Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: DOa3GzSWM8ZECHIpGRtB9uFDTLZ4oULd/BotfQorRb4=
Subject key identifier: 93:D1:34:37:3A:7F:86:D6:33:7B:1F:56:80:63:4F:D5:CE:F0:C5:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2FEFB6173CD71230DA3775A634819390ED1D46E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Tue 17 Jun 2025 00:50:33 +0000
ROA not before: Tue 17 Jun 2025 00:50:33 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ef:b6:17:3c:d7:12:30:da:37:75:a6:34:81:93:90:ed:1d:46:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:33 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=b6d87b07f70b7d73520c745582695e5e349887619c37ac66236dbca4709b265e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:76:62:ab:92:3b:a8:b6:8c:9b:84:e6:87:e7:
a4:ff:a0:fa:b4:c6:7c:94:6e:9c:06:91:77:0d:98:
5a:6f:24:4b:76:a3:b5:0f:35:da:81:a8:12:bb:2c:
f7:52:81:b3:a3:2e:e2:50:8c:c6:23:87:19:87:dc:
74:bc:a0:11:92:bd:56:6b:75:ee:9a:c3:66:fd:1f:
dd:7c:42:ac:1b:2a:eb:0a:fa:95:63:c9:ed:d7:f8:
c5:48:b2:fa:ed:ee:bf:4e:3c:be:f3:4c:43:07:b9:
d4:32:1c:e2:18:69:00:fc:90:2f:cd:bb:cf:69:6b:
29:cf:98:d6:92:52:4e:ce:c3:53:be:94:b6:8d:75:
b9:92:7a:6d:7e:59:9a:8a:fa:31:df:bb:07:7a:d6:
24:d5:4c:0a:1e:a4:27:48:44:9a:df:a9:17:6f:d6:
1d:6c:f1:2b:0c:7e:10:aa:59:27:37:ee:ca:90:13:
53:a3:ee:dc:2b:89:1a:7c:2d:bc:bf:ba:1d:2e:ce:
01:5c:27:7d:59:f5:79:cb:44:d7:ae:9f:6e:86:97:
b8:78:79:ce:b4:3b:9d:fe:b0:24:7e:2f:57:39:95:
cd:89:89:6b:ad:62:c2:d7:ec:a2:33:95:ce:37:5d:
37:a4:5d:59:83:f0:94:dd:bd:c1:cc:f4:d3:54:43:
64:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D1:34:37:3A:7F:86:D6:33:7B:1F:56:80:63:4F:D5:CE:F0:C5:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:b8:c9:29:a0:01:09:4a:9c:b0:43:35:1a:da:a8:ed:ae:d9:
c4:d1:a4:5d:cc:a5:73:8c:14:c1:b9:63:46:97:96:b5:ee:e9:
6c:57:74:9d:99:b3:ec:f1:8b:70:38:b4:b2:49:e4:7e:d2:2c:
c5:dd:ec:cb:92:99:e2:46:d2:ea:a4:37:f7:b7:81:d6:0c:0c:
ac:f1:e8:a9:73:1e:fa:2e:f5:4c:30:54:a2:35:5d:7e:75:c8:
e5:6d:24:05:c9:8f:2b:0f:ad:bd:09:bf:fc:c1:18:78:9b:18:
88:b2:d8:a4:d8:84:54:c8:01:94:1a:65:65:9d:59:7b:07:d9:
02:9b:da:77:75:a3:2e:6a:7f:09:a8:2b:b5:28:f5:9c:6a:5b:
29:3d:7a:ec:cf:23:ec:dc:61:6f:7c:06:7f:34:69:21:ff:0d:
c6:cd:7e:6d:f3:84:39:8e:fa:03:65:e1:e7:b8:1e:8b:ff:9d:
93:50:b1:a1:37:bb:5f:4c:1b:9a:03:c2:a0:d0:25:93:c1:33:
4f:5b:1b:de:d8:a6:8a:d4:04:89:58:47:ce:c9:12:4d:f4:90:
57:cf:d2:2d:51:38:68:23:94:33:15:35:7c:89:03:f8:85:5a:
cf:27:67:f1:88:2e:8d:9a:a0:d0:4b:b3:e6:03:03:19:30:01:
70:3e:57:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL++2FzzXEjDaN3WmNIGTkO0dRuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2ZDg3YjA3ZjcwYjdkNzM1MjBjNzQ1NTgyNjk1ZTVlMzQ5ODg3NjE5YzM3
YWM2NjIzNmRiY2E0NzA5YjI2NWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKd2YquSO6i2jJuE5ofnpP+g+rTGfJRunAaRdw2YWm8kS3ajtQ812oGoErss
91KBs6Mu4lCMxiOHGYfcdLygEZK9Vmt17prDZv0f3XxCrBsq6wr6lWPJ7df4xUiy
+u3uv048vvNMQwe51DIc4hhpAPyQL827z2lrKc+Y1pJSTs7DU76Uto11uZJ6bX5Z
mor6Md+7B3rWJNVMCh6kJ0hEmt+pF2/WHWzxKwx+EKpZJzfuypATU6Pu3CuJGnwt
vL+6HS7OAVwnfVn1ectE166fboaXuHh5zrQ7nf6wJH4vVzmVzYmJa61iwtfsojOV
zjddN6RdWYPwlN29wcz001RDZJUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBST0TQ3
On+G1jN7H1aAY0/VzvDFEzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQCtuMkpoAEJSpywQzUa2qjtrtnE0aRdzKVzjBTBuWNG
l5a17ulsV3SdmbPs8YtwOLSySeR+0izF3ezLkpniRtLqpDf3t4HWDAys8eipcx76
LvVMMFSiNV1+dcjlbSQFyY8rD629Cb/8wRh4mxiIstik2IRUyAGUGmVlnVl7B9kC
m9p3daMuan8JqCu1KPWcalspPXrszyPs3GFvfAZ/NGkh/w3GzX5t84Q5jvoDZeHn
uB6L/52TULGhN7tfTBuaA8Kg0CWTwTNPWxve2KaK1ASJWEfOyRJN9JBXz9ItUTho
I5QzFTV8iQP4hVrPJ2fxiC6NmqDQS7PmAwMZMAFwPld9
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:32:51 2025 by rpki-client