Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: zo8Nk3cE1OJ5O5R7iYMvIKJ/utrjzAICkBkijiujfU0=
Subject key identifier: 8A:A2:14:FC:A1:75:E6:DC:FB:A5:84:F5:D8:8F:D0:AD:B2:E9:11:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D402EA98481E20D67BDB3B230D1F4324832632B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Tue 20 May 2025 20:40:03 +0000
ROA not before: Tue 20 May 2025 20:40:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:40:2e:a9:84:81:e2:0d:67:bd:b3:b2:30:d1:f4:32:48:32:63:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5bc866ba50f7d06a81049ab17181d7e6fbdcbce89c545fe4350e1a5abf08d6e8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:66:d2:e4:96:e1:63:2c:03:e5:84:d5:d4:c8:
68:4d:33:6a:b4:f3:cc:9c:ae:02:c2:55:f5:b8:42:
00:be:d4:1b:ea:36:01:67:85:ce:19:0b:f2:72:c8:
f9:5e:65:8c:0e:e1:e1:10:e0:01:2a:ee:cb:f2:8c:
e7:0e:71:e0:e9:df:5f:c9:bc:aa:31:82:89:20:83:
e6:05:21:7e:6a:32:3f:29:a3:9f:62:54:18:91:17:
d5:b5:8a:18:e2:16:d8:ac:6f:08:9d:5f:8c:65:43:
dc:ce:85:cf:a8:19:55:0a:ed:f5:a1:96:1d:ac:f6:
b1:0f:e4:ff:f5:96:52:63:54:b7:e0:21:ad:db:c8:
52:d4:f8:0d:b8:58:c3:68:01:c0:fa:a9:44:37:20:
bb:79:35:a0:19:ef:12:34:0c:c4:39:52:15:96:ef:
f0:66:82:c0:9c:d7:e6:45:60:2e:6d:fe:bd:b9:5a:
4f:cf:b5:09:bc:0f:ec:ad:b2:b0:9b:79:85:0e:e9:
8c:b1:6e:56:2c:31:6c:ab:d4:9e:85:dc:51:2e:9b:
0d:c5:d6:06:54:f0:9d:ed:cd:fc:c2:ec:92:8f:85:
16:20:c7:e6:b9:7f:a8:da:8a:05:e8:8b:09:d2:0c:
15:23:00:1c:c3:e3:c7:d1:5f:fd:82:ba:6d:c3:97:
ef:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A2:14:FC:A1:75:E6:DC:FB:A5:84:F5:D8:8F:D0:AD:B2:E9:11:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:99:48:5c:3f:51:e2:5a:56:63:e0:1d:e3:97:9a:91:5f:30:
49:c6:ed:84:47:49:c9:57:4e:8a:18:3a:aa:e1:f0:bb:f5:62:
90:16:8a:84:56:40:e0:d5:6d:64:fb:fc:10:0b:e4:de:0c:13:
35:33:74:b3:76:38:bc:bf:11:27:e2:ae:53:19:5d:25:3b:73:
5a:ac:ea:28:81:e1:42:d2:18:ca:2f:eb:f2:a2:28:9b:4d:8f:
5d:e2:6d:39:35:ab:f9:4e:81:c8:5c:06:a2:cf:4e:4f:d3:07:
e0:9a:38:c6:3e:ec:80:0a:8a:ea:5f:b8:ed:80:d2:6b:b9:8b:
bc:8c:4c:e2:ce:43:05:ab:72:f9:3c:df:1c:17:ed:2e:78:ff:
c5:ba:b5:a7:cb:e8:fd:09:a1:38:42:5a:4e:28:3c:79:e2:89:
8a:4b:e8:b5:1c:b4:ad:bb:ae:4f:f5:46:d3:50:0a:22:6a:46:
2f:74:29:dc:31:fa:d3:06:bd:c5:b5:b2:db:fb:6d:16:93:2c:
01:d2:47:66:97:78:48:73:9b:aa:4e:b6:80:58:4e:78:b5:53:
34:74:78:0c:fc:79:03:85:8d:f7:f3:68:4c:50:81:82:db:fb:
90:34:be:2f:fd:51:e6:50:7e:b7:a4:24:31:09:98:da:b7:db:
ee:8b:76:b9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXUAuqYSB4g1nvbOyMNH0MkgyYyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYzg2NmJhNTBmN2QwNmE4MTA0OWFiMTcxODFkN2U2ZmJkY2JjZTg5YzU0
NWZlNDM1MGUxYTVhYmYwOGQ2ZTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRm0uSW4WMsA+WE1dTIaE0zarTzzJyuAsJV9bhCAL7UG+o2AWeFzhkL8nLI
+V5ljA7h4RDgASruy/KM5w5x4OnfX8m8qjGCiSCD5gUhfmoyPymjn2JUGJEX1bWK
GOIW2KxvCJ1fjGVD3M6Fz6gZVQrt9aGWHaz2sQ/k//WWUmNUt+AhrdvIUtT4DbhY
w2gBwPqpRDcgu3k1oBnvEjQMxDlSFZbv8GaCwJzX5kVgLm3+vblaT8+1CbwP7K2y
sJt5hQ7pjLFuViwxbKvUnoXcUS6bDcXWBlTwne3N/MLsko+FFiDH5rl/qNqKBeiL
CdIMFSMAHMPjx9Ff/YK6bcOX75UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKohT8
oXXm3PulhPXYj9CtsukR9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQAomUhcP1HiWlZj4B3jl5qRXzBJxu2ER0nJV06KGDqq
4fC79WKQFoqEVkDg1W1k+/wQC+TeDBM1M3Szdji8vxEn4q5TGV0lO3NarOoogeFC
0hjKL+vyoiibTY9d4m05Nav5ToHIXAaiz05P0wfgmjjGPuyACorqX7jtgNJruYu8
jEzizkMFq3L5PN8cF+0ueP/FurWny+j9CaE4QlpOKDx54omKS+i1HLStu65P9UbT
UAoiakYvdCncMfrTBr3FtbLb+20WkywB0kdml3hIc5uqTraAWE54tVM0dHgM/HkD
hY3382hMUIGC2/uQNL4v/VHmUH63pCQxCZjat9vui3a5
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:24:17 2025 by rpki-client