Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: 8fsgkWn5bo5uzanhuV+fSMCc3VzjjQk4iwZdXDdc5KU=
Subject key identifier: B5:5E:35:EF:52:11:E8:7F:17:F9:E1:D8:AF:01:CF:DB:16:5B:A1:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1BD9BDEEC88F7B240CFBD143D40E3E399A9DDE74
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Fri 23 May 2025 00:51:06 +0000
ROA not before: Fri 23 May 2025 00:51:06 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:d9:bd:ee:c8:8f:7b:24:0c:fb:d1:43:d4:0e:3e:39:9a:9d:de:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:06 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=5c5c87926bec0cfe54cb197f5095a9e85ed9469f29b48ea85dca21563ee2d6bb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c4:9a:d9:bd:30:e8:f9:73:44:53:2e:26:84:
32:71:e2:5c:73:c7:c3:51:26:37:60:fb:d6:56:d8:
9a:a4:17:09:11:00:b0:bc:9d:4e:aa:8e:25:e4:98:
cd:3f:71:f3:08:4f:bb:0d:5f:72:67:0b:d0:41:d6:
0b:e9:4d:f2:3d:1e:e1:3d:4a:72:e0:1d:58:c3:87:
14:66:4a:93:2f:e5:56:b4:6a:3e:d3:2a:7c:08:d8:
b6:2f:d5:d2:36:cc:eb:13:68:f3:c9:55:bb:0a:c9:
0c:81:2f:33:5c:65:ee:87:0f:cf:eb:c2:6a:35:eb:
b1:b8:c8:d3:11:52:ac:cd:8c:02:5a:b0:51:bd:e1:
05:a6:46:c5:a8:19:2c:f5:82:94:e3:2b:3d:be:da:
21:c8:e3:2a:14:08:e2:09:06:c3:77:f0:c6:66:2d:
0d:81:de:2c:10:dc:62:86:7c:2e:b3:b3:f4:5a:91:
ab:27:ee:ea:5f:ae:38:44:2e:02:a1:9d:b4:5c:58:
ab:9a:28:c0:e9:ed:54:16:f3:0c:10:32:41:60:5d:
7e:85:b6:2c:1b:bb:71:8e:42:a8:21:ff:c4:91:b0:
d4:47:4b:2a:97:9d:fb:de:25:87:b6:5c:b5:07:fa:
b8:4d:e8:44:3a:a5:b8:79:bf:07:de:b4:fa:4d:c0:
25:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5E:35:EF:52:11:E8:7F:17:F9:E1:D8:AF:01:CF:DB:16:5B:A1:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:12:a7:82:5c:fd:60:ae:c3:d7:bd:66:97:e9:53:54:c4:41:
19:43:95:df:d7:75:7c:e3:a9:e0:bb:a0:83:14:17:04:c1:fb:
18:77:59:fa:e3:58:3d:43:f0:16:31:d9:de:ce:06:53:6c:af:
98:fa:b8:2c:33:4c:d4:4e:a6:5a:fc:24:cc:6a:73:69:ff:c8:
18:fa:e0:7e:47:0b:a5:5d:71:39:b9:e0:4c:78:ff:e3:0b:50:
0c:22:8b:a4:7d:74:37:20:56:2d:83:c0:bb:3c:0a:03:bd:07:
41:ae:a5:81:e6:d6:9f:f0:54:0c:5d:e2:82:64:2d:69:38:cf:
f0:b8:94:64:9f:f9:71:a3:4c:d6:c6:4a:4c:7c:ba:01:cb:41:
ca:ea:ad:c0:fe:f4:ed:e2:d3:19:c0:44:43:35:3d:d2:d2:9a:
f1:b5:95:2e:be:78:52:7b:61:25:89:3b:1b:e1:da:24:2e:35:
84:9b:ac:7c:fb:cc:55:43:f0:03:45:c8:d7:14:bd:8a:6a:2c:
be:db:e7:c7:fc:e3:f2:6d:e8:48:2b:82:e2:aa:5e:de:81:c2:
f2:20:b4:41:b5:0e:d7:7b:56:93:27:78:3a:9e:b6:82:5d:a0:
5d:81:65:ef:35:51:1b:ae:7b:9b:f5:82:e5:36:b0:ac:49:a0:
76:29:98:f0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUG9m97siPeyQM+9FD1A4+OZqd3nQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMDZaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNWM4NzkyNmJlYzBjZmU1NGNiMTk3ZjUwOTVhOWU4NWVkOTQ2OWYyOWI0
OGVhODVkY2EyMTU2M2VlMmQ2YmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLEmtm9MOj5c0RTLiaEMnHiXHPHw1EmN2D71lbYmqQXCREAsLydTqqOJeSY
zT9x8whPuw1fcmcL0EHWC+lN8j0e4T1KcuAdWMOHFGZKky/lVrRqPtMqfAjYti/V
0jbM6xNo88lVuwrJDIEvM1xl7ocPz+vCajXrsbjI0xFSrM2MAlqwUb3hBaZGxagZ
LPWClOMrPb7aIcjjKhQI4gkGw3fwxmYtDYHeLBDcYoZ8LrOz9FqRqyfu6l+uOEQu
AqGdtFxYq5oowOntVBbzDBAyQWBdfoW2LBu7cY5CqCH/xJGw1EdLKped+94lh7Zc
tQf6uE3oRDqluHm/B960+k3AJWECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1XjXv
UhHofxf54divAc/bFluhZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQBLEqeCXP1grsPXvWaX6VNUxEEZQ5Xf13V846ngu6CD
FBcEwfsYd1n641g9Q/AWMdnezgZTbK+Y+rgsM0zUTqZa/CTManNp/8gY+uB+Rwul
XXE5ueBMeP/jC1AMIoukfXQ3IFYtg8C7PAoDvQdBrqWB5taf8FQMXeKCZC1pOM/w
uJRkn/lxo0zWxkpMfLoBy0HK6q3A/vTt4tMZwERDNT3S0prxtZUuvnhSe2EliTsb
4dokLjWEm6x8+8xVQ/ADRcjXFL2Kaiy+2+fH/OPybehIK4Liql7egcLyILRBtQ7X
e1aTJ3g6nraCXaBdgWXvNVEbrnub9YLlNrCsSaB2KZjw
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:37:49 2025 by rpki-client