Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: osM6LdgpOW+qU9aUG5vaOrtSVqFRfrMqX5WtUrqQ/8Q=
Subject key identifier: 98:AF:2E:A8:F3:00:F6:B2:8E:00:52:7F:71:09:97:62:4E:B2:EB:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 184D60D8C9BA805AD4469BBF06AB4D174FEA1710
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Mon 16 Jun 2025 21:51:16 +0000
ROA not before: Mon 16 Jun 2025 21:51:16 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:4d:60:d8:c9:ba:80:5a:d4:46:9b:bf:06:ab:4d:17:4f:ea:17:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:16 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=eb2d01d35d7b3ebf4e6295bcdb28e01e4f44c0b87e60b5e5b6e0a632137f6a89, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:66:e9:d4:2c:00:e4:4f:f3:28:09:a3:e5:8f:
f9:28:20:d1:79:54:82:a9:44:99:8d:d0:4e:73:70:
c4:ce:07:a7:83:c4:45:f9:b7:5d:fd:e0:3e:e5:01:
38:ad:eb:4e:b3:b5:6d:a6:db:56:fe:e1:c2:a6:2c:
a5:32:54:02:68:d1:d9:0b:9b:7d:10:56:42:0d:d9:
fc:92:6a:dd:71:9a:6e:24:dc:70:dc:d0:06:34:62:
85:ed:65:b8:72:60:af:f4:61:1d:bc:f4:16:17:c3:
61:84:4e:06:ff:89:a2:3b:c0:b5:f9:70:65:25:19:
7b:07:55:08:98:c1:80:b8:f4:02:80:ff:be:c6:22:
58:79:31:15:c1:8a:a2:ce:0f:62:21:45:6d:b9:b9:
37:5c:f4:81:a9:4a:09:87:fd:72:bb:f2:4b:02:33:
53:c6:b9:8c:3c:3d:f1:3e:5c:08:24:1b:12:ad:4c:
2d:b8:c2:f7:fd:91:bc:36:15:1a:5e:4a:19:63:23:
12:8a:e2:a2:81:08:63:1d:43:50:07:da:f5:df:8f:
5d:6f:20:4a:be:e9:a2:67:06:21:ab:65:fb:f6:31:
03:48:66:20:2c:f9:49:0e:5c:ca:82:94:69:98:5a:
2d:eb:67:8b:49:26:b6:ab:eb:78:04:92:a2:4c:af:
2b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AF:2E:A8:F3:00:F6:B2:8E:00:52:7F:71:09:97:62:4E:B2:EB:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:9f:3b:0d:32:7e:10:b8:72:e5:be:51:b7:e1:eb:bc:8e:30:
13:a0:76:7b:09:4d:6b:d4:d6:38:9a:20:ed:0c:3c:6b:17:fb:
fa:7d:da:2c:1c:bc:6a:5c:3e:01:c9:50:17:c8:5b:67:75:93:
37:32:ee:ee:7c:9f:95:a3:c4:bd:75:70:82:1a:1c:ad:82:88:
60:7a:8a:61:55:1a:6b:22:52:90:a5:42:36:7f:75:9b:ef:66:
b5:fd:d9:a7:cd:89:64:a1:64:ed:7e:de:61:a1:4a:f5:33:af:
4a:dd:d0:e0:23:3e:2a:06:44:eb:ad:d1:a3:57:08:54:f0:ae:
a1:f8:8f:b3:9f:ce:e9:03:e1:7a:ae:7e:27:6c:8d:7e:dd:b4:
22:27:e5:c3:f3:79:04:3e:8c:db:4f:bb:0e:c9:2e:2e:16:31:
01:40:58:8b:f6:6d:bb:47:9b:3e:14:8f:94:1d:3b:02:2c:90:
40:76:6b:70:1c:f6:50:78:ee:9c:55:3a:de:44:f0:4a:d7:13:
06:0b:20:b0:98:3f:00:c6:96:2b:3d:89:de:6e:2b:01:04:8a:
44:b9:46:86:21:05:96:a9:32:5a:ef:68:61:0a:4d:d9:d6:fc:
5a:34:2b:29:f2:75:92:46:31:e0:b9:13:71:bc:99:dd:8c:97:
3a:2f:35:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGE1g2Mm6gFrURpu/BqtNF0/qFxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMmQwMWQzNWQ3YjNlYmY0ZTYyOTViY2RiMjhlMDFlNGY0NGMwYjg3ZTYw
YjVlNWI2ZTBhNjMyMTM3ZjZhODkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOZm6dQsAORP8ygJo+WP+Sgg0XlUgqlEmY3QTnNwxM4Hp4PERfm3Xf3gPuUB
OK3rTrO1babbVv7hwqYspTJUAmjR2QubfRBWQg3Z/JJq3XGabiTccNzQBjRihe1l
uHJgr/RhHbz0FhfDYYROBv+JojvAtflwZSUZewdVCJjBgLj0AoD/vsYiWHkxFcGK
os4PYiFFbbm5N1z0galKCYf9crvySwIzU8a5jDw98T5cCCQbEq1MLbjC9/2RvDYV
Gl5KGWMjEoriooEIYx1DUAfa9d+PXW8gSr7pomcGIatl+/YxA0hmICz5SQ5cyoKU
aZhaLetni0kmtqvreASSokyvKwMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSYry6o
8wD2so4AUn9xCZdiTrLrjjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQDJnzsNMn4QuHLlvlG34eu8jjAToHZ7CU1r1NY4miDt
DDxrF/v6fdosHLxqXD4ByVAXyFtndZM3Mu7ufJ+Vo8S9dXCCGhytgohgeophVRpr
IlKQpUI2f3Wb72a1/dmnzYlkoWTtft5hoUr1M69K3dDgIz4qBkTrrdGjVwhU8K6h
+I+zn87pA+F6rn4nbI1+3bQiJ+XD83kEPozbT7sOyS4uFjEBQFiL9m27R5s+FI+U
HTsCLJBAdmtwHPZQeO6cVTreRPBK1xMGCyCwmD8AxpYrPYnebisBBIpEuUaGIQWW
qTJa72hhCk3Z1vxaNCsp8nWSRjHguRNxvJndjJc6LzWS
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:31:04 2025 by rpki-client