Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
File: 2ce9a789-9599-4c9d-a093-ead3033f60d1.roa (raw, json)
Hash identifier: ReeJWbNZ1ea9GUmEM7PTdb+y4633OM1FpjJpfLN/BbI=
Subject key identifier: 66:56:ED:15:F5:55:AF:76:35:20:0D:8D:10:2B:B8:A3:61:E2:E4:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F04C6DC788D962FF0039A08797DEF6AF8D397F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
Signing time: Tue 20 May 2025 20:50:47 +0000
ROA not before: Tue 20 May 2025 20:50:47 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:04:c6:dc:78:8d:96:2f:f0:03:9a:08:79:7d:ef:6a:f8:d3:97:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:47 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=590930e549856e4bd31e5e30d3374473fe7dccfc534fa3fd9b3d0fb65c56caff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5f:18:94:45:08:de:90:71:cc:8f:97:2b:cd:
92:da:01:e7:ea:9f:0c:c9:1b:d3:2f:7c:fa:91:ec:
14:4e:cc:b9:71:91:f9:4d:6c:e3:9e:cc:b1:9b:2a:
58:09:21:94:d5:a4:99:40:1d:d0:4a:c5:65:d3:c4:
46:fc:54:2c:2c:40:c0:87:59:aa:86:6f:74:64:9e:
5a:47:48:63:36:64:10:59:25:bd:79:53:68:58:24:
64:21:f9:3b:25:43:76:27:83:21:c3:90:e2:24:23:
1e:1b:b2:d6:0d:13:66:e0:85:fe:3e:ec:d3:b1:5e:
63:80:e6:71:e0:72:34:a0:17:40:2c:c8:05:51:3d:
fe:e1:10:64:9e:14:a3:84:80:15:92:a8:a3:d3:0d:
03:74:3d:39:b2:9c:b0:0b:fe:81:fa:23:dc:2c:45:
f9:c0:e2:09:70:11:d8:b7:01:35:8d:6c:c6:e2:4c:
ea:c2:db:6a:f7:94:59:d1:cf:88:61:c3:f6:5b:2e:
2d:ef:a9:03:85:16:35:73:86:cb:c2:19:06:dd:47:
72:93:6c:73:30:8b:b7:71:04:c7:9d:b1:af:9d:1f:
86:97:a2:43:6e:c8:7e:5b:7e:4a:28:63:23:e4:d0:
e2:9e:d3:4a:e5:e1:15:d4:d3:49:37:e0:00:99:fd:
b8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:56:ED:15:F5:55:AF:76:35:20:0D:8D:10:2B:B8:A3:61:E2:E4:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:6c:5f:14:6c:42:a6:21:83:29:9a:cc:e3:26:7c:63:59:01:
dd:ea:aa:00:e0:ae:97:9d:28:6d:7f:a3:7d:76:ad:ef:3e:53:
2d:3f:56:1a:d3:f5:bb:7e:54:a1:90:bd:2b:88:a7:c7:71:6f:
ac:a4:7c:fc:3e:e5:4c:9c:e3:fd:04:9a:65:d6:72:ff:f7:29:
6f:10:9d:d2:c0:82:61:cf:fd:70:b3:4c:f3:6b:d1:f4:38:b1:
e1:ca:77:4c:d7:32:3a:42:eb:4e:d2:4e:d2:c3:93:b4:9c:2c:
bb:36:a5:bb:3d:3d:e2:41:bd:98:34:26:96:ea:aa:a1:a0:cb:
22:59:1f:4f:d5:d3:7c:94:4f:96:38:32:c6:a8:fe:9f:8f:f7:
48:8a:34:b6:55:26:b8:2f:d8:37:88:98:35:b7:4c:1e:db:53:
a8:c4:4f:da:d7:75:39:5d:af:b9:77:76:f5:6e:18:cf:50:93:
f1:ba:4e:42:81:86:1a:4d:55:29:5b:d5:65:91:09:2a:00:29:
08:8e:e9:b4:1a:9d:72:9c:8a:2b:b7:8e:bc:be:78:f2:13:04:
bf:75:a0:b8:90:50:df:ac:5e:92:e9:27:d9:2f:fb:88:1a:4f:
4f:2d:c1:b9:31:60:59:5a:7b:f4:0c:e9:78:2b:0a:b6:04:f4:
3f:a8:00:6e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPwTG3HiNli/wA5oIeX3vavjTl/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5MDkzMGU1NDk4NTZlNGJkMzFlNWUzMGQzMzc0NDczZmU3ZGNjZmM1MzRm
YTNmZDliM2QwZmI2NWM1NmNhZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1fGJRFCN6QccyPlyvNktoB5+qfDMkb0y98+pHsFE7MuXGR+U1s457MsZsq
WAkhlNWkmUAd0ErFZdPERvxULCxAwIdZqoZvdGSeWkdIYzZkEFklvXlTaFgkZCH5
OyVDdieDIcOQ4iQjHhuy1g0TZuCF/j7s07FeY4DmceByNKAXQCzIBVE9/uEQZJ4U
o4SAFZKoo9MNA3Q9ObKcsAv+gfoj3CxF+cDiCXAR2LcBNY1sxuJM6sLbaveUWdHP
iGHD9lsuLe+pA4UWNXOGy8IZBt1HcpNsczCLt3EEx52xr50fhpeiQ27Iflt+Sihj
I+TQ4p7TSuXhFdTTSTfgAJn9uB8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmVu0V
9VWvdjUgDY0QK7ijYeLkuTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmNlOWE3ODktOTU5OS00YzlkLWEwOTMtZWFkMzAzM2Y2MGQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G
CSqGSIb3DQEBCwUAA4IBAQCNbF8UbEKmIYMpmszjJnxjWQHd6qoA4K6XnShtf6N9
dq3vPlMtP1Ya0/W7flShkL0riKfHcW+spHz8PuVMnOP9BJpl1nL/9ylvEJ3SwIJh
z/1ws0zza9H0OLHhyndM1zI6QutO0k7Sw5O0nCy7NqW7PT3iQb2YNCaW6qqhoMsi
WR9P1dN8lE+WODLGqP6fj/dIijS2VSa4L9g3iJg1t0we21OoxE/a13U5Xa+5d3b1
bhjPUJPxuk5CgYYaTVUpW9VlkQkqACkIjum0Gp1ynIort468vnjyEwS/daC4kFDf
rF6S6SfZL/uIGk9PLcG5MWBZWnv0DOl4Kwq2BPQ/qABu
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:58:02 2025 by rpki-client