Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: 9TYF7O7bJYs+nxIVGhOtppegpHSyqyC99Wk3vsV/FTg=
Subject key identifier: 89:B5:7D:F9:11:26:B6:ED:48:BF:E8:FB:2F:C9:05:70:AA:EF:24:94
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4292729FAD94DC9E10D0143C25BDB160D7CEC658
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Mon 16 Jun 2025 21:51:21 +0000
ROA not before: Mon 16 Jun 2025 21:51:21 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:92:72:9f:ad:94:dc:9e:10:d0:14:3c:25:bd:b1:60:d7:ce:c6:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:21 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ff9bc8f3cde9d7a5e28fd6ea400d654fc6f92eb8377e9e2eec17248b4248e996, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:14:1b:f4:fe:c5:ce:1d:4b:7b:0e:4b:b8:54:
14:51:6b:8a:45:cf:95:7a:fd:aa:64:89:b3:8a:0f:
41:ef:23:ff:20:ab:b0:84:ff:ac:3e:5a:26:df:d9:
a6:18:e9:2a:a0:23:f3:ac:d1:88:12:d1:c4:96:31:
61:08:9c:f9:d4:04:f1:26:aa:24:00:f0:7e:3c:cf:
cc:b3:4e:1c:d5:74:01:80:03:db:b2:d5:a9:0e:6e:
6b:f1:da:77:26:63:9a:17:a8:0f:02:f7:72:cd:a0:
df:05:76:8c:7d:41:07:3e:3b:7b:a3:4d:7c:77:06:
64:e3:2f:b9:3c:3b:f3:f8:b1:98:ae:71:88:5b:fb:
82:68:b5:f4:56:5a:90:fb:8e:77:03:cf:85:70:ab:
f0:40:7c:4a:4c:ee:44:13:e6:0d:80:97:70:dd:db:
73:d9:b0:c1:c3:a0:93:b9:ad:fb:d4:ae:e7:e7:0d:
0c:c9:86:fa:78:3b:41:6e:65:91:24:59:13:9e:52:
77:fd:e5:3b:d0:14:a7:29:8f:6c:06:6a:2f:66:6d:
78:87:02:4b:28:93:d8:d3:65:ad:54:a1:77:4f:2e:
e3:aa:72:f3:48:7d:47:6d:93:95:14:20:ae:b2:12:
5e:25:22:73:ec:9f:0f:bb:ad:93:4d:e1:da:b1:56:
ff:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B5:7D:F9:11:26:B6:ED:48:BF:E8:FB:2F:C9:05:70:AA:EF:24:94
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:30:a8:b7:b7:2c:62:fc:cb:79:ec:09:6d:f6:d4:df:ff:8a:
7f:46:1d:e2:8a:b2:60:8c:61:30:cd:1d:c8:cb:9e:1e:01:db:
b0:e4:85:b5:3e:15:04:ea:a8:41:ba:45:d4:39:44:9e:19:7a:
a5:1a:ad:f9:d0:e9:75:c1:b1:14:75:23:8d:23:06:1c:e2:6c:
0e:80:40:4a:17:b7:4d:25:89:70:c5:ab:93:2e:37:3f:81:05:
45:87:53:11:2f:28:86:db:1f:29:f4:79:47:9c:e4:67:90:cc:
1f:e4:94:e1:75:6c:3e:1a:a3:81:55:4c:a2:1c:4c:5c:4a:90:
bc:8f:44:44:00:26:54:b4:0a:22:54:5e:56:f4:17:87:6d:f3:
95:80:7c:10:f4:3b:35:1d:f5:ff:42:97:31:15:28:83:78:08:
d0:e0:40:db:bf:9e:96:35:d6:8d:22:ef:06:a8:17:3b:64:71:
ef:39:76:fc:a4:3a:d9:48:b1:74:3e:41:31:ca:fd:d7:ad:ef:
11:05:40:81:0c:81:0f:86:21:42:2f:61:43:db:d5:50:5c:3a:
fd:56:17:30:b8:08:b5:92:bb:59:f5:6f:34:dc:83:7f:90:a6:
3c:fa:d5:e3:5d:34:d6:16:45:1a:2b:41:2c:8c:46:0e:b5:1c:
83:50:ad:1c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQpJyn62U3J4Q0BQ8Jb2xYNfOxlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMjFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmOWJjOGYzY2RlOWQ3YTVlMjhmZDZlYTQwMGQ2NTRmYzZmOTJlYjgzNzdl
OWUyZWVjMTcyNDhiNDI0OGU5OTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUUG/T+xc4dS3sOS7hUFFFrikXPlXr9qmSJs4oPQe8j/yCrsIT/rD5aJt/Z
phjpKqAj86zRiBLRxJYxYQic+dQE8SaqJADwfjzPzLNOHNV0AYAD27LVqQ5ua/Ha
dyZjmheoDwL3cs2g3wV2jH1BBz47e6NNfHcGZOMvuTw78/ixmK5xiFv7gmi19FZa
kPuOdwPPhXCr8EB8SkzuRBPmDYCXcN3bc9mwwcOgk7mt+9Su5+cNDMmG+ng7QW5l
kSRZE55Sd/3lO9AUpymPbAZqL2ZteIcCSyiT2NNlrVShd08u46py80h9R22TlRQg
rrISXiUic+yfD7utk03h2rFW/5cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSJtX35
ESa27Ui/6PsvyQVwqu8klDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQA+MKi3tyxi/Mt57Alt9tTf/4p/Rh3iirJgjGEwzR3I
y54eAduw5IW1PhUE6qhBukXUOUSeGXqlGq350Ol1wbEUdSONIwYc4mwOgEBKF7dN
JYlwxauTLjc/gQVFh1MRLyiG2x8p9HlHnORnkMwf5JThdWw+GqOBVUyiHExcSpC8
j0REACZUtAoiVF5W9BeHbfOVgHwQ9Ds1HfX/QpcxFSiDeAjQ4EDbv56WNdaNIu8G
qBc7ZHHvOXb8pDrZSLF0PkExyv3Xre8RBUCBDIEPhiFCL2FD29VQXDr9VhcwuAi1
krtZ9W803IN/kKY8+tXjXTTWFkUaK0EsjEYOtRyDUK0c
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:28:45 2025 by rpki-client