Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: tUvU+lfnAnAdVWpMNi/WslTinRquOCEGnzK8EhWx6vg=
Subject key identifier: E0:8C:C5:9F:CE:EE:71:37:9A:A0:8A:F1:23:21:E8:C8:13:9C:00:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 629EC5BE8958D6F0A79108C8C2B6D5092CF0860E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Tue 17 Jun 2025 00:50:28 +0000
ROA not before: Tue 17 Jun 2025 00:50:28 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:9e:c5:be:89:58:d6:f0:a7:91:08:c8:c2:b6:d5:09:2c:f0:86:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:28 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=61ddf3c879642d51b98cc711db79eb0efdf3916c0943832fcf8e07306dd7807d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0d:dd:81:45:57:30:16:65:92:8a:f6:74:2e:
f8:e9:75:c6:e8:be:5c:8f:99:25:09:9f:ea:7f:92:
89:4e:d6:f7:04:b9:4f:b0:e3:19:d6:20:d5:5a:13:
8f:b6:d3:12:52:ac:ad:14:ac:41:de:49:d9:d7:27:
f8:f5:fd:6b:bb:09:93:cd:32:15:84:98:9a:04:af:
2a:24:47:7c:69:05:49:c6:92:9c:02:50:6d:af:f4:
4a:58:5f:0f:5c:2c:4a:7d:eb:36:65:67:38:ac:c2:
be:70:81:1a:b2:56:5c:67:f5:78:ee:6a:46:9b:94:
16:15:34:d5:d6:1f:c7:f7:b7:97:46:36:65:30:cb:
54:c6:ee:c3:75:32:1c:1a:b7:bc:b8:e7:61:9c:c4:
2c:d9:11:55:2e:aa:42:1d:73:e8:2d:e1:48:14:48:
86:62:ae:a3:45:63:4b:6e:01:64:23:e4:c6:78:75:
39:09:21:2b:80:ba:a8:d7:0f:13:46:d4:1c:8f:8c:
28:d5:7a:d1:d8:cb:9a:eb:84:c2:16:43:c4:27:31:
1a:b1:49:9b:4a:37:c5:75:29:22:4b:fd:64:9e:df:
15:5a:8d:38:05:08:97:2e:70:e3:cd:14:53:60:87:
3c:db:ee:a1:e1:16:6f:2e:35:64:e4:19:7a:92:84:
4e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8C:C5:9F:CE:EE:71:37:9A:A0:8A:F1:23:21:E8:C8:13:9C:00:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
90:d2:6e:94:ec:b7:6e:c4:f8:52:0b:29:bb:80:d6:ba:dc:5d:
e4:f9:bd:aa:2d:9b:e0:86:60:ac:b2:57:95:40:81:0a:55:2c:
95:4a:1d:63:2a:6b:6e:ba:57:c8:b8:e9:54:04:6b:5e:99:4f:
ac:7f:07:e9:24:28:fa:48:06:2a:60:36:80:41:3e:74:8f:1b:
cc:3a:42:90:e6:a9:96:fc:45:6f:58:17:74:02:4c:ab:83:c3:
64:51:8f:7d:55:26:43:0c:95:fc:25:09:cb:00:20:6b:70:76:
7e:b2:5b:db:20:a7:a3:ee:d7:01:41:6d:12:5b:a3:43:11:ca:
ba:48:57:24:06:6e:ee:fc:64:54:30:30:b3:2c:f8:b5:03:ce:
e8:85:a2:e8:b4:62:31:a7:28:f3:01:8a:c0:16:5e:f9:c1:29:
65:62:2d:c2:90:6e:50:a9:ef:a3:52:c1:bc:d1:2b:ee:6f:56:
16:38:25:59:c6:ea:2d:0f:3f:82:89:16:04:e4:55:37:b5:04:
57:85:2a:9e:f7:af:05:c4:df:28:d9:40:15:0c:49:87:98:65:
c2:38:43:f4:a6:c8:e8:83:4f:f9:29:5a:38:be:97:0e:bf:98:
a1:02:27:0c:09:1d:c6:e6:ec:c7:8f:40:5a:bf:63:b2:48:a9:
c3:c6:0a:1a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYp7FvolY1vCnkQjIwrbVCSzwhg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMjhaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxZGRmM2M4Nzk2NDJkNTFiOThjYzcxMWRiNzllYjBlZmRmMzkxNmMwOTQz
ODMyZmNmOGUwNzMwNmRkNzgwN2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQN3YFFVzAWZZKK9nQu+Ol1xui+XI+ZJQmf6n+SiU7W9wS5T7DjGdYg1VoT
j7bTElKsrRSsQd5J2dcn+PX9a7sJk80yFYSYmgSvKiRHfGkFScaSnAJQba/0Slhf
D1wsSn3rNmVnOKzCvnCBGrJWXGf1eO5qRpuUFhU01dYfx/e3l0Y2ZTDLVMbuw3Uy
HBq3vLjnYZzELNkRVS6qQh1z6C3hSBRIhmKuo0VjS24BZCPkxnh1OQkhK4C6qNcP
E0bUHI+MKNV60djLmuuEwhZDxCcxGrFJm0o3xXUpIkv9ZJ7fFVqNOAUIly5w480U
U2CHPNvuoeEWby41ZOQZepKETjECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgjMWf
zu5xN5qgivEjIejIE5wA9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ0m6U7LduxPhSCym7gNa63F3k+b2qLZvghmCssleV
QIEKVSyVSh1jKmtuulfIuOlUBGtemU+sfwfpJCj6SAYqYDaAQT50jxvMOkKQ5qmW
/EVvWBd0Akyrg8NkUY99VSZDDJX8JQnLACBrcHZ+slvbIKej7tcBQW0SW6NDEcq6
SFckBm7u/GRUMDCzLPi1A87ohaLotGIxpyjzAYrAFl75wSllYi3CkG5Qqe+jUsG8
0Svub1YWOCVZxuotDz+CiRYE5FU3tQRXhSqe968FxN8o2UAVDEmHmGXCOEP0psjo
g0/5KVo4vpcOv5ihAicMCR3G5uzHj0Bav2OySKnDxgoa
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:51:42 2025 by rpki-client