Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json)
Hash identifier: AnjgrFPmTSNik2D+blkj+YQubv7d4M9KsKlAb4l2fg4=
Subject key identifier: 98:54:8D:29:63:0D:D2:54:90:AF:42:6B:E2:D1:8E:A0:88:3F:AB:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 42D9FD1D495DB4487F817F3F1D956A4DBE80B10D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
Signing time: Wed 25 Jun 2025 00:50:27 +0000
ROA not before: Wed 25 Jun 2025 00:50:27 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:d9:fd:1d:49:5d:b4:48:7f:81:7f:3f:1d:95:6a:4d:be:80:b1:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:27 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=1f8938e8d398f023b073f2a7ccc44658f1dbb4ac66a8b138d2e1aacb28054ec9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0f:95:20:f6:08:a6:28:7c:83:11:a3:b8:a2:
dc:f2:38:ac:28:77:8e:50:b2:88:55:9f:0e:72:93:
ce:8b:d3:a0:94:2e:9e:10:13:9f:f1:c8:ca:30:ef:
e0:85:53:2d:70:c7:50:e9:b8:01:3e:f6:b9:5f:ce:
00:3b:f3:1e:e6:73:1d:64:8d:90:5c:cc:1b:bd:46:
ed:33:8d:b6:5f:e4:39:26:4e:d0:f1:cf:b3:3b:a6:
45:c8:51:ed:f5:b7:16:91:eb:9b:df:7b:dc:bd:2e:
af:b5:60:a2:04:59:83:fa:ac:f0:7c:32:9e:4e:7b:
70:f4:55:4d:24:a0:2f:54:6f:8f:67:67:40:1a:48:
7b:02:29:0c:ea:1d:bc:0f:33:d7:55:12:68:21:55:
85:ea:c6:e8:10:42:56:bd:ff:6f:31:db:fb:38:98:
40:9a:56:8b:33:3f:fb:23:3e:96:dc:6d:04:d3:25:
22:64:60:a6:16:17:d4:68:59:c3:37:91:d8:5c:7d:
16:7b:df:99:5e:9e:24:88:aa:1a:35:2f:d3:5d:c1:
08:91:4e:03:57:e4:a1:e9:28:81:e9:2c:7e:66:04:
83:e4:94:53:36:20:e5:cb:7a:66:9f:6c:a6:18:84:
d0:ce:85:c4:9b:f6:ea:12:f3:61:03:44:c1:ba:54:
63:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:54:8D:29:63:0D:D2:54:90:AF:42:6B:E2:D1:8E:A0:88:3F:AB:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
03:c0:40:73:e5:84:6e:66:5e:0d:9d:8c:12:b7:d7:52:e4:9a:
4a:c6:61:6e:a0:35:db:8b:b6:4e:55:8b:9c:2a:92:c4:34:11:
03:15:4e:e5:f5:04:37:76:e6:91:6b:d6:09:7f:20:e7:f9:ff:
65:35:27:00:84:7e:0b:35:5c:de:ba:da:15:10:92:ad:e8:96:
b7:30:ad:3c:b6:ed:27:19:6c:d8:b6:08:4a:49:0e:d3:58:bc:
e5:b3:4f:66:e8:1c:32:8c:c3:fd:de:5f:ec:d1:ff:f7:aa:a5:
d6:55:4d:ed:7e:f9:b3:b5:23:e9:4a:d8:0d:ed:2a:2a:92:67:
2b:23:56:b0:d5:68:d3:be:be:b2:b2:f6:a8:bd:75:70:1e:18:
c1:44:d2:7f:67:47:be:fe:ab:0c:aa:44:0b:7d:11:93:a6:ef:
24:04:c0:b5:d5:0d:4d:6e:7c:63:ed:91:f2:f0:5c:39:d2:cc:
4e:9d:b7:55:d3:ed:6c:3a:b1:dd:82:22:22:62:ca:5a:d8:ea:
48:39:1e:8f:3f:77:42:09:d4:f1:a8:dd:58:9b:74:78:90:d6:
51:21:ec:d0:83:3e:0e:39:1f:25:35:e6:a4:58:3b:3e:67:90:
ad:7b:3f:0b:47:7f:12:e7:47:f8:ac:29:fc:3b:04:86:fc:7f:
8c:01:ea:10
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQtn9HUldtEh/gX8/HZVqTb6AsQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjdaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmODkzOGU4ZDM5OGYwMjNiMDczZjJhN2NjYzQ0NjU4ZjFkYmI0YWM2NmE4
YjEzOGQyZTFhYWNiMjgwNTRlYzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUPlSD2CKYofIMRo7ii3PI4rCh3jlCyiFWfDnKTzovToJQunhATn/HIyjDv
4IVTLXDHUOm4AT72uV/OADvzHuZzHWSNkFzMG71G7TONtl/kOSZO0PHPszumRchR
7fW3FpHrm9973L0ur7VgogRZg/qs8Hwynk57cPRVTSSgL1Rvj2dnQBpIewIpDOod
vA8z11USaCFVherG6BBCVr3/bzHb+ziYQJpWizM/+yM+ltxtBNMlImRgphYX1GhZ
wzeR2Fx9FnvfmV6eJIiqGjUv013BCJFOA1fkoekogeksfmYEg+SUUzYg5ct6Zp9s
phiE0M6FxJv26hLzYQNEwbpUY/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSYVI0p
Yw3SVJCvQmvi0Y6giD+rbjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQADwEBz5YRuZl4NnYwSt9dS5JpKxmFuoDXbi7ZOVYuc
KpLENBEDFU7l9QQ3duaRa9YJfyDn+f9lNScAhH4LNVzeutoVEJKt6Ja3MK08tu0n
GWzYtghKSQ7TWLzls09m6BwyjMP93l/s0f/3qqXWVU3tfvmztSPpStgN7Soqkmcr
I1aw1WjTvr6ysvaovXVwHhjBRNJ/Z0e+/qsMqkQLfRGTpu8kBMC11Q1Nbnxj7ZHy
8Fw50sxOnbdV0+1sOrHdgiIiYspa2OpIOR6PP3dCCdTxqN1Ym3R4kNZRIezQgz4O
OR8lNeakWDs+Z5Ctez8LR38S50f4rCn8OwSG/H+MAeoQ
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:52:32 2025 by rpki-client