Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json)
Hash identifier: zIdjGNWlRfgYP7r6qAUdZR26Ry0arw8MM7NQ1QCbTJk=
Subject key identifier: DF:87:15:23:60:72:89:7F:47:BF:84:21:14:C4:99:AD:9C:D7:B8:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 09D80F73C3C1B804E3CD80EEA5F9560789ADD202
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
Signing time: Sat 24 May 2025 00:30:40 +0000
ROA not before: Sat 24 May 2025 00:30:40 +0000
ROA not after: Sat 28 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:d8:0f:73:c3:c1:b8:04:e3:cd:80:ee:a5:f9:56:07:89:ad:d2:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 24 00:30:40 2025 GMT
Not After : Jun 28 23:59:59 2025 GMT
Subject: serialNumber=a9d64afa77aead3b96e9a7e98120669391858fca8daa350753c7b1e669b98e9c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:a8:ca:8c:43:74:6a:f6:8a:eb:f6:00:98:3f:
1a:b3:a9:87:77:f2:e4:81:74:fb:81:83:78:3f:ce:
ea:47:51:d5:1a:d2:54:b9:c7:87:b6:b1:e3:46:86:
3f:76:4a:85:2b:24:4c:ca:87:b6:6a:ca:54:af:0c:
d0:ee:7b:e8:11:58:ed:ed:0c:05:2f:06:79:80:22:
f5:c3:0e:a2:90:bc:0e:e9:6b:70:1f:7c:0b:c9:e3:
6b:8c:d4:97:22:a8:3e:69:57:8f:88:f9:44:88:14:
70:2f:53:b7:5c:a8:2f:ab:c7:e9:98:ee:f4:59:f8:
9a:db:93:3b:8e:97:65:e6:38:e7:18:9a:6e:99:a7:
8f:7e:25:8a:04:d2:b3:ae:5f:c9:c1:4d:9f:f3:ee:
ce:89:be:ed:68:2f:62:1b:55:ef:4c:2a:01:72:c2:
39:2d:64:d2:25:05:a9:8b:6a:b6:7a:fc:a1:23:d0:
36:bf:c3:db:e3:4b:10:eb:7e:f5:e2:a7:e5:ff:07:
55:d4:78:f8:c8:49:e6:69:77:81:90:4d:6d:fc:fe:
9a:ee:f0:a3:5d:74:7a:25:ac:c3:0c:0e:2b:4f:81:
87:61:c3:ce:bb:6a:2a:6a:3c:e0:a7:ea:d1:c4:98:
33:ae:17:6f:5c:6d:73:ef:74:9c:15:b6:13:33:5f:
e4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:87:15:23:60:72:89:7F:47:BF:84:21:14:C4:99:AD:9C:D7:B8:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.183.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:11:57:e4:46:3b:7f:d8:60:f1:79:5b:21:2e:77:d2:0f:f8:
37:60:d2:3e:46:be:c7:42:5d:59:b4:ce:e4:54:6d:0b:c8:cd:
ed:49:48:3f:ec:5e:f3:68:71:a1:72:b2:bf:dd:7b:36:0f:5c:
56:25:2a:20:e2:37:aa:d6:b5:dd:a3:e6:fb:51:90:6a:e8:ad:
9f:68:99:bc:ad:a7:31:e0:7a:3d:00:f3:4b:2c:27:53:c6:b3:
f5:5f:48:8c:e5:8e:cb:15:3c:85:16:56:77:94:0b:4b:ae:c7:
fd:50:81:24:6a:10:4f:2e:7c:ec:85:2c:72:42:37:5e:29:43:
2f:78:b4:bd:2d:85:e4:2c:40:fc:51:28:67:04:2c:fe:75:01:
93:bd:ab:41:a5:60:83:fa:d9:92:08:fb:08:af:0a:34:78:c6:
69:09:5d:18:ee:8e:ea:07:29:4f:65:ea:58:bc:f1:2b:9e:a7:
10:82:ec:05:c7:0d:92:4b:f4:4a:e6:77:9b:76:c7:29:5b:a5:
dc:28:f7:12:c9:c6:43:79:28:54:06:b9:3c:6c:6b:80:fc:ee:
65:f6:2b:c5:93:f9:bc:c3:3c:ba:c6:e6:33:68:07:37:4b:63:
e5:15:7e:ba:ac:7f:7f:cc:34:c6:7c:45:4a:bd:6c:6f:f5:77:
11:1b:a7:5e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCdgPc8PBuATjzYDupflWB4mt0gIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjQwMDMwNDBaFw0yNTA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5ZDY0YWZhNzdhZWFkM2I5NmU5YTdlOTgxMjA2NjkzOTE4NThmY2E4ZGFh
MzUwNzUzYzdiMWU2NjliOThlOWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPeoyoxDdGr2iuv2AJg/GrOph3fy5IF0+4GDeD/O6kdR1RrSVLnHh7ax40aG
P3ZKhSskTMqHtmrKVK8M0O576BFY7e0MBS8GeYAi9cMOopC8DulrcB98C8nja4zU
lyKoPmlXj4j5RIgUcC9Tt1yoL6vH6Zju9Fn4mtuTO46XZeY45xiabpmnj34ligTS
s65fycFNn/Puzom+7WgvYhtV70wqAXLCOS1k0iUFqYtqtnr8oSPQNr/D2+NLEOt+
9eKn5f8HVdR4+MhJ5ml3gZBNbfz+mu7wo110eiWswwwOK0+Bh2HDzrtqKmo84Kfq
0cSYM64Xb1xtc+90nBW2EzNf5E0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTfhxUj
YHKJf0e/hCEUxJmtnNe4OzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN
BgkqhkiG9w0BAQsFAAOCAQEAGhFX5EY7f9hg8XlbIS530g/4N2DSPka+x0JdWbTO
5FRtC8jN7UlIP+xe82hxoXKyv917Ng9cViUqIOI3qta13aPm+1GQauitn2iZvK2n
MeB6PQDzSywnU8az9V9IjOWOyxU8hRZWd5QLS67H/VCBJGoQTy587IUsckI3XilD
L3i0vS2F5CxA/FEoZwQs/nUBk72rQaVgg/rZkgj7CK8KNHjGaQldGO6O6gcpT2Xq
WLzxK56nEILsBccNkkv0SuZ3m3bHKVul3Cj3EsnGQ3koVAa5PGxrgPzuZfYrxZP5
vMM8usbmM2gHN0tj5RV+uqx/f8w0xnxFSr1sb/V3ERunXg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:51:44 2025 by rpki-client