Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
File: cf5e86ef-0733-4056-8b1b-683470ef90f1.roa (raw, json)
Hash identifier: C54lQovxvBMBnFg7oxdUoxcNRJNWS4Cxp+jci9lG5PU=
Subject key identifier: D0:F6:D8:EA:2A:AC:70:EA:8F:9C:7B:5A:BE:B3:7E:56:BB:3A:A8:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7FB82CF738776DED668D3EF4A6084FB3DA48A27A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
Signing time: Tue 17 Jun 2025 00:51:00 +0000
ROA not before: Tue 17 Jun 2025 00:51:00 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:b8:2c:f7:38:77:6d:ed:66:8d:3e:f4:a6:08:4f:b3:da:48:a2:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:00 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=af9d50d4d1ac3c190ccef5108ff0752ef7bea113d23f35d1577c5be37d1134a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fa:f8:c4:1a:f5:89:80:e0:5b:06:2d:42:8d:
38:6b:89:76:86:22:76:eb:ad:39:3c:7e:94:b4:b8:
39:16:22:36:f6:28:e9:87:66:4c:61:b3:84:74:5a:
21:ec:21:1f:9d:60:4e:06:5d:7c:7d:b9:38:d7:b5:
45:2d:4e:5f:96:93:67:cb:2a:bd:b3:83:60:41:72:
57:7e:26:66:b2:ac:1d:74:30:1c:73:00:73:55:da:
bc:8c:d9:cb:7c:9c:8e:1a:2c:f6:87:39:1c:b9:fe:
83:12:73:c9:79:ce:27:c2:bb:60:52:e9:62:31:93:
3e:fb:81:14:2b:80:9d:a5:a8:33:e4:68:3d:f6:c1:
af:b9:10:7a:7d:63:1b:51:82:32:ac:05:3c:dd:bc:
3c:6b:48:ab:44:46:33:ac:86:30:3a:df:4a:26:89:
93:28:39:60:32:7e:ee:3a:cc:6e:42:8b:6f:01:90:
5e:17:73:43:31:f6:1c:c5:77:80:88:58:e8:d7:d0:
4a:b9:48:42:0c:bb:67:f0:46:cf:cf:6b:8e:48:c3:
48:c2:15:c4:84:09:e0:ce:3c:52:74:e1:c5:93:18:
03:44:de:24:d7:14:bd:13:ea:fc:3e:4f:bd:a8:8d:
97:1b:cc:8e:86:cb:0d:40:3e:8b:dc:27:be:ff:41:
a4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F6:D8:EA:2A:AC:70:EA:8F:9C:7B:5A:BE:B3:7E:56:BB:3A:A8:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
16:df:23:81:c5:2f:b3:df:ec:dc:fd:bd:11:3a:8a:1a:59:71:
04:33:2c:21:80:79:2b:80:a1:8c:74:41:75:d7:88:5b:b8:55:
a8:fd:65:f7:b8:47:20:3d:df:23:b4:88:1f:4f:e3:e3:02:0e:
bc:8d:5d:a8:c5:a1:55:79:6d:c2:70:e3:4d:c8:08:f1:db:6d:
d0:ab:06:34:ce:71:35:01:e4:28:aa:7f:6b:f7:b4:a3:a1:e9:
24:b2:fe:e0:8a:42:30:b3:52:46:ba:39:be:8f:1a:e2:25:68:
b3:22:05:7f:ab:1e:c1:10:e4:74:e4:1f:56:40:be:01:cb:3b:
b9:d8:34:9e:5c:6b:b8:b9:bd:a0:ea:fb:ff:c5:c6:ff:8e:f2:
92:d5:d1:24:11:2c:fb:1b:c9:2b:f8:35:18:43:ba:8b:d2:c9:
ca:6b:47:1b:1b:47:6c:22:b7:fd:8d:dc:ca:59:0a:7b:04:19:
e1:49:58:33:9a:e0:c9:77:4e:f8:c6:f6:ef:af:85:7a:44:74:
b4:a0:d7:7e:38:81:75:f8:65:7d:4f:ab:04:c4:b5:e1:bb:88:
7b:f2:0c:f0:cc:3a:4d:aa:ac:c7:f6:a5:3a:56:19:1f:11:bf:
36:26:71:44:41:ce:db:72:82:bf:a1:c2:18:d4:dc:f9:d9:18:
b8:61:57:c2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUf7gs9zh3be1mjT70pghPs9pIonowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDBaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmOWQ1MGQ0ZDFhYzNjMTkwY2NlZjUxMDhmZjA3NTJlZjdiZWExMTNkMjNm
MzVkMTU3N2M1YmUzN2QxMTM0YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKj6+MQa9YmA4FsGLUKNOGuJdoYiduutOTx+lLS4ORYiNvYo6YdmTGGzhHRa
IewhH51gTgZdfH25ONe1RS1OX5aTZ8sqvbODYEFyV34mZrKsHXQwHHMAc1XavIzZ
y3ycjhos9oc5HLn+gxJzyXnOJ8K7YFLpYjGTPvuBFCuAnaWoM+RoPfbBr7kQen1j
G1GCMqwFPN28PGtIq0RGM6yGMDrfSiaJkyg5YDJ+7jrMbkKLbwGQXhdzQzH2HMV3
gIhY6NfQSrlIQgy7Z/BGz89rjkjDSMIVxIQJ4M48UnThxZMYA0TeJNcUvRPq/D5P
vaiNlxvMjobLDUA+i9wnvv9BpKsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTQ9tjq
Kqxw6o+ce1q+s35WuzqoKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1ZTg2ZWYtMDczMy00MDU2LThiMWItNjgzNDcwZWY5MGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAFt8jgcUvs9/s3P29ETqKGllxBDMsIYB5K4ChjHRB
ddeIW7hVqP1l97hHID3fI7SIH0/j4wIOvI1dqMWhVXltwnDjTcgI8dtt0KsGNM5x
NQHkKKp/a/e0o6HpJLL+4IpCMLNSRro5vo8a4iVosyIFf6sewRDkdOQfVkC+Acs7
udg0nlxruLm9oOr7/8XG/47yktXRJBEs+xvJK/g1GEO6i9LJymtHGxtHbCK3/Y3c
ylkKewQZ4UlYM5rgyXdO+Mb276+FekR0tKDXfjiBdfhlfU+rBMS14buIe/IM8Mw6
Taqsx/alOlYZHxG/NiZxREHO23KCv6HCGNTc+dkYuGFXwg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:43:32 2025 by rpki-client