Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: LGwJ1BnbSjjvD7ss6tGF9l4+Xm9LZEvSR8FkRARd6lU=
Subject key identifier: 26:B1:8F:25:F9:43:69:6E:04:14:5A:60:BA:DF:DB:6F:43:C3:80:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51EBEC097308627DF0E079947C1ED67F023F9B99
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Mon 16 Jun 2025 21:51:17 +0000
ROA not before: Mon 16 Jun 2025 21:51:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:eb:ec:09:73:08:62:7d:f0:e0:79:94:7c:1e:d6:7f:02:3f:9b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=21e6c37191b2517284684349475e68e0e0acbfc1ac0b75b01f118d2f10c0e7c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:50:42:56:1d:e4:6e:bf:1b:4e:2d:13:de:05:
9a:2f:33:2c:56:3c:85:f2:4a:7f:06:ab:ad:33:67:
d0:82:aa:f8:e7:f4:2c:24:4c:ae:28:f7:5f:4b:e7:
8a:e1:fd:03:c1:c2:0e:10:f5:73:83:b3:f3:d3:c6:
7d:ff:b4:58:95:4a:88:17:fc:c5:55:9a:23:3b:55:
7d:58:9b:41:52:cf:d6:dc:00:0c:a9:83:d6:39:15:
83:04:87:6b:dc:9f:80:b0:6f:42:cc:6f:4b:9f:87:
c9:0e:5b:cd:59:38:b4:17:5a:6b:32:ec:f3:62:06:
f6:c3:88:45:85:40:e0:ca:1e:d7:bc:82:00:11:37:
9d:24:c2:92:b2:15:9f:8e:fa:6d:ab:b4:c1:6a:99:
21:5b:3a:a3:43:eb:ff:09:cf:62:48:bd:80:33:21:
0d:7b:52:39:14:14:8b:33:f9:0c:8e:47:f3:01:aa:
90:3e:dc:ef:60:ed:32:89:c5:6b:97:c9:49:6b:05:
66:a8:34:e8:36:e3:12:0f:51:ab:14:19:61:3f:1c:
63:6f:76:fd:40:6d:1f:f6:04:47:d8:5d:ac:04:34:
c5:d7:b6:71:c9:0e:85:16:07:a0:ba:12:a6:68:31:
db:60:11:b2:d4:fd:40:7b:a1:3d:ee:29:ee:23:65:
b9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B1:8F:25:F9:43:69:6E:04:14:5A:60:BA:DF:DB:6F:43:C3:80:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:52:81:d4:27:23:22:54:aa:df:76:36:8f:51:a6:47:d6:1d:
a3:d6:4e:4c:17:b6:dd:ed:88:1b:f9:79:f7:1c:1e:04:5d:c9:
52:a7:3a:0b:de:de:b3:d5:5f:5e:87:6e:64:98:6f:96:ef:7a:
7c:d8:67:64:e4:28:cb:67:05:e4:af:36:e2:a2:60:a2:67:5a:
aa:29:79:e8:68:dd:95:49:5c:23:1f:dd:2a:e8:68:36:bc:dc:
12:dc:dd:8f:b7:0d:cb:c2:e6:fc:01:c4:c6:5d:24:c2:07:ce:
54:c9:cf:58:5b:33:a4:f3:a4:ba:71:08:6f:f9:51:52:03:25:
6c:f8:b7:a5:3b:86:4c:61:1b:90:ed:87:e4:82:68:65:ba:8b:
0b:b5:d9:37:bd:c0:10:53:31:f6:aa:62:3b:35:a1:f7:45:c6:
4d:e0:e6:d6:cf:31:51:f3:54:9d:69:30:e8:be:c6:88:d8:4c:
d8:25:47:81:7d:46:e4:29:f3:e5:d0:29:33:24:5d:fc:32:e0:
e6:ac:26:c5:db:bf:01:0e:ce:b0:36:dc:49:d0:67:97:a4:af:
95:ac:0d:a1:99:f4:fc:ba:60:8d:21:56:b5:cb:3c:be:ee:b4:
82:43:4f:f3:29:99:c1:74:08:0a:9c:03:27:9b:e7:e8:10:80:
ff:39:83:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUevsCXMIYn3w4HmUfB7WfwI/m5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxZTZjMzcxOTFiMjUxNzI4NDY4NDM0OTQ3NWU2OGUwZTBhY2JmYzFhYzBi
NzViMDFmMTE4ZDJmMTBjMGU3YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhQQlYd5G6/G04tE94Fmi8zLFY8hfJKfwarrTNn0IKq+Of0LCRMrij3X0vn
iuH9A8HCDhD1c4Oz89PGff+0WJVKiBf8xVWaIztVfVibQVLP1twADKmD1jkVgwSH
a9yfgLBvQsxvS5+HyQ5bzVk4tBdaazLs82IG9sOIRYVA4Moe17yCABE3nSTCkrIV
n476bau0wWqZIVs6o0Pr/wnPYki9gDMhDXtSORQUizP5DI5H8wGqkD7c72DtMonF
a5fJSWsFZqg06DbjEg9RqxQZYT8cY292/UBtH/YER9hdrAQ0xde2cckOhRYHoLoS
pmgx22ARstT9QHuhPe4p7iNlud0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQmsY8l
+UNpbgQUWmC639tvQ8OAVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBkUoHUJyMiVKrfdjaPUaZH1h2j1k5MF7bd7Ygb+Xn3
HB4EXclSpzoL3t6z1V9eh25kmG+W73p82Gdk5CjLZwXkrzbiomCiZ1qqKXnoaN2V
SVwjH90q6Gg2vNwS3N2Ptw3Lwub8AcTGXSTCB85Uyc9YWzOk86S6cQhv+VFSAyVs
+LelO4ZMYRuQ7YfkgmhluosLtdk3vcAQUzH2qmI7NaH3RcZN4ObWzzFR81SdaTDo
vsaI2EzYJUeBfUbkKfPl0CkzJF38MuDmrCbF278BDs6wNtxJ0GeXpK+VrA2hmfT8
umCNIVa1yzy+7rSCQ0/zKZnBdAgKnAMnm+foEID/OYOF
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:41:19 2025 by rpki-client