Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
File: f060e190-89f7-4009-9831-b2d429343b80.roa (raw, json)
Hash identifier: aoCVutegaMxpdCHHgpBjhp4M3gR9hQdbZMAM2J0qCm0=
Subject key identifier: C0:44:BE:5A:6B:24:4A:30:51:BF:2B:5F:16:38:68:71:51:BF:95:B8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31C0BE90C83B2F7E252B8BA0A726C2C83FB356F7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
Signing time: Tue 17 Jun 2025 00:51:06 +0000
ROA not before: Tue 17 Jun 2025 00:51:06 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:c0:be:90:c8:3b:2f:7e:25:2b:8b:a0:a7:26:c2:c8:3f:b3:56:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:06 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=0133eb6234fcc269d26ff0a76aef8577b176e3c18632df8c32e52205764caf46, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:dd:82:43:e6:9a:74:07:2d:ba:ab:2b:8a:f5:
72:50:da:d6:c7:d2:28:75:80:ee:63:75:f8:a2:f4:
43:d5:eb:b1:7a:30:4b:6a:25:30:84:e8:df:c3:61:
3d:62:f1:cd:cf:cb:47:82:2f:bf:0c:bf:c0:19:2b:
c0:48:63:f5:d6:26:e0:89:20:64:66:8f:5e:be:14:
f4:c6:d2:88:98:4e:0f:54:01:6e:7c:8d:63:7d:b7:
33:eb:42:2a:bc:19:75:af:d3:6d:99:ec:4e:4a:a0:
6a:79:d8:95:6c:7b:75:61:79:50:ca:c5:30:8e:c0:
b9:e6:da:44:01:ff:15:32:91:6b:49:69:31:52:0e:
c0:2a:a6:e7:04:0e:64:22:b0:81:b5:c9:5f:78:af:
c7:dc:db:c6:d9:ed:96:5c:96:2d:37:7c:a3:84:4d:
75:8c:6b:fc:4b:bb:a9:0b:c4:24:29:24:bd:4b:11:
ad:9e:d0:9c:2f:f2:07:09:85:9a:2e:e4:15:67:40:
32:71:09:61:5e:3b:c7:e0:de:9b:ec:a1:44:e6:7b:
01:bb:f8:b2:77:eb:bd:e4:5b:7e:ea:2f:31:a6:83:
ff:37:7b:d4:52:56:f4:dd:e6:20:24:55:1c:fe:7b:
57:c4:f8:63:80:9e:96:6d:22:5f:3b:35:c7:77:2e:
a6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:44:BE:5A:6B:24:4A:30:51:BF:2B:5F:16:38:68:71:51:BF:95:B8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
25:38:37:cf:0e:00:ae:a0:f8:fa:0e:e7:ed:67:8e:15:59:d7:
ef:13:2a:3d:90:c5:5f:f0:c4:7a:34:6a:9e:47:68:51:74:8a:
b4:90:38:c3:0f:f0:97:62:1f:e0:e6:f4:dd:d9:f1:9d:a6:09:
a6:35:83:75:df:cc:1d:fa:be:da:15:3c:7b:c9:00:bf:73:bf:
da:57:25:2f:a5:c0:d1:b8:e8:0b:2c:a8:c8:9a:39:21:f5:5d:
55:4a:7d:64:bc:ee:18:1b:ca:33:29:a5:a1:04:2a:2c:57:b3:
d1:0b:2a:46:ca:c6:92:a9:6f:56:63:f1:11:ed:4b:42:ef:d7:
e5:21:f3:79:49:54:c4:72:28:6e:74:25:9a:04:03:ef:bc:ca:
87:a7:e9:a8:39:50:74:40:c6:98:3d:35:61:88:d3:76:da:ad:
28:47:4e:1f:d8:ae:8c:81:0f:8b:e9:b3:e2:75:79:9d:7a:f1:
26:70:77:47:21:f4:61:8b:3e:49:7e:fe:b9:0d:a1:f0:70:60:
22:b4:ca:95:0d:56:3c:a4:64:94:b6:b7:ca:33:a2:23:6a:c8:
1e:23:a8:f6:82:e6:20:83:3a:49:d5:dd:e7:b4:45:cf:16:1d:
94:01:c2:91:b1:5d:02:91:a4:6a:24:4b:a5:73:40:e0:65:a6:
03:a3:7c:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMcC+kMg7L34lK4ugpybCyD+zVvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDZaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxMzNlYjYyMzRmY2MyNjlkMjZmZjBhNzZhZWY4NTc3YjE3NmUzYzE4NjMy
ZGY4YzMyZTUyMjA1NzY0Y2FmNDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfdgkPmmnQHLbqrK4r1clDa1sfSKHWA7mN1+KL0Q9XrsXowS2olMITo38Nh
PWLxzc/LR4Ivvwy/wBkrwEhj9dYm4IkgZGaPXr4U9MbSiJhOD1QBbnyNY323M+tC
KrwZda/TbZnsTkqgannYlWx7dWF5UMrFMI7AuebaRAH/FTKRa0lpMVIOwCqm5wQO
ZCKwgbXJX3ivx9zbxtntllyWLTd8o4RNdYxr/Eu7qQvEJCkkvUsRrZ7QnC/yBwmF
mi7kFWdAMnEJYV47x+Dem+yhROZ7Abv4snfrveRbfuovMaaD/zd71FJW9N3mICRV
HP57V8T4Y4Celm0iXzs1x3cuppECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTARL5a
ayRKMFG/K18WOGhxUb+VuDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA2MGUxOTAtODlmNy00MDA5LTk4MzEtYjJkNDI5MzQzYjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQAlODfPDgCuoPj6DuftZ44VWdfvEyo9kMVf8MR6NGqe
R2hRdIq0kDjDD/CXYh/g5vTd2fGdpgmmNYN138wd+r7aFTx7yQC/c7/aVyUvpcDR
uOgLLKjImjkh9V1VSn1kvO4YG8ozKaWhBCosV7PRCypGysaSqW9WY/ER7UtC79fl
IfN5SVTEcihudCWaBAPvvMqHp+moOVB0QMaYPTVhiNN22q0oR04f2K6MgQ+L6bPi
dXmdevEmcHdHIfRhiz5Jfv65DaHwcGAitMqVDVY8pGSUtrfKM6IjasgeI6j2guYg
gzpJ1d3ntEXPFh2UAcKRsV0CkaRqJEulc0DgZaYDo3wS
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:16:30 2025 by rpki-client