Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
File: 24601d85-ac6e-46b6-a0d2-d35342ccc951.roa (raw, json)
Hash identifier: Gi+BY8wOZMvpsFu6+pv8mZIi3VGLTHvpLZdACKMfIC4=
Subject key identifier: C7:8E:B3:72:EC:30:B4:08:D1:C1:53:C8:5F:55:51:BB:87:75:76:5E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4ED41D7D82F1EC85895CA3E87FD3AD853BC70066
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
Signing time: Fri 23 May 2025 00:51:15 +0000
ROA not before: Fri 23 May 2025 00:51:15 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:d4:1d:7d:82:f1:ec:85:89:5c:a3:e8:7f:d3:ad:85:3b:c7:00:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:15 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=0802d06c45cec9960f6341cdb56601e70f2449d0b2f15aee2bc673b32a7ca751, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:da:79:7d:11:61:ca:d6:7b:69:10:8e:e2:98:
35:4e:ec:4d:ec:a4:e0:1f:43:e4:93:9e:7f:24:45:
e8:5e:cc:b3:90:fe:f1:2c:51:15:8b:f9:bd:1b:f3:
74:1e:6f:86:70:f6:9f:aa:94:90:06:f1:ad:14:09:
00:4b:84:6b:d9:58:5d:d3:7f:96:10:e1:64:39:a5:
9e:b7:f5:59:94:9a:89:cc:db:9d:b0:ec:7b:00:63:
38:9a:95:1d:db:72:77:60:70:39:13:25:06:18:aa:
51:16:41:bd:67:49:52:5a:7d:ef:33:ac:98:85:56:
48:ba:8d:bb:03:56:d5:d3:11:f7:41:22:95:ae:76:
a8:18:58:a4:74:e2:62:4e:d1:a7:1c:3f:0d:15:b9:
dd:67:21:99:1d:3f:71:11:1f:c1:ca:c5:44:3f:dd:
85:01:8b:7e:74:57:09:1b:ee:65:ce:0d:ee:16:28:
d4:56:72:74:e6:b6:6b:3f:32:9f:1d:85:6b:30:2a:
07:9e:ce:99:41:a0:06:58:8e:42:95:fd:fe:f8:67:
01:f0:73:13:a1:37:27:7a:10:b8:8e:76:8b:a7:b5:
8a:72:b2:82:b8:f6:66:e6:0a:23:3a:4e:09:ff:27:
79:92:8f:2c:01:ac:47:a8:5a:ce:b3:12:28:ba:0c:
f1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8E:B3:72:EC:30:B4:08:D1:C1:53:C8:5F:55:51:BB:87:75:76:5E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:5e:f9:7a:d3:1a:c8:5d:f7:b0:97:e3:9d:46:eb:41:c0:b5:
67:89:ad:f3:06:a9:b5:e3:74:49:3c:f9:ea:45:94:6d:9d:01:
13:9d:65:c8:9e:66:82:b5:17:b0:60:b6:e1:de:96:5c:de:ea:
bc:b0:a5:32:6f:12:70:53:5d:70:b4:74:1c:10:06:09:fa:e3:
c1:b2:8e:7c:da:62:bb:9c:3e:6c:5f:8e:75:48:66:88:5b:71:
05:8e:40:f5:cb:4a:8b:41:4e:de:0a:d9:4e:eb:77:27:3e:3e:
ee:47:03:37:dc:85:c1:4b:30:f5:b7:39:e0:e6:cb:c6:d2:74:
1b:5a:ff:a4:0f:14:de:76:55:c2:de:e5:85:04:2b:52:df:63:
28:2f:86:bd:ff:8e:7e:61:5e:81:de:ef:2a:33:6c:bd:c1:28:
84:12:e3:7e:5e:bf:6b:de:e9:55:c3:28:27:c5:29:11:72:82:
e2:f4:a8:33:26:8f:e2:08:a5:08:d0:40:f5:91:fc:8f:55:bd:
e5:cb:61:50:91:2c:d7:b7:cb:f6:15:fd:d7:94:59:af:1e:5e:
f3:44:e3:e4:97:ab:ce:74:a3:30:59:0f:e4:e6:b0:db:e6:ff:
22:9b:54:33:af:9b:f6:f0:9e:3a:0a:dc:f1:f0:03:df:28:2a:
48:3b:32:81
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTtQdfYLx7IWJXKPof9OthTvHAGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMTVaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4MDJkMDZjNDVjZWM5OTYwZjYzNDFjZGI1NjYwMWU3MGYyNDQ5ZDBiMmYx
NWFlZTJiYzY3M2IzMmE3Y2E3NTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7aeX0RYcrWe2kQjuKYNU7sTeyk4B9D5JOefyRF6F7Ms5D+8SxRFYv5vRvz
dB5vhnD2n6qUkAbxrRQJAEuEa9lYXdN/lhDhZDmlnrf1WZSaiczbnbDsewBjOJqV
Hdtyd2BwORMlBhiqURZBvWdJUlp97zOsmIVWSLqNuwNW1dMR90Eila52qBhYpHTi
Yk7Rpxw/DRW53WchmR0/cREfwcrFRD/dhQGLfnRXCRvuZc4N7hYo1FZydOa2az8y
nx2FazAqB57OmUGgBliOQpX9/vhnAfBzE6E3J3oQuI52i6e1inKygrj2ZuYKIzpO
Cf8neZKPLAGsR6hazrMSKLoM8RkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTHjrNy
7DC0CNHBU8hfVVG7h3V2XjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ2MDFkODUtYWM2ZS00NmI2LWEwZDItZDM1MzQyY2NjOTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQAnXvl60xrIXfewl+OdRutBwLVnia3zBqm143RJPPnq
RZRtnQETnWXInmaCtRewYLbh3pZc3uq8sKUybxJwU11wtHQcEAYJ+uPBso582mK7
nD5sX451SGaIW3EFjkD1y0qLQU7eCtlO63cnPj7uRwM33IXBSzD1tzng5svG0nQb
Wv+kDxTedlXC3uWFBCtS32MoL4a9/45+YV6B3u8qM2y9wSiEEuN+Xr9r3ulVwygn
xSkRcoLi9KgzJo/iCKUI0ED1kfyPVb3ly2FQkSzXt8v2Ff3XlFmvHl7zROPkl6vO
dKMwWQ/k5rDb5v8im1Qzr5v28J46Ctzx8APfKCpIOzKB
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:53:55 2025 by rpki-client