Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: e87bsUs70x4qU+zeUdkTzf+VlxMD6MvmHC1/eaj39DU=
Subject key identifier: A4:16:C2:8B:7D:3D:D9:6D:B0:12:C2:FF:19:9A:A7:72:6A:68:EB:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D3C0D1292F245C0CD8AF0E23E57C9DA915EED05
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Tue 20 May 2025 20:50:39 +0000
ROA not before: Tue 20 May 2025 20:50:39 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:3c:0d:12:92:f2:45:c0:cd:8a:f0:e2:3e:57:c9:da:91:5e:ed:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:39 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9f644efe000161f25ba6678e30cead136acb466ea8bf332ad0d0d29d9367ba74, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:74:20:0d:d3:84:1a:23:d7:26:ec:6e:e2:65:
ca:e6:bb:d2:a0:2c:88:ec:af:12:42:74:b0:dc:95:
b0:0d:d1:d7:0c:8b:15:47:9e:59:b4:65:53:c5:de:
96:32:34:53:27:e1:b8:48:32:8e:22:a0:99:e3:5d:
1c:96:cb:90:2d:ed:c4:54:35:74:21:cd:80:d8:9b:
9e:34:5d:5f:58:40:e8:06:69:77:42:08:cd:26:1f:
15:50:8e:35:e3:a0:7b:67:91:74:64:75:5b:c1:31:
0c:a3:de:db:32:2d:d3:e8:a6:c3:cf:c9:d4:ea:4f:
e9:90:5c:68:d8:5b:9e:6c:5d:cb:b5:31:d5:0d:5f:
37:d3:18:de:ac:44:46:ad:3b:a6:a5:18:33:81:5c:
d6:3b:4d:dd:92:cf:c4:c0:c6:9b:a4:e0:c0:30:ae:
e8:21:82:13:d1:e0:d9:73:22:3d:0a:c3:6b:a0:29:
88:55:6c:58:af:ae:75:56:9f:98:58:79:1a:55:d8:
fe:49:f7:c2:9e:e3:1c:fc:8b:63:51:aa:1b:2b:1d:
e7:ac:97:08:87:5c:51:de:b8:cb:36:91:12:d2:d0:
3c:bf:27:12:d4:bb:a9:9c:9f:5f:a3:84:a4:3d:57:
3d:47:12:12:c7:f6:c8:e1:d5:c8:f0:26:a7:c3:d1:
11:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:16:C2:8B:7D:3D:D9:6D:B0:12:C2:FF:19:9A:A7:72:6A:68:EB:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7a:05:11:60:be:28:a4:e0:ff:4e:f9:89:f0:fd:61:76:10:51:
ee:c4:55:95:52:5a:3a:b3:f3:34:bc:1f:c0:a6:7e:3d:d9:4e:
86:98:35:2e:fd:62:b4:43:89:d6:fe:0d:e3:df:10:4f:20:bd:
3c:a2:78:49:50:12:77:73:9b:64:a8:6f:b2:6a:5b:fa:f0:af:
b5:13:9c:56:9c:b9:55:52:f2:03:ad:da:c6:42:08:01:6c:31:
85:09:f3:21:28:57:94:67:b1:79:b6:e4:c5:4a:62:78:3d:66:
41:48:b1:b0:04:7e:b1:76:ba:51:26:35:09:81:de:be:67:e0:
18:bf:32:3d:49:42:4b:4b:61:04:a2:db:7d:b6:65:d9:97:ba:
93:4b:b1:87:07:02:7e:8b:6f:51:ad:13:ae:41:40:7e:26:43:
36:cc:13:30:64:27:d7:66:10:fc:ce:28:86:c7:f5:77:60:54:
b4:1f:60:30:5d:98:d7:8e:a6:42:ca:13:de:b1:7e:40:d6:6c:
a7:e3:b2:d1:fd:6e:ac:07:2e:24:84:6e:3a:47:af:ff:fd:21:
f3:27:33:c6:98:be:90:df:f6:3b:ad:12:cb:65:53:f9:8e:d4:
d2:e7:38:15:e1:f3:0c:7c:63:a7:c4:59:f0:c9:ac:29:8c:66:
dc:cb:00:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHTwNEpLyRcDNivDiPlfJ2pFe7QUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMzlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmNjQ0ZWZlMDAwMTYxZjI1YmE2Njc4ZTMwY2VhZDEzNmFjYjQ2NmVhOGJm
MzMyYWQwZDBkMjlkOTM2N2JhNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJ0IA3ThBoj1ybsbuJlyua70qAsiOyvEkJ0sNyVsA3R1wyLFUeeWbRlU8Xe
ljI0UyfhuEgyjiKgmeNdHJbLkC3txFQ1dCHNgNibnjRdX1hA6AZpd0IIzSYfFVCO
NeOge2eRdGR1W8ExDKPe2zIt0+imw8/J1OpP6ZBcaNhbnmxdy7Ux1Q1fN9MY3qxE
Rq07pqUYM4Fc1jtN3ZLPxMDGm6TgwDCu6CGCE9Hg2XMiPQrDa6ApiFVsWK+udVaf
mFh5GlXY/kn3wp7jHPyLY1GqGysd56yXCIdcUd64yzaREtLQPL8nEtS7qZyfX6OE
pD1XPUcSEsf2yOHVyPAmp8PREecCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSkFsKL
fT3ZbbASwv8ZmqdyamjrijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQB6BRFgviik4P9O+Ynw/WF2EFHuxFWVUlo6s/M0vB/A
pn492U6GmDUu/WK0Q4nW/g3j3xBPIL08onhJUBJ3c5tkqG+yalv68K+1E5xWnLlV
UvIDrdrGQggBbDGFCfMhKFeUZ7F5tuTFSmJ4PWZBSLGwBH6xdrpRJjUJgd6+Z+AY
vzI9SUJLS2EEott9tmXZl7qTS7GHBwJ+i29RrROuQUB+JkM2zBMwZCfXZhD8ziiG
x/V3YFS0H2AwXZjXjqZCyhPesX5A1myn47LR/W6sBy4khG46R6///SHzJzPGmL6Q
3/Y7rRLLZVP5jtTS5zgV4fMMfGOnxFnwyawpjGbcywAr
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:54:58 2025 by rpki-client