Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: +eVbYhBLuI+XBoEiekY5hZ/Z9/5xMSr0RK2qOTQON64=
Subject key identifier: 5D:0C:27:3A:65:1D:FE:4D:86:A2:27:DD:6F:A5:87:BF:F4:4B:C9:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4106ECCD88E363D9E4FDA4095FA7FE1FA2B235B9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Mon 16 Jun 2025 22:00:09 +0000
ROA not before: Mon 16 Jun 2025 22:00:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:06:ec:cd:88:e3:63:d9:e4:fd:a4:09:5f:a7:fe:1f:a2:b2:35:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=94fb4054e94bf87538914400feba838af9302041efd23550b2abdf931eea1c79, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:2e:ed:37:60:d9:9f:ec:f1:a2:03:3b:52:ef:
d1:b3:95:1f:00:21:07:47:13:77:d7:0c:2d:69:85:
69:5d:dd:f5:25:16:6d:c7:09:31:72:89:81:b7:45:
c7:09:75:ac:37:e7:c1:57:ad:82:fa:8a:06:d0:da:
e4:1b:09:ce:ad:3b:ba:b5:3d:6b:2c:ea:c8:25:bd:
c0:71:4c:69:95:94:de:7b:60:dd:f9:ed:65:05:00:
be:0e:69:de:3d:60:2f:3a:fe:6f:c6:09:36:3f:14:
a2:7c:7f:4c:6c:24:37:33:a4:69:90:05:d4:e4:d6:
c5:84:0d:72:af:3e:ff:72:91:0b:2c:91:a1:01:7e:
8a:d7:95:66:c3:57:dc:67:ec:54:b6:b0:57:92:5d:
7e:7e:40:65:e7:25:a3:ab:7c:99:3f:66:fe:98:26:
1c:e2:4e:9c:54:05:64:9c:92:df:32:ea:dd:bf:be:
ed:12:b7:12:59:3b:2c:9e:fd:95:79:2f:7d:d0:17:
38:32:16:da:5c:fa:fe:71:ed:56:e6:f0:d0:66:7f:
30:c0:9b:ad:53:f9:e3:94:96:d8:5f:45:17:40:4b:
c8:81:c8:3f:72:f8:da:32:e4:ac:8b:2b:ed:1d:68:
0c:d5:9a:af:3c:38:a3:0c:8b:5e:21:52:d6:73:da:
ae:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0C:27:3A:65:1D:FE:4D:86:A2:27:DD:6F:A5:87:BF:F4:4B:C9:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5d:35:28:62:96:60:3d:42:8a:09:50:1b:ff:47:56:91:92:f8:
f5:54:ce:5f:da:44:f6:7d:45:52:fb:33:68:d0:6c:7b:fe:d2:
96:57:f7:cc:22:ab:0a:1a:7f:0b:89:b3:35:0a:fc:f0:ea:1a:
a2:32:5c:88:d0:4b:f9:8d:17:13:c5:cc:4b:11:b5:fb:86:bb:
3f:7e:b5:e1:ff:d7:d0:b2:40:b7:7d:e3:56:29:0e:00:50:78:
06:f5:36:6e:62:43:86:75:2a:e8:37:19:68:8a:09:b2:a1:0b:
2b:82:d7:19:18:97:ee:94:f5:35:ca:53:49:8d:ec:dc:fc:27:
dc:3e:c1:d9:0e:cd:26:c5:29:91:b4:8a:e1:34:07:18:e0:23:
c2:d3:4c:70:68:92:42:27:9a:c7:da:cf:79:71:ed:09:71:22:
47:22:8a:28:9d:9e:72:bf:01:d6:6a:7f:e2:c8:5c:9f:c1:4c:
8f:91:e3:03:a2:7a:08:a2:d1:df:44:d3:79:c8:3e:92:37:24:
62:f4:1c:cc:2d:dc:5f:ad:51:a8:35:86:97:e2:2d:27:a7:28:
e4:71:ca:ce:81:f7:f2:88:68:73:a7:d1:df:a2:b2:e2:06:96:
e6:55:05:77:e4:24:f0:c0:4d:b6:8f:ad:d7:8e:70:d6:da:f5:
aa:8f:07:5b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQQbszYjjY9nk/aQJX6f+H6KyNbkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0ZmI0MDU0ZTk0YmY4NzUzODkxNDQwMGZlYmE4MzhhZjkzMDIwNDFlZmQy
MzU1MGIyYWJkZjkzMWVlYTFjNzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPou7Tdg2Z/s8aIDO1Lv0bOVHwAhB0cTd9cMLWmFaV3d9SUWbccJMXKJgbdF
xwl1rDfnwVetgvqKBtDa5BsJzq07urU9ayzqyCW9wHFMaZWU3ntg3fntZQUAvg5p
3j1gLzr+b8YJNj8Uonx/TGwkNzOkaZAF1OTWxYQNcq8+/3KRCyyRoQF+iteVZsNX
3GfsVLawV5Jdfn5AZeclo6t8mT9m/pgmHOJOnFQFZJyS3zLq3b++7RK3Elk7LJ79
lXkvfdAXODIW2lz6/nHtVubw0GZ/MMCbrVP545SW2F9FF0BLyIHIP3L42jLkrIsr
7R1oDNWarzw4owyLXiFS1nParjUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdDCc6
ZR3+TYaiJ91vpYe/9EvJ6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQBdNShilmA9QooJUBv/R1aRkvj1VM5f2kT2fUVS+zNo
0Gx7/tKWV/fMIqsKGn8LibM1Cvzw6hqiMlyI0Ev5jRcTxcxLEbX7hrs/frXh/9fQ
skC3feNWKQ4AUHgG9TZuYkOGdSroNxloigmyoQsrgtcZGJfulPU1ylNJjezc/Cfc
PsHZDs0mxSmRtIrhNAcY4CPC00xwaJJCJ5rH2s95ce0JcSJHIooonZ5yvwHWan/i
yFyfwUyPkeMDonoIotHfRNN5yD6SNyRi9BzMLdxfrVGoNYaX4i0npyjkccrOgffy
iGhzp9HforLiBpbmVQV35CTwwE22j63XjnDW2vWqjwdb
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:13:49 2025 by rpki-client