Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
File: bad59de4-adad-41c5-bcd9-10599419c7b5.roa (raw, json)
Hash identifier: KcTzTLiCZ3E6gmTpbuZOKZLdmX9pUalWESLKea7DtAg=
Subject key identifier: C4:2C:E1:82:E4:BB:FA:7C:BD:E7:A9:23:50:E9:4B:DC:FB:B5:DF:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B3A5084FCFF8E0C8C05F48E6AB29799947EC4FF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
Signing time: Tue 17 Jun 2025 00:50:56 +0000
ROA not before: Tue 17 Jun 2025 00:50:56 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:3a:50:84:fc:ff:8e:0c:8c:05:f4:8e:6a:b2:97:99:94:7e:c4:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:56 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=5c5809e4c7f9fde0fa3a94466caed0224c9aaa82b7a5f50b3f5df8bf6dddb8f9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:72:33:94:43:67:5e:4d:24:37:37:86:42:
54:0a:b2:79:8d:9f:e7:aa:08:a4:e3:7d:26:c9:d4:
47:20:65:68:04:11:ef:34:02:46:38:83:5e:3e:05:
65:17:57:b5:f0:4a:5b:8c:23:cc:77:31:3e:6b:9a:
6d:eb:d4:37:5f:1e:17:2b:13:77:34:a7:f3:5b:3e:
1c:01:a7:45:4f:50:7f:aa:a5:38:b7:d0:af:23:57:
8a:f8:29:c2:68:12:1a:f5:00:7c:7f:26:f4:33:0d:
2b:6f:a8:64:32:83:46:67:85:a5:f2:a9:87:d2:ac:
6f:be:c4:63:b5:f2:1d:1f:dc:39:47:20:4e:97:62:
63:a9:8f:81:65:ab:3f:1e:0e:a0:b5:82:13:ae:c8:
70:d0:b0:d0:d4:36:e6:4e:17:d3:a7:c9:64:8e:16:
d0:ce:02:7d:e1:c5:41:67:b3:61:bc:27:3c:cb:b6:
b8:d6:69:fe:6d:3e:7b:75:38:48:b0:4d:dc:c7:4f:
56:5d:61:de:bf:e3:53:f2:ad:30:30:bd:88:84:00:
43:2c:da:95:36:7b:84:48:f4:32:34:1c:0f:04:05:
ac:9e:15:13:28:d1:28:71:7f:02:23:2a:46:ad:63:
f1:98:7a:ae:e3:35:2c:ec:e2:06:e3:75:fc:0b:0c:
4b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2C:E1:82:E4:BB:FA:7C:BD:E7:A9:23:50:E9:4B:DC:FB:B5:DF:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
af:02:45:89:c2:b8:ba:21:96:75:cb:06:15:41:5e:7b:ed:0c:
8b:31:3a:0f:c6:9f:0f:9c:30:10:56:b5:d4:f0:3a:77:02:86:
f9:75:f4:63:38:e2:d8:bd:cc:e4:63:64:1d:12:19:2f:3e:fd:
8d:8d:53:8d:d1:f5:90:94:ee:dc:f4:0f:cc:9f:56:08:f9:5e:
c6:c2:c1:24:66:29:9f:62:e0:33:cd:54:78:ff:e3:9a:fb:8f:
2a:0b:b9:d9:fa:1c:f7:89:2f:0b:e1:6c:f4:34:26:6a:ca:e9:
fa:9a:ff:35:a4:9d:eb:40:6e:20:1d:79:c2:e2:d0:4f:94:35:
86:d2:59:e1:c3:83:27:99:27:50:95:48:c8:83:2a:4c:7b:b6:
a5:26:92:80:dc:17:e1:20:b7:a0:96:b9:10:b7:21:be:0b:5e:
54:21:be:b8:cd:ac:c5:30:f3:43:12:df:77:54:95:5e:58:09:
90:fb:43:d7:5e:79:fc:52:0b:7b:05:b7:78:4f:b7:47:47:ae:
bb:97:c5:86:44:c2:94:8a:ab:c9:e4:83:4b:e0:f8:c9:bd:42:
41:38:d2:93:4d:4e:39:a6:fe:10:eb:c0:5c:7b:cc:2c:5e:08:
f5:af:38:57:6a:55:d7:2a:67:ab:f5:76:02:a5:bc:3b:07:ba:
91:51:eb:b1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUezpQhPz/jgyMBfSOarKXmZR+xP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwNTZaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNTgwOWU0YzdmOWZkZTBmYTNhOTQ0NjZjYWVkMDIyNGM5YWFhODJiN2E1
ZjUwYjNmNWRmOGJmNmRkZGI4ZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3vcjOUQ2deTSQ3N4ZCVAqyeY2f56oIpON9JsnURyBlaAQR7zQCRjiDXj4F
ZRdXtfBKW4wjzHcxPmuabevUN18eFysTdzSn81s+HAGnRU9Qf6qlOLfQryNXivgp
wmgSGvUAfH8m9DMNK2+oZDKDRmeFpfKph9Ksb77EY7XyHR/cOUcgTpdiY6mPgWWr
Px4OoLWCE67IcNCw0NQ25k4X06fJZI4W0M4CfeHFQWezYbwnPMu2uNZp/m0+e3U4
SLBN3MdPVl1h3r/jU/KtMDC9iIQAQyzalTZ7hEj0MjQcDwQFrJ4VEyjRKHF/AiMq
Rq1j8Zh6ruM1LOziBuN1/AsMS8cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTELOGC
5Lv6fL3nqSNQ6Uvc+7XfwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFkNTlkZTQtYWRhZC00MWM1LWJjZDktMTA1OTk0MTljN2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEArwJFicK4uiGWdcsGFUFee+0MizE6D8afD5wwEFa1
1PA6dwKG+XX0Yzji2L3M5GNkHRIZLz79jY1TjdH1kJTu3PQPzJ9WCPlexsLBJGYp
n2LgM81UeP/jmvuPKgu52foc94kvC+Fs9DQmasrp+pr/NaSd60BuIB15wuLQT5Q1
htJZ4cODJ5knUJVIyIMqTHu2pSaSgNwX4SC3oJa5ELchvgteVCG+uM2sxTDzQxLf
d1SVXlgJkPtD1155/FILewW3eE+3R0euu5fFhkTClIqryeSDS+D4yb1CQTjSk01O
Oab+EOvAXHvMLF4I9a84V2pV1ypnq/V2AqW8Owe6kVHrsQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:53:57 2025 by rpki-client