Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: y7NgMgxG54bSQlfBw4pOwmK7ZtKq7deAXXOlpaFaIcA=
Subject key identifier: E1:09:FD:91:02:9E:F1:D1:CC:14:5E:84:23:D9:2B:20:74:69:5F:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 09CA1511AE82051B6467DE2222C625E1C34A7138
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Mon 16 Jun 2025 22:00:40 +0000
ROA not before: Mon 16 Jun 2025 22:00:40 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:ca:15:11:ae:82:05:1b:64:67:de:22:22:c6:25:e1:c3:4a:71:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:40 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=8420d0b15d77ccc550ba507c2b3c11e82a3a9e096b216fb562d7859163097b9e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:e6:d6:b9:f8:a5:68:3f:82:4e:77:13:99:e2:
1d:75:06:f1:3a:cd:9e:63:a5:63:a6:b1:03:63:56:
73:ed:09:24:c9:04:be:dc:01:73:9e:74:36:6a:93:
f9:e7:5c:6a:da:10:63:ed:d7:56:2d:c1:e7:b9:93:
ef:e4:fd:17:df:00:ef:3d:85:1d:ff:39:87:5b:3e:
6a:4c:cb:57:96:fa:51:eb:38:77:b6:f0:f9:a9:c9:
3c:59:d6:a0:a8:e0:0a:19:5c:9e:e5:4b:c5:59:75:
bf:2f:58:02:8f:21:9a:87:ca:b8:9c:9f:59:57:6c:
d6:30:2d:ea:f2:e2:ff:f6:c4:ec:74:8d:4c:88:8b:
06:92:3a:a3:e7:24:20:13:cf:59:d2:4e:3f:aa:49:
e9:d8:31:19:93:c7:99:64:88:74:f7:ea:d7:29:be:
5e:7e:a0:d5:88:18:92:52:9c:19:7f:35:d0:a6:6c:
2d:9c:69:0f:41:01:08:88:56:62:92:9e:2b:27:04:
b4:a5:0e:3d:f9:f8:fc:73:77:5c:24:5b:09:bd:52:
4b:ad:ee:38:12:42:d7:0d:d2:3a:a5:cf:76:32:3c:
e3:0d:cf:3e:5c:6c:2d:ee:df:59:70:50:ed:cb:14:
95:d8:08:08:95:33:fb:03:f5:53:78:78:d4:2b:c9:
a2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:09:FD:91:02:9E:F1:D1:CC:14:5E:84:23:D9:2B:20:74:69:5F:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:99:88:38:cb:d2:9f:0b:70:9a:1e:9f:b6:98:33:da:cb:93:
da:cf:23:a4:2b:c0:50:d6:b8:8d:a7:b0:78:76:85:82:3d:5c:
4a:fa:31:2c:7f:c0:56:54:0d:57:a0:43:ca:1f:18:52:0c:38:
91:9d:2e:5e:6d:ba:4b:2d:59:fe:ba:0f:91:e9:ae:ee:62:68:
96:e1:9c:30:6c:37:38:8c:8b:1e:58:07:f9:c3:51:23:8d:84:
7c:6d:af:20:74:8c:60:06:29:cb:e2:80:23:43:e2:75:12:45:
5c:a2:34:ad:17:5a:4c:09:a0:c6:24:83:3d:f2:60:76:73:13:
4a:36:b0:89:5f:09:4d:75:f1:ac:3b:a6:45:ce:4f:e6:27:cf:
db:23:62:d6:b3:ec:17:f4:7a:1a:38:13:65:ee:b0:20:d2:6c:
45:9b:00:77:53:bc:30:8d:c6:cc:cd:7f:f8:2a:80:4a:ff:b5:
1b:b5:12:53:55:fc:d1:73:15:14:8f:e5:80:35:a4:10:4b:46:
26:b5:db:2e:80:f4:5c:8b:2a:fc:3c:53:9b:9b:fc:5e:a4:28:
20:29:fa:73:84:c8:a4:ab:24:ba:5d:fb:1f:2f:c2:68:74:9e:
9f:c8:f3:53:b6:fd:da:06:71:3e:df:e3:b4:88:21:05:be:71:
39:c3:46:b7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCcoVEa6CBRtkZ94iIsYl4cNKcTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwNDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0MjBkMGIxNWQ3N2NjYzU1MGJhNTA3YzJiM2MxMWU4MmEzYTllMDk2YjIx
NmZiNTYyZDc4NTkxNjMwOTdiOWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPvm1rn4pWg/gk53E5niHXUG8TrNnmOlY6axA2NWc+0JJMkEvtwBc550NmqT
+edcatoQY+3XVi3B57mT7+T9F98A7z2FHf85h1s+akzLV5b6Ues4d7bw+anJPFnW
oKjgChlcnuVLxVl1vy9YAo8hmofKuJyfWVds1jAt6vLi//bE7HSNTIiLBpI6o+ck
IBPPWdJOP6pJ6dgxGZPHmWSIdPfq1ym+Xn6g1YgYklKcGX810KZsLZxpD0EBCIhW
YpKeKycEtKUOPfn4/HN3XCRbCb1SS63uOBJC1w3SOqXPdjI84w3PPlxsLe7fWXBQ
7csUldgICJUz+wP1U3h41CvJoqUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThCf2R
Ap7x0cwUXoQj2SsgdGlfdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQB/mYg4y9KfC3CaHp+2mDPay5PazyOkK8BQ1riNp7B4
doWCPVxK+jEsf8BWVA1XoEPKHxhSDDiRnS5ebbpLLVn+ug+R6a7uYmiW4ZwwbDc4
jIseWAf5w1EjjYR8ba8gdIxgBinL4oAjQ+J1EkVcojStF1pMCaDGJIM98mB2cxNK
NrCJXwlNdfGsO6ZFzk/mJ8/bI2LWs+wX9HoaOBNl7rAg0mxFmwB3U7wwjcbMzX/4
KoBK/7UbtRJTVfzRcxUUj+WANaQQS0YmtdsugPRciyr8PFObm/xepCggKfpzhMik
qyS6XfsfL8JodJ6fyPNTtv3aBnE+3+O0iCEFvnE5w0a3
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:43:10 2025 by rpki-client