f:24:53:0d:cd:e7:b2:6d:13:ce:e5:62:82:b9:e9:00:
ed:b7:76:38:de:48:f1:d9:d4:d3:40:bb:19:1a:a9:ad:67:46:
e0:32:3e:fb:2e:40:7d:72:75:c0:72:25:7f:34:9c:fb:69:a2:
f0:74:e5:47:1c:24:59:27:20:a0:ef:5d:d2:0a:61:19:1e:2d:
6f:fe:ca:fe:72:97:a3:58:18:10:9d:9c:21:27:4b:1e:8c:77:
86:88:4d:95:1c:c1:69:6a:a7:c0:4d:a0:67:99:57:c9:0e:3e:
fa:f1:95:38:d4:3f:da:06:40:42:ac:d3:2c:46:ea:06:41:5a:
0b:0f:e5:bf:9e:d4:f3:ca:60:15:22:5f:e1:99:38:24:89:4a:
9f:6d:41:ba:83:b4:65:ab:4c:76:e4:d8:99:cb:47:db:8d:8c:
f9:84:84:5d:6c:21:af:e5:00:45:59:bc:42:82:04:d1:5a:65:
00:18:80:69:44:27:a5:39:7e:83:41:a0:73:a0:14:df:c2:51:
01:b0:5e:90:12:db:24:71:5c:b0:f1:d7:0a:0a:18:38:ee:4e:
48:2d:8a:d5:31:ad:d6:9d:24:f5:fa:02:d9:75:8a:b2:3d:67:
f9:46:0c:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGqAj1VjrIZSa6jLXXHgMKQAE0eEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMzlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1YWY3MzhlZWQ3NmFjNDJhMjViZGVjODQ5MjBlNDQ2YmU3YmFlZWJlNGRk
YjFlZDljYjRhM2E0ZTliNzZmZDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpLYwPcBAnfksluG76URsXFbD4RAjB/rZctMK529HdJDYUwB0wutWqP8o9h
EZC/T6qUZ9ShjwR3YyAxiaGmTZeNo8QVjgBYWIiljmXQtu3YctP2vsOW/l0wgG/Q
3R/bg8xcB+AnOwB9mGaqJN3t/FCHxKrJkb0gomZy51Naq2VM3pJa5cYH0Bu3hC0c
33PAa+MDEstgthcnUt9GBU0TQ9Qn56ushmAS/aQSOAz2aTrzYTO5DQYXX9n0Wd5z
sFdXwLGyTIq72ZXordeaiaRMkwUcSrdH/ySve/kuQlw6i61Uv9bKIKdqiOaMqryJ
IUPD8tLON+uLKPRW07ZrzHD8YJsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQHcWlP
OaujIKnhLagYx5f5I/TIRjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQC9QPS+BNInjgkj8pz++lP+xZzDNR8kUw3N57JtE87l
YoK56QDtt3Y43kjx2dTTQLsZGqmtZ0bgMj77LkB9cnXAciV/NJz7aaLwdOVHHCRZ
JyCg713SCmEZHi1v/sr+cpejWBgQnZwhJ0sejHeGiE2VHMFpaqfATaBnmVfJDj76
8ZU41D/aBkBCrNMsRuoGQVoLD+W/ntTzymAVIl/hmTgkiUqfbUG6g7Rlq0x25NiZ
y0fbjYz5hIRdbCGv5QBFWbxCggTRWmUAGIBpRCelOX6DQaBzoBTfwlEBsF6QEtsk
cVyw8dcKChg47k5ILYrVMa3WnST1+gLZdYqyPWf5RgyE
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:13:16 2025 by rpki-client