Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: njZdQ0ZVjru6mZtX5pbYH4UVj3ps/FhEOpvA4eP93Js=
Subject key identifier: 5F:A3:AD:49:FA:3D:17:E0:67:F4:25:64:9F:2C:94:7F:4F:E9:F5:34
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EFB7BBF10FDDDD0E37E2A7D511765FF0C9239A6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Tue 17 Jun 2025 00:50:34 +0000
ROA not before: Tue 17 Jun 2025 00:50:34 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:fb:7b:bf:10:fd:dd:d0:e3:7e:2a:7d:51:17:65:ff:0c:92:39:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:34 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=387f63f92828087bd5e943a363d3fe30d74867270e71a6d737e58a93d9f8d6ca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:51:61:ea:1f:e2:18:45:2f:6d:30:d5:a9:e1:
8f:ed:45:cd:0c:63:79:60:a3:24:ce:4b:e3:ba:fb:
e9:7f:f8:fe:2a:bc:99:b4:e7:bb:85:03:0f:ea:c1:
43:41:a8:c7:a5:f4:2c:f6:39:a5:56:c0:bf:f8:47:
8a:f0:7c:e8:ea:44:53:39:a4:0c:34:13:3e:75:7b:
06:6d:3c:d2:6c:3c:50:c6:95:6b:fe:2d:34:34:da:
5a:df:85:3d:c1:5b:dd:f5:2d:c9:8b:24:48:37:6e:
5b:f9:80:2a:8c:b7:6a:63:85:07:4f:98:f8:f1:7c:
e4:10:5d:76:c0:6c:d1:c1:de:4b:29:18:c9:1e:5b:
30:92:9d:cf:09:43:ff:8e:3d:6f:55:0a:5c:c8:a8:
39:e8:21:55:93:e8:f4:f5:a6:69:57:78:9f:57:09:
e1:49:86:51:e1:53:22:ba:83:30:9e:77:9f:70:5e:
26:11:5a:eb:e1:8d:81:fc:dc:38:3a:55:88:15:dd:
8b:a2:72:50:11:cc:f7:9d:5a:9c:68:1a:5c:c1:b1:
f9:cc:43:51:2c:47:71:34:0b:75:47:34:91:1e:3d:
d3:38:26:91:17:e5:69:df:72:22:77:59:af:c9:52:
de:58:e5:ab:d4:ae:6b:98:ed:29:a2:29:41:97:39:
86:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A3:AD:49:FA:3D:17:E0:67:F4:25:64:9F:2C:94:7F:4F:E9:F5:34
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:6a:6d:71:2d:74:5f:da:4b:48:0b:f6:03:6b:57:e1:d8:da:
18:27:a7:1c:95:c7:b3:59:0d:51:02:e0:be:ef:a1:90:3b:70:
e4:7b:17:bd:b7:39:3d:5f:e6:c7:d0:e2:83:30:24:cc:86:37:
25:37:30:72:a6:99:9c:5d:43:c2:40:3e:e9:7f:36:34:14:b3:
fe:07:58:5e:51:49:f6:cc:a4:8c:d7:6b:3d:e8:c2:d7:c5:b3:
8a:14:49:54:53:37:51:a0:80:1b:69:76:fe:62:bc:ec:53:8c:
0e:a1:9f:83:87:d1:a3:c0:55:2f:11:7c:fa:b7:28:da:a1:d6:
a3:a0:67:1b:4c:19:bb:f9:9f:e5:35:e1:7c:d4:94:11:d2:8b:
ca:fb:9a:65:af:5d:a2:62:dc:dc:10:20:f4:86:0b:0c:f6:02:
2a:87:0e:d7:34:8a:7d:9a:58:32:f0:0a:49:1a:55:60:12:fc:
70:20:a5:e9:51:2b:f2:f3:19:63:1a:46:22:3d:40:92:19:88:
d4:ba:c0:19:9a:32:cb:fc:75:a4:c7:6f:a5:93:ac:31:15:05:
d3:e0:51:f1:85:52:f9:2b:b4:a9:d7:1a:bd:f7:ab:60:b7:63:
53:fb:11:cd:ca:de:e6:01:f0:d1:c0:40:20:36:a6:01:f8:c7:
95:30:54:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXvt7vxD93dDjfip9URdl/wySOaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzRaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4N2Y2M2Y5MjgyODA4N2JkNWU5NDNhMzYzZDNmZTMwZDc0ODY3MjcwZTcx
YTZkNzM3ZTU4YTkzZDlmOGQ2Y2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdRYeof4hhFL20w1anhj+1FzQxjeWCjJM5L47r76X/4/iq8mbTnu4UDD+rB
Q0Gox6X0LPY5pVbAv/hHivB86OpEUzmkDDQTPnV7Bm080mw8UMaVa/4tNDTaWt+F
PcFb3fUtyYskSDduW/mAKoy3amOFB0+Y+PF85BBddsBs0cHeSykYyR5bMJKdzwlD
/449b1UKXMioOeghVZPo9PWmaVd4n1cJ4UmGUeFTIrqDMJ53n3BeJhFa6+GNgfzc
ODpViBXdi6JyUBHM951anGgaXMGx+cxDUSxHcTQLdUc0kR490zgmkRflad9yIndZ
r8lS3ljlq9Sua5jtKaIpQZc5hi0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRfo61J
+j0X4Gf0JWSfLJR/T+n1NDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQAJam1xLXRf2ktIC/YDa1fh2NoYJ6cclcezWQ1RAuC+
76GQO3Dkexe9tzk9X+bH0OKDMCTMhjclNzByppmcXUPCQD7pfzY0FLP+B1heUUn2
zKSM12s96MLXxbOKFElUUzdRoIAbaXb+YrzsU4wOoZ+Dh9GjwFUvEXz6tyjaodaj
oGcbTBm7+Z/lNeF81JQR0ovK+5plr12iYtzcECD0hgsM9gIqhw7XNIp9mlgy8ApJ
GlVgEvxwIKXpUSvy8xljGkYiPUCSGYjUusAZmjLL/HWkx2+lk6wxFQXT4FHxhVL5
K7Sp1xq996tgt2NT+xHNyt7mAfDRwEAgNqYB+MeVMFQU
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:08:41 2025 by rpki-client