Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: u+2694dHq+W6eFcius56piPM9FfCMYXcJG65dSRv6rs=
Subject key identifier: 06:0F:6C:C7:7F:B7:F9:F3:DF:69:A8:01:E4:1F:85:F2:ED:91:70:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 161354080A7029978C1B077E14F7BB7C5AC548EE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Tue 20 May 2025 20:40:02 +0000
ROA not before: Tue 20 May 2025 20:40:02 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:13:54:08:0a:70:29:97:8c:1b:07:7e:14:f7:bb:7c:5a:c5:48:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:02 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=4a0bc2694f20d031799cf122c557f11a3e86be38f02db4d42912356bf029eb78, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4a:03:7f:d8:63:7b:0a:29:1b:ae:72:10:aa:
0d:46:5c:00:0a:c7:0d:b6:fc:62:1b:af:7f:5b:9c:
b9:c9:45:53:74:9a:c3:f1:a2:e0:99:a8:7f:19:61:
6a:49:e5:0e:c3:e8:a9:5c:09:e6:71:43:18:05:0a:
ca:bd:8c:68:5d:7e:83:31:42:c1:75:84:d2:79:65:
ee:1e:17:87:b2:30:73:13:21:5f:4c:80:f5:3c:77:
19:9a:de:b5:96:40:58:d2:ef:77:e6:73:28:2d:1e:
35:30:da:ac:9c:93:fd:61:1c:26:20:20:ad:4d:ab:
31:6f:67:6e:97:ca:60:8f:59:4c:96:da:3a:3b:f1:
5a:74:6e:81:09:61:b3:72:51:8f:53:c7:6f:82:85:
58:d8:fb:e6:76:b7:bd:f2:0f:dc:fa:20:d3:94:b4:
48:79:58:55:a1:b8:64:82:51:b2:37:80:50:82:46:
a7:ae:15:bd:3f:86:96:a3:2f:5f:97:12:b7:9f:35:
b4:04:b2:48:04:74:3f:e8:0e:ae:29:70:74:55:19:
12:ef:fc:22:04:4e:20:79:65:37:88:ae:9c:1c:de:
f2:65:cd:a8:47:0a:0a:fe:60:36:1b:d4:66:80:bc:
7d:fb:17:6e:16:bb:2f:cb:ae:9c:65:2f:08:3a:f7:
ca:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0F:6C:C7:7F:B7:F9:F3:DF:69:A8:01:E4:1F:85:F2:ED:91:70:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:23:6a:c8:65:8e:05:fa:64:12:ed:11:6f:67:67:10:45:c2:
76:a4:86:f0:62:31:47:d1:1a:8d:31:ff:d2:2d:50:57:bc:de:
33:85:53:a3:c4:23:29:08:94:8f:92:34:d8:cf:4e:aa:1a:e2:
89:97:b7:ad:f6:3c:1b:54:a0:d9:46:b3:ff:31:45:fb:c0:76:
b9:61:55:39:b1:ab:6a:f5:33:83:aa:16:c3:2a:26:d2:11:d0:
f1:05:31:4b:ac:1a:7f:ff:a1:98:65:ba:db:56:7c:57:4c:4e:
60:7e:3b:a9:2d:ca:a9:b2:5b:d4:91:67:bb:bc:bb:6d:c5:03:
a9:12:e2:2e:97:a4:fc:23:d4:c1:c7:f4:a7:92:9b:aa:66:34:
ff:ba:78:45:c2:2d:ad:a7:31:6b:10:f0:95:bc:ec:a5:4f:62:
bc:c0:16:80:8e:97:25:87:d5:fd:82:bf:6a:6d:a8:1c:6d:72:
78:5e:ab:f5:69:29:78:2e:05:c8:5b:4d:dd:bc:92:45:13:96:
3c:d1:67:4b:8c:46:8b:af:85:7e:b1:6a:83:98:d9:51:e7:41:
57:a4:9a:6f:a7:cd:b1:22:3f:f4:4a:04:86:63:5f:5d:77:85:
67:6d:09:ff:83:7d:1c:8b:6c:27:90:92:4b:91:80:13:32:1c:
b2:5c:3b:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFhNUCApwKZeMGwd+FPe7fFrFSO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhMGJjMjY5NGYyMGQwMzE3OTljZjEyMmM1NTdmMTFhM2U4NmJlMzhmMDJk
YjRkNDI5MTIzNTZiZjAyOWViNzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAONKA3/YY3sKKRuuchCqDUZcAArHDbb8Yhuvf1ucuclFU3Saw/Gi4Jmofxlh
aknlDsPoqVwJ5nFDGAUKyr2MaF1+gzFCwXWE0nll7h4Xh7IwcxMhX0yA9Tx3GZre
tZZAWNLvd+ZzKC0eNTDarJyT/WEcJiAgrU2rMW9nbpfKYI9ZTJbaOjvxWnRugQlh
s3JRj1PHb4KFWNj75na3vfIP3Pog05S0SHlYVaG4ZIJRsjeAUIJGp64VvT+GlqMv
X5cSt581tASySAR0P+gOrilwdFUZEu/8IgROIHllN4iunBze8mXNqEcKCv5gNhvU
ZoC8ffsXbha7L8uunGUvCDr3ypMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQGD2zH
f7f5899pqAHkH4Xy7ZFwfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQAXI2rIZY4F+mQS7RFvZ2cQRcJ2pIbwYjFH0RqNMf/S
LVBXvN4zhVOjxCMpCJSPkjTYz06qGuKJl7et9jwbVKDZRrP/MUX7wHa5YVU5satq
9TODqhbDKibSEdDxBTFLrBp//6GYZbrbVnxXTE5gfjupLcqpslvUkWe7vLttxQOp
EuIul6T8I9TBx/SnkpuqZjT/unhFwi2tpzFrEPCVvOylT2K8wBaAjpclh9X9gr9q
bagcbXJ4Xqv1aSl4LgXIW03dvJJFE5Y80WdLjEaLr4V+sWqDmNlR50FXpJpvp82x
Ij/0SgSGY19dd4VnbQn/g30ci2wnkJJLkYATMhyyXDu4
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:56:58 2025 by rpki-client