Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: J8+9mbRyogtUfzEIJJPDwRRzfCTMC1tsfgf4TJfRdTA=
Subject key identifier: 5D:1B:C1:1D:88:67:AE:4C:52:30:8B:C4:A9:FB:1B:47:C5:19:6D:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3805A2A88A905B3634D0B5C73238F457CE7F6FF9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Tue 20 May 2025 20:41:35 +0000
ROA not before: Tue 20 May 2025 20:41:35 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:05:a2:a8:8a:90:5b:36:34:d0:b5:c7:32:38:f4:57:ce:7f:6f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:35 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=10d57817ecb2c0e7688fe751a6139ce8823d67a1374a5d89600515a0ea13c8b3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:c0:ac:64:ac:82:00:0c:af:3c:b1:9c:fa:
c7:9c:fd:29:56:44:8c:9d:ff:c1:75:5c:6a:8e:d4:
8f:04:7c:25:f7:57:93:28:b5:be:11:3e:5c:e2:4d:
98:c2:46:6c:59:80:5a:73:5e:5a:1e:2a:87:dc:48:
2d:35:7c:8e:84:e2:93:7e:d2:3a:11:42:32:04:4b:
6e:b7:c4:48:5f:7e:20:20:ed:fe:10:7c:de:51:d6:
48:20:fa:d9:98:06:ca:24:f0:99:d5:67:b4:df:8e:
d5:84:1d:09:fb:dc:71:b5:b8:6e:a1:eb:a6:8f:76:
34:0a:32:b0:20:54:0e:f2:da:21:55:18:8d:93:1e:
1d:cc:51:38:b5:68:2b:4f:ec:1d:0e:2f:59:5f:16:
dc:59:5b:14:62:1f:63:26:5f:14:a8:10:1a:3a:2b:
93:0e:3b:1a:c2:69:93:0b:a8:1e:be:bd:df:94:5f:
2c:d0:75:89:16:f1:60:e6:22:9d:cd:16:23:b5:5c:
4e:13:b5:3a:76:dc:b0:a2:4f:73:d8:20:42:a3:e0:
49:7f:ff:a9:47:3d:d6:e7:11:06:53:8d:60:7b:39:
f2:20:7f:35:02:fd:ec:e4:32:eb:1d:a1:b4:49:d7:
64:ba:6a:bd:8f:95:57:a9:c4:d3:df:61:14:27:16:
db:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1B:C1:1D:88:67:AE:4C:52:30:8B:C4:A9:FB:1B:47:C5:19:6D:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
63:75:12:0f:f1:4f:c5:cc:28:3a:05:0a:da:6e:1f:99:03:4f:
d1:a3:99:35:0c:37:5e:e7:5d:3a:33:a7:38:3a:0f:1a:a3:51:
d7:7d:03:3e:0f:88:c1:d5:29:0e:8c:69:8d:2e:6a:de:68:93:
c6:d8:73:25:26:4f:bf:8c:d5:46:31:21:45:9b:33:30:0e:82:
e1:7a:4e:ae:b3:56:72:a4:bb:c5:21:d3:57:62:d1:62:57:16:
f2:8a:ec:d1:fe:cb:09:99:88:d8:c1:02:39:2f:8e:3b:cf:dd:
53:8d:a2:e2:c8:9d:42:c4:8b:b5:30:8d:2a:3f:09:01:54:ea:
e3:1b:74:1c:ce:42:dc:2a:b5:a9:dd:0a:94:b7:85:76:c5:5c:
21:ed:14:74:37:f3:c1:8a:72:19:cc:4b:1c:c6:79:f0:8f:a3:
b8:87:ff:4f:30:09:f5:3b:dd:cc:d0:1b:f9:f1:89:56:45:cc:
ed:e6:29:ef:de:07:d3:a4:bd:c9:ed:b5:68:b0:c3:c4:47:e3:
d7:64:3d:f8:87:c8:80:54:88:7e:ed:7a:89:b7:03:8c:12:17:
fb:ec:8e:da:2e:e2:96:41:71:bf:38:89:92:18:27:ad:97:9d:
0f:23:0b:d6:c7:76:4c:7d:7d:ea:e4:f3:cc:25:8c:c4:fd:3a:
94:89:93:64
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOAWiqIqQWzY00LXHMjj0V85/b/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMzVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwZDU3ODE3ZWNiMmMwZTc2ODhmZTc1MWE2MTM5Y2U4ODIzZDY3YTEzNzRh
NWQ4OTYwMDUxNWEwZWExM2M4YjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6zwKxkrIIADK88sZz6x5z9KVZEjJ3/wXVcao7UjwR8JfdXkyi1vhE+XOJN
mMJGbFmAWnNeWh4qh9xILTV8joTik37SOhFCMgRLbrfESF9+ICDt/hB83lHWSCD6
2ZgGyiTwmdVntN+O1YQdCfvccbW4bqHrpo92NAoysCBUDvLaIVUYjZMeHcxROLVo
K0/sHQ4vWV8W3FlbFGIfYyZfFKgQGjorkw47GsJpkwuoHr6935RfLNB1iRbxYOYi
nc0WI7VcThO1OnbcsKJPc9ggQqPgSX//qUc91ucRBlONYHs58iB/NQL97OQy6x2h
tEnXZLpqvY+VV6nE099hFCcW218CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdG8Ed
iGeuTFIwi8Sp+xtHxRltATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQBjdRIP8U/FzCg6BQrabh+ZA0/Ro5k1DDde5106M6c4
Og8ao1HXfQM+D4jB1SkOjGmNLmreaJPG2HMlJk+/jNVGMSFFmzMwDoLhek6us1Zy
pLvFIdNXYtFiVxbyiuzR/ssJmYjYwQI5L447z91TjaLiyJ1CxIu1MI0qPwkBVOrj
G3QczkLcKrWp3QqUt4V2xVwh7RR0N/PBinIZzEscxnnwj6O4h/9PMAn1O93M0Bv5
8YlWRczt5inv3gfTpL3J7bVosMPER+PXZD34h8iAVIh+7XqJtwOMEhf77I7aLuKW
QXG/OImSGCetl50PIwvWx3ZMfX3q5PPMJYzE/TqUiZNk
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:59:06 2025 by rpki-client