Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: dMGhH5p2M5T+5AoDtwzgq0OKnriwNppPBorr3RtixLA=
Subject key identifier: 5D:99:B2:CA:D1:32:01:BA:74:1E:89:95:6A:A6:26:CD:7B:29:09:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C4EC21BEC86E2834A23478ED6CCFBE340A563D4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Mon 16 Jun 2025 22:00:13 +0000
ROA not before: Mon 16 Jun 2025 22:00:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:4e:c2:1b:ec:86:e2:83:4a:23:47:8e:d6:cc:fb:e3:40:a5:63:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=60bda648769a9e63bc40ff0299fb8406f04b23e56bcadd02b58c370761d6019f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:37:b5:12:31:de:86:35:2a:c8:bc:c9:93:c2:
c2:79:1b:74:46:e6:47:b2:10:d5:d8:a7:fd:9c:f9:
db:15:b1:f4:8b:53:d4:4a:6f:76:49:a0:55:9c:6c:
c1:82:59:27:8b:e7:56:78:e9:c6:bf:a1:0c:3c:02:
41:4d:1e:58:50:d9:10:3f:d3:a9:b2:1e:da:46:84:
04:9d:2c:b9:81:9a:f7:84:aa:64:1a:ab:c6:35:51:
59:8b:de:b7:62:a8:99:43:d1:ab:86:85:e6:02:c0:
a2:62:3f:bb:a3:6a:6c:be:93:cf:be:6f:da:cc:2a:
1a:4d:f5:89:f8:f0:0e:d4:7f:65:ae:b7:41:7c:1e:
90:a4:f2:74:51:e8:e4:20:b1:89:17:0a:4d:7e:23:
04:c3:74:18:76:34:84:4d:d2:04:db:9d:31:0f:70:
af:a3:68:45:5b:b6:1f:f4:53:3e:32:fd:0f:a1:7b:
79:6d:1b:56:16:ce:62:c0:bd:12:bc:be:ac:58:fe:
a1:2c:0d:4d:2e:37:9b:1b:e1:57:2a:50:50:b7:1e:
ec:f5:2c:5a:f5:25:2a:b6:bb:d6:46:36:cc:db:7a:
9d:23:19:3c:52:15:cb:12:73:43:8c:c7:ff:24:d7:
96:f4:ab:f1:57:f9:c7:1a:0b:04:aa:0f:87:56:22:
f0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:99:B2:CA:D1:32:01:BA:74:1E:89:95:6A:A6:26:CD:7B:29:09:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d8:0e:a9:82:d5:3c:d6:a4:26:53:e3:c8:d3:94:47:28:68:19:
0e:8d:8e:d9:cd:28:0f:c9:55:42:11:91:26:90:76:7a:2a:90:
55:82:6a:a2:d7:0b:12:f1:8e:ce:29:ac:86:4d:c4:90:8e:8b:
f0:af:46:59:8f:1f:6f:60:5f:7d:44:c2:a1:6f:7b:a9:46:9a:
90:e6:73:90:a5:9d:7c:8e:66:f3:ea:e5:3c:ce:0a:3c:83:8e:
9d:78:87:6a:be:5b:44:c0:0c:1b:b5:69:9a:7e:06:af:6a:29:
20:e1:67:dd:4e:40:21:7c:e3:e6:ae:6d:03:e9:92:57:5e:3d:
37:bf:30:4a:64:ea:5a:13:ed:e0:cd:35:89:03:89:f1:75:b5:
33:d7:4b:b1:ae:26:9c:20:95:3d:4b:36:a6:2d:bc:91:7f:8f:
4f:2a:52:4d:e8:ee:27:6f:74:a3:59:d7:23:24:6f:d1:6f:88:
74:8c:33:cb:2b:20:fe:87:e6:a3:68:e9:7e:89:15:a3:f2:76:
69:f2:0f:04:7e:5c:fb:ba:d3:a7:3f:da:ca:54:9b:04:80:43:
c2:3b:04:bc:b4:b3:77:9c:ad:1e:29:6b:ab:7d:e7:e3:88:3e:
09:39:be:f3:38:94:6e:f3:62:01:ec:3b:2a:05:71:a4:2c:1e:
70:60:0f:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTE7CG+yG4oNKI0eO1sz740ClY9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwYmRhNjQ4NzY5YTllNjNiYzQwZmYwMjk5ZmI4NDA2ZjA0YjIzZTU2YmNh
ZGQwMmI1OGMzNzA3NjFkNjAxOWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANM3tRIx3oY1Ksi8yZPCwnkbdEbmR7IQ1din/Zz52xWx9ItT1EpvdkmgVZxs
wYJZJ4vnVnjpxr+hDDwCQU0eWFDZED/TqbIe2kaEBJ0suYGa94SqZBqrxjVRWYve
t2KomUPRq4aF5gLAomI/u6NqbL6Tz75v2swqGk31ifjwDtR/Za63QXwekKTydFHo
5CCxiRcKTX4jBMN0GHY0hE3SBNudMQ9wr6NoRVu2H/RTPjL9D6F7eW0bVhbOYsC9
Ery+rFj+oSwNTS43mxvhVypQULce7PUsWvUlKra71kY2zNt6nSMZPFIVyxJzQ4zH
/yTXlvSr8Vf5xxoLBKoPh1Yi8CkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdmbLK
0TIBunQeiZVqpibNeykJJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQDYDqmC1TzWpCZT48jTlEcoaBkOjY7ZzSgPyVVCEZEm
kHZ6KpBVgmqi1wsS8Y7OKayGTcSQjovwr0ZZjx9vYF99RMKhb3upRpqQ5nOQpZ18
jmbz6uU8zgo8g46deIdqvltEwAwbtWmafgavaikg4WfdTkAhfOPmrm0D6ZJXXj03
vzBKZOpaE+3gzTWJA4nxdbUz10uxriacIJU9SzamLbyRf49PKlJN6O4nb3SjWdcj
JG/Rb4h0jDPLKyD+h+ajaOl+iRWj8nZp8g8Eflz7utOnP9rKVJsEgEPCOwS8tLN3
nK0eKWurfefjiD4JOb7zOJRu82IB7DsqBXGkLB5wYA9G
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:04:58 2025 by rpki-client