Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: xUfucqdk8SQ+L+mF3gMqP2ho7rFaYv9DHu23LcXGW7A=
Subject key identifier: A1:49:22:AB:C7:BF:38:F2:29:36:AF:2C:FC:10:EC:07:6C:87:6E:A3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1BE9CCBE9C3508B18791B3861CD71239B9899E19
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Mon 16 Jun 2025 21:50:57 +0000
ROA not before: Mon 16 Jun 2025 21:50:57 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:e9:cc:be:9c:35:08:b1:87:91:b3:86:1c:d7:12:39:b9:89:9e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:57 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=460854e4e74524e9755a07caa2b233a32f227593c234b1c7ace93725d71337a4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:7e:20:47:17:66:36:e4:66:fb:b6:b7:04:
e9:84:00:67:09:5d:4a:b4:e3:45:72:e6:2b:38:2e:
35:5e:f5:dd:9f:ff:7b:10:a6:d8:50:4d:ea:ca:7c:
49:5c:df:a4:4b:b2:42:71:6a:aa:9c:19:d8:57:c6:
9f:2a:8d:b8:91:a8:fd:3e:b3:19:34:99:b8:bf:06:
2a:ed:a0:28:a9:51:4e:41:2c:d3:6d:a9:a9:0b:18:
d5:53:aa:6a:d6:6e:5e:cc:3c:de:56:60:a2:ed:fa:
c9:54:9a:ab:cd:6b:2b:61:41:8d:df:dd:24:c2:6f:
3c:4b:cf:b0:22:1c:f4:68:49:af:6b:cd:a2:87:b1:
75:ef:23:14:18:18:ea:2f:6d:68:64:51:db:d5:61:
3b:dc:fc:8a:5e:27:68:1d:f8:15:c8:f4:28:a8:89:
af:50:a2:25:13:de:cf:be:4e:34:18:bb:d8:dd:f3:
3e:8f:ab:59:eb:9b:5d:58:ee:e4:9c:78:23:03:6d:
a8:32:85:70:4c:c0:4e:69:bf:da:13:bd:c3:e2:b6:
92:ce:b0:12:af:af:bc:63:bb:dc:d9:c6:ed:46:ba:
8a:6a:a2:ff:1d:db:a0:43:af:f9:af:1a:23:ab:ee:
a0:fc:0e:17:a8:98:75:cb:ef:7a:f7:37:44:29:35:
29:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:49:22:AB:C7:BF:38:F2:29:36:AF:2C:FC:10:EC:07:6C:87:6E:A3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:39:97:e6:96:7d:f9:f6:d4:56:65:f5:d0:d1:9c:cd:7d:77:
eb:cc:5b:a1:1b:82:f0:72:d0:2d:c3:63:d1:e4:1d:9f:b1:98:
75:bb:6e:31:17:93:77:72:84:06:a6:b5:f1:02:3f:06:2f:ce:
fd:ac:b7:8f:46:c7:b8:e0:6c:df:ac:eb:9b:7f:b7:9e:13:b4:
e8:35:62:e5:9e:99:be:d1:12:cf:a9:e2:80:f1:8e:53:69:60:
36:99:56:20:9f:51:d6:6c:38:b3:2c:59:33:3f:42:b8:46:2c:
3c:28:7d:25:3e:b7:cc:53:7e:06:7a:eb:e9:47:82:ab:e5:80:
c7:50:cf:9e:d0:4f:53:c9:98:71:d7:f6:c5:c6:30:98:6d:7c:
15:c7:f5:f6:f2:13:27:fa:fe:79:41:2d:d5:96:92:9e:da:ee:
e6:4a:07:7c:b1:0f:d9:9c:3d:9a:3a:b8:1b:3e:27:46:60:40:
6d:d7:ab:43:1e:b6:91:f7:22:0e:38:49:08:69:a0:9d:3e:fd:
6a:55:d8:3b:44:2e:76:4d:54:9d:a2:bc:0b:1d:1a:0f:67:94:
71:2c:73:ce:fd:36:78:0b:30:03:ea:ce:6b:81:16:7a:8c:83:
78:ea:fb:c3:9d:ae:1e:80:31:31:88:da:11:a5:62:30:df:7b:
a3:9d:7d:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUG+nMvpw1CLGHkbOGHNcSObmJnhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MDg1NGU0ZTc0NTI0ZTk3NTVhMDdjYWEyYjIzM2EzMmYyMjc1OTNjMjM0
YjFjN2FjZTkzNzI1ZDcxMzM3YTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUWfiBHF2Y25Gb7trcE6YQAZwldSrTjRXLmKzguNV713Z//exCm2FBN6sp8
SVzfpEuyQnFqqpwZ2FfGnyqNuJGo/T6zGTSZuL8GKu2gKKlRTkEs022pqQsY1VOq
atZuXsw83lZgou36yVSaq81rK2FBjd/dJMJvPEvPsCIc9GhJr2vNooexde8jFBgY
6i9taGRR29VhO9z8il4naB34Fcj0KKiJr1CiJRPez75ONBi72N3zPo+rWeubXVju
5Jx4IwNtqDKFcEzATmm/2hO9w+K2ks6wEq+vvGO73NnG7Ua6imqi/x3boEOv+a8a
I6vuoPwOF6iYdcvvevc3RCk1KZcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBShSSKr
x7848ik2ryz8EOwHbIduozAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQBKOZfmln359tRWZfXQ0ZzNfXfrzFuhG4LwctAtw2PR
5B2fsZh1u24xF5N3coQGprXxAj8GL879rLePRse44GzfrOubf7eeE7ToNWLlnpm+
0RLPqeKA8Y5TaWA2mVYgn1HWbDizLFkzP0K4Riw8KH0lPrfMU34GeuvpR4Kr5YDH
UM+e0E9TyZhx1/bFxjCYbXwVx/X28hMn+v55QS3VlpKe2u7mSgd8sQ/ZnD2aOrgb
PidGYEBt16tDHraR9yIOOEkIaaCdPv1qVdg7RC52TVSdorwLHRoPZ5RxLHPO/TZ4
CzAD6s5rgRZ6jIN46vvDna4egDExiNoRpWIw33ujnX3x
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:41:03 2025 by rpki-client