Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: S7dLOWmnuUE5Prp/GBTa3hLCHlSQW8dja0GpumoLR40=
Subject key identifier: 5B:D7:13:74:31:EC:1A:48:AB:46:CB:AF:52:50:7A:C1:AE:EE:DB:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3144CC72E2DC8267F32DF5661AF95126077C5A89
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Mon 16 Jun 2025 22:00:20 +0000
ROA not before: Mon 16 Jun 2025 22:00:20 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:44:cc:72:e2:dc:82:67:f3:2d:f5:66:1a:f9:51:26:07:7c:5a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:20 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1feda556bae331a5081ce1dea3822d599a6bd232c12134659f9ec2fd3649f2da, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b3:d6:ed:b4:1e:f4:d0:21:3a:d7:05:b6:0f:
89:b7:6f:99:87:8e:0e:ff:6d:65:a5:e7:be:a2:80:
cc:11:21:4d:f1:29:89:0d:ca:8f:ef:9e:43:6a:f0:
f5:4a:d4:3b:7a:aa:c3:b8:da:c6:55:46:af:39:ce:
88:bf:1a:7d:77:20:ca:7e:7f:e6:89:31:39:36:75:
9d:1f:ec:4e:a0:47:03:09:9c:64:7e:54:07:5b:86:
e5:58:b0:cb:b7:44:7b:9d:95:e0:c4:05:d5:44:12:
48:cc:19:f4:79:4b:bd:70:05:30:89:ae:34:96:50:
1d:ef:80:48:bb:43:a9:40:07:dc:54:f5:42:15:cc:
5d:ef:b4:e2:22:28:e7:b3:f9:80:a5:c7:0d:f6:01:
c3:83:1b:48:05:b2:68:d8:dc:8e:fb:bc:ec:3c:c8:
1d:e7:ca:a5:48:a1:a1:00:7f:82:90:70:90:40:26:
b7:92:32:1a:55:50:0d:df:44:0c:a4:8c:49:2f:fa:
e6:78:4e:d7:4d:77:b6:4b:09:0a:c2:ac:03:e8:4d:
bf:7b:76:e5:f5:cd:e7:52:0c:1a:ae:f3:96:40:17:
47:28:10:74:d0:8d:29:80:b5:ae:be:94:88:e8:92:
53:29:fb:e5:9f:e4:4f:db:92:9a:48:9c:7d:2e:b0:
cb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D7:13:74:31:EC:1A:48:AB:46:CB:AF:52:50:7A:C1:AE:EE:DB:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:00:91:eb:02:31:e3:cf:06:df:08:9d:51:f1:5b:c3:ba:18:
32:93:6d:80:cc:80:39:2f:52:d3:45:05:d5:a4:5b:0e:af:8d:
b8:21:99:d3:bc:a3:27:29:f9:a6:d5:7a:4b:01:6d:a4:ef:30:
3f:e3:8b:0a:6f:77:aa:ab:98:ed:20:57:64:ba:53:c9:e1:c4:
19:c1:71:99:49:fd:ad:4b:64:98:9d:42:5c:6a:c1:34:4a:38:
fb:3e:46:0a:70:8d:b8:14:09:ed:4f:22:d7:85:c7:9b:27:08:
8d:e7:1a:a8:bb:84:64:84:c7:83:ea:fc:cc:3b:16:e0:49:59:
17:39:7f:df:e4:c7:e1:83:85:a8:09:1c:54:35:f8:cb:6e:98:
e6:f8:72:20:18:f4:56:d7:cc:83:a0:af:34:0a:63:af:47:19:
b9:a1:c3:70:b1:af:05:74:97:33:e7:b6:ee:55:80:bc:95:0f:
2a:9c:03:a4:48:b2:3b:e7:1b:01:9e:64:c9:ae:97:d2:7a:3b:
45:8e:8f:b3:d6:94:47:f1:b4:ab:65:96:50:41:dc:ff:77:cd:
cd:92:8d:0f:cc:21:ec:e6:50:18:de:00:96:cd:ab:cb:19:8b:
44:2e:fc:74:73:75:e5:be:df:79:e2:3b:c2:40:bd:13:e8:47:
61:e1:64:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMUTMcuLcgmfzLfVmGvlRJgd8WokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMjBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmZWRhNTU2YmFlMzMxYTUwODFjZTFkZWEzODIyZDU5OWE2YmQyMzJjMTIx
MzQ2NTlmOWVjMmZkMzY0OWYyZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI6z1u20HvTQITrXBbYPibdvmYeODv9tZaXnvqKAzBEhTfEpiQ3Kj++eQ2rw
9UrUO3qqw7jaxlVGrznOiL8afXcgyn5/5okxOTZ1nR/sTqBHAwmcZH5UB1uG5Viw
y7dEe52V4MQF1UQSSMwZ9HlLvXAFMImuNJZQHe+ASLtDqUAH3FT1QhXMXe+04iIo
57P5gKXHDfYBw4MbSAWyaNjcjvu87DzIHefKpUihoQB/gpBwkEAmt5IyGlVQDd9E
DKSMSS/65nhO1013tksJCsKsA+hNv3t25fXN51IMGq7zlkAXRygQdNCNKYC1rr6U
iOiSUyn75Z/kT9uSmkicfS6wy6UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRb1xN0
MewaSKtGy69SUHrBru7bUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBMAJHrAjHjzwbfCJ1R8VvDuhgyk22AzIA5L1LTRQXV
pFsOr424IZnTvKMnKfmm1XpLAW2k7zA/44sKb3eqq5jtIFdkulPJ4cQZwXGZSf2t
S2SYnUJcasE0Sjj7PkYKcI24FAntTyLXhcebJwiN5xqou4RkhMeD6vzMOxbgSVkX
OX/f5Mfhg4WoCRxUNfjLbpjm+HIgGPRW18yDoK80CmOvRxm5ocNwsa8FdJcz57bu
VYC8lQ8qnAOkSLI75xsBnmTJrpfSejtFjo+z1pRH8bSrZZZQQdz/d83Nko0PzCHs
5lAY3gCWzavLGYtELvx0c3Xlvt954jvCQL0T6Edh4WR+
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:18:26 2025 by rpki-client