Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json)
Hash identifier: plK74QAW14itIm79PwjD8ZfaDkbcsNBJen0DRPVM1FQ=
Subject key identifier: 8F:8F:9B:69:18:98:51:20:6C:69:62:96:33:44:55:5D:0F:88:76:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37049357EC625A002471FC5C604ADFB5A605D765
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
Signing time: Mon 16 Jun 2025 21:51:22 +0000
ROA not before: Mon 16 Jun 2025 21:51:22 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:04:93:57:ec:62:5a:00:24:71:fc:5c:60:4a:df:b5:a6:05:d7:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:22 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=7fd64fe62ebc3083c78df98d003a88957d690624865d579b7a6f72fb29ac7a08, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:47:89:c5:f6:f7:0a:a7:3b:42:70:c2:e1:1b:
9c:15:fb:d6:2e:1a:86:af:55:4f:ab:df:90:c9:62:
e0:61:a7:ca:1d:ee:25:78:50:91:36:64:8e:28:eb:
95:bb:8b:94:4b:42:d9:fd:19:78:f8:c6:2a:a8:b2:
66:31:dc:3a:2f:c2:6c:1e:3f:d9:22:fa:8d:f1:3b:
14:64:34:b2:bc:b0:b0:02:b1:a5:78:6a:01:76:5b:
65:02:d7:ba:9c:c7:11:78:c2:3d:75:c3:fb:ea:83:
16:46:0e:75:f2:65:91:6c:92:78:79:41:ab:24:2a:
4e:b5:6d:7b:cd:d4:67:41:8d:e2:e8:32:6c:4e:e3:
a7:5b:0d:97:22:f7:48:90:ef:ce:14:7c:fd:1e:12:
09:2a:3b:29:a0:9d:c1:a2:cd:b1:59:95:57:30:ac:
11:4e:32:ed:a7:e0:a3:46:7c:8d:43:32:9b:db:53:
07:8b:b7:a8:3a:ce:52:f7:07:68:97:8b:e6:aa:85:
b1:f5:43:9a:6f:13:c3:aa:e5:d8:09:c1:44:5d:ec:
03:23:05:62:59:a4:c0:e3:42:6b:13:16:2f:25:31:
db:ca:f4:fb:12:d4:15:68:6f:e7:c9:b7:57:b6:6a:
07:03:29:58:27:9a:f2:9a:87:ad:d1:be:00:a2:7b:
9d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:8F:9B:69:18:98:51:20:6C:69:62:96:33:44:55:5D:0F:88:76:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cd:a2:d9:f7:c2:9f:28:1a:7a:71:b9:2b:4d:c5:5d:be:97:71:
0a:94:0d:a4:22:a7:12:7f:d3:2c:20:e1:c8:79:81:2d:95:47:
b0:6e:30:13:7e:bc:3a:6b:51:82:e4:c2:be:3c:15:05:3c:55:
65:84:bb:1f:f2:88:cb:93:28:66:92:71:ca:24:60:8b:5b:20:
a9:c7:2d:0a:e0:47:0f:c1:c1:f2:60:71:99:10:cb:86:2a:11:
77:ef:f0:bf:ec:68:e7:e4:90:73:84:55:53:43:6e:1d:60:e9:
1d:ac:65:83:97:6e:e2:05:d8:45:e4:5d:ce:76:64:26:a6:9e:
4c:3f:34:af:ce:40:d4:41:b6:f5:cb:a5:62:42:b3:f7:f4:7e:
b5:e5:d5:30:19:bc:51:5d:7e:78:05:8f:e4:ee:9e:d8:86:96:
f0:6d:dc:ea:b9:4f:0c:2b:e4:2e:ed:9f:5d:79:92:9d:cf:41:
c4:2f:07:7f:3e:bd:94:b0:a3:7f:1b:9e:70:33:e6:fa:34:a8:
8c:c1:f4:ab:2a:6f:df:41:1f:9c:d4:00:cf:aa:65:a0:c1:77:
80:58:95:01:6e:83:65:8e:a8:b3:c5:e8:58:10:f3:55:5f:49:
cf:ad:c0:86:e3:f8:87:e9:9c:67:a2:09:e3:05:06:5d:2c:46:
ee:5f:6a:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNwSTV+xiWgAkcfxcYErftaYF12UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMjJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmZDY0ZmU2MmViYzMwODNjNzhkZjk4ZDAwM2E4ODk1N2Q2OTA2MjQ4NjVk
NTc5YjdhNmY3MmZiMjlhYzdhMDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxHicX29wqnO0JwwuEbnBX71i4ahq9VT6vfkMli4GGnyh3uJXhQkTZkjijr
lbuLlEtC2f0ZePjGKqiyZjHcOi/CbB4/2SL6jfE7FGQ0srywsAKxpXhqAXZbZQLX
upzHEXjCPXXD++qDFkYOdfJlkWySeHlBqyQqTrVte83UZ0GN4ugybE7jp1sNlyL3
SJDvzhR8/R4SCSo7KaCdwaLNsVmVVzCsEU4y7afgo0Z8jUMym9tTB4u3qDrOUvcH
aJeL5qqFsfVDmm8Tw6rl2AnBRF3sAyMFYlmkwONCaxMWLyUx28r0+xLUFWhv58m3
V7ZqBwMpWCea8pqHrdG+AKJ7nZMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSPj5tp
GJhRIGxpYpYzRFVdD4h2LTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQDNotn3wp8oGnpxuStNxV2+l3EKlA2kIqcSf9MsIOHI
eYEtlUewbjATfrw6a1GC5MK+PBUFPFVlhLsf8ojLkyhmknHKJGCLWyCpxy0K4EcP
wcHyYHGZEMuGKhF37/C/7Gjn5JBzhFVTQ24dYOkdrGWDl27iBdhF5F3OdmQmpp5M
PzSvzkDUQbb1y6ViQrP39H615dUwGbxRXX54BY/k7p7YhpbwbdzquU8MK+Qu7Z9d
eZKdz0HELwd/Pr2UsKN/G55wM+b6NKiMwfSrKm/fQR+c1ADPqmWgwXeAWJUBboNl
jqizxehYEPNVX0nPrcCG4/iH6ZxnognjBQZdLEbuX2pt
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:18:24 2025 by rpki-client