Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: S+m+V28a67DtGPHQMgk1fWFUJBuyz6wbtQa1kIyQMZo=
Subject key identifier: 4D:2D:BA:C9:11:AF:6D:84:A0:B8:33:62:DC:F1:E0:B7:40:F1:5E:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41D4117A3D3C63CB6851ED80832531CA9826FD00
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Tue 20 May 2025 20:41:33 +0000
ROA not before: Tue 20 May 2025 20:41:33 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:d4:11:7a:3d:3c:63:cb:68:51:ed:80:83:25:31:ca:98:26:fd:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:33 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f1ce048f0f242dd136de4cf70a9aa205dd1563d5f1f03a306aff643e0ef74751, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b8:90:e4:74:09:52:4d:8f:9c:c9:b4:7d:23:
d9:08:5d:cc:14:27:98:87:ce:5c:1b:8c:53:8a:28:
a6:dc:5d:b9:65:53:08:18:38:7d:7b:6a:1b:69:27:
6e:59:15:7b:5e:59:4b:d3:35:f2:64:38:5d:e8:a1:
a2:82:47:14:69:79:a0:fa:ad:3c:9d:98:8c:2a:cd:
35:e1:41:07:72:49:25:ce:31:f7:e1:be:e6:7a:11:
04:42:f7:cb:93:6a:a6:8d:31:ae:e2:30:a9:34:9e:
21:a2:cb:5d:db:4e:93:a3:fc:80:8b:c7:df:cb:a5:
35:bd:ff:1b:9f:81:c2:70:cc:93:d4:8c:14:15:a6:
c0:8d:4d:c0:b3:f5:75:1a:b7:0e:8e:ce:c2:df:e1:
65:83:2a:96:80:0e:5a:de:a4:c7:63:65:fa:c0:51:
4b:16:34:26:33:9f:59:67:75:d2:49:ce:32:76:63:
97:39:7b:70:c7:27:17:26:cf:80:71:20:a2:1e:56:
23:c7:90:6f:32:04:59:58:0e:55:9a:02:02:3a:c2:
da:78:ea:2f:98:40:5e:8b:ab:6d:ae:84:da:cc:a4:
04:f8:f1:fd:95:ab:f9:3a:19:12:4e:14:25:cb:b5:
c4:3c:51:64:2a:a5:41:e6:17:48:5b:dd:4a:80:45:
4c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2D:BA:C9:11:AF:6D:84:A0:B8:33:62:DC:F1:E0:B7:40:F1:5E:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:11:e7:1e:a5:2c:6b:e3:3e:3e:6d:c8:b0:b8:d9:2e:b5:7b:
86:dc:15:97:a2:4d:70:ac:6b:ab:91:39:45:36:22:df:87:11:
13:1f:60:a1:89:b3:8e:d4:00:82:fc:66:7f:71:99:06:e3:4a:
db:53:86:e2:a6:b9:b1:57:d0:01:cc:52:9e:b9:68:15:b5:fa:
a5:28:be:c1:c2:e6:97:d8:00:49:95:12:de:6d:07:f1:58:b2:
c2:45:4e:37:97:b7:48:0f:d7:e7:83:6e:08:03:31:a8:15:38:
85:c7:89:ca:0d:8d:78:c8:1b:07:49:d8:df:76:1f:39:b2:ce:
fc:2b:06:1a:bd:a4:8b:a8:f2:1c:74:dd:8c:a5:46:d0:b7:c6:
b7:0b:16:74:4f:11:ce:c0:bb:01:fb:ed:88:ec:9c:d2:27:ff:
de:36:f7:5b:f5:7c:07:f9:61:cb:06:88:00:42:22:ab:9f:f3:
22:6e:e4:54:fc:37:7f:53:88:67:9a:66:d9:38:e4:de:26:08:
44:b8:95:dc:68:ae:37:88:29:e6:47:23:3d:fd:33:2d:e8:77:
b1:de:0f:51:20:50:ab:b6:7c:85:09:9f:72:71:86:56:0c:37:
13:f6:a7:0e:49:b3:47:8a:86:a2:54:2c:25:79:c9:bd:03:f6:
1f:ba:a8:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQdQRej08Y8toUe2AgyUxypgm/QAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMzNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxY2UwNDhmMGYyNDJkZDEzNmRlNGNmNzBhOWFhMjA1ZGQxNTYzZDVmMWYw
M2EzMDZhZmY2NDNlMGVmNzQ3NTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL64kOR0CVJNj5zJtH0j2QhdzBQnmIfOXBuMU4ooptxduWVTCBg4fXtqG2kn
blkVe15ZS9M18mQ4XeihooJHFGl5oPqtPJ2YjCrNNeFBB3JJJc4x9+G+5noRBEL3
y5Nqpo0xruIwqTSeIaLLXdtOk6P8gIvH38ulNb3/G5+BwnDMk9SMFBWmwI1NwLP1
dRq3Do7Owt/hZYMqloAOWt6kx2Nl+sBRSxY0JjOfWWd10knOMnZjlzl7cMcnFybP
gHEgoh5WI8eQbzIEWVgOVZoCAjrC2njqL5hAXourba6E2sykBPjx/ZWr+ToZEk4U
Jcu1xDxRZCqlQeYXSFvdSoBFTM8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRNLbrJ
Ea9thKC4M2Lc8eC3QPFeqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQC9EecepSxr4z4+bciwuNkutXuG3BWXok1wrGurkTlF
NiLfhxETH2ChibOO1ACC/GZ/cZkG40rbU4biprmxV9ABzFKeuWgVtfqlKL7BwuaX
2ABJlRLebQfxWLLCRU43l7dID9fng24IAzGoFTiFx4nKDY14yBsHSdjfdh85ss78
KwYavaSLqPIcdN2MpUbQt8a3CxZ0TxHOwLsB++2I7JzSJ//eNvdb9XwH+WHLBogA
QiKrn/MibuRU/Dd/U4hnmmbZOOTeJghEuJXcaK43iCnmRyM9/TMt6Hex3g9RIFCr
tnyFCZ9ycYZWDDcT9qcOSbNHioaiVCwlecm9A/Yfuqjo
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:26 2025 by rpki-client