Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
File: 39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa (raw, json)
Hash identifier: XvBhH9OWjPKUGs5IOWU2S+Xbhz38N42lO8qpDSlRJ+g=
Subject key identifier: 68:DE:85:35:4C:21:B2:0D:79:0C:1A:85:7B:EF:9F:E4:02:7A:E4:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6370BDFEDE9FB093F5BC9A6C56D4530F4298EBA8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
Signing time: Fri 23 May 2025 00:50:12 +0000
ROA not before: Fri 23 May 2025 00:50:12 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:70:bd:fe:de:9f:b0:93:f5:bc:9a:6c:56:d4:53:0f:42:98:eb:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:12 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=ea945a7d38ac8d6b52d21eb3dca201ef19ab596b84562de2f86832d606cb31c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3d:91:1d:81:c3:fe:3c:13:08:4e:68:5e:57:
f9:96:a7:c1:8b:97:3b:27:bf:90:b8:9f:54:d4:3b:
03:61:c9:fa:f8:9b:fe:fa:d2:ec:aa:6a:00:6f:3d:
d4:c0:7c:0c:e4:f4:83:13:ec:65:86:d5:b4:ab:08:
1b:89:c3:70:cc:c7:19:9b:47:b3:b6:52:c8:d8:82:
d4:2b:0d:ef:39:db:a0:61:d3:fd:7c:f8:c5:a2:0a:
65:b6:bc:e9:a0:e3:7b:0f:10:2d:b1:2f:92:ef:5b:
3a:28:95:40:e7:21:88:02:ed:c7:e3:ab:50:ae:b5:
6e:07:fe:ca:dd:1b:da:4e:f3:b8:4a:f2:47:6d:f9:
09:4b:25:ec:12:45:13:c1:4f:8b:3a:b8:f0:46:90:
a5:88:5f:bd:fc:93:ad:0b:13:e7:5c:82:1c:0c:71:
45:91:c6:0c:9b:2f:b0:3d:be:fb:48:26:bf:9a:37:
e4:39:6b:34:89:30:98:40:11:ce:3b:fd:c6:06:70:
e6:6f:f4:06:37:60:b7:19:53:57:5e:21:58:5c:e5:
04:1c:39:6e:81:db:e2:61:2e:8f:4f:53:5f:5d:fc:
5a:26:6c:c5:f2:59:24:68:02:39:f5:72:b0:ec:2f:
3f:01:fc:e3:de:72:6f:d1:7b:34:89:5c:88:7b:d5:
07:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DE:85:35:4C:21:B2:0D:79:0C:1A:85:7B:EF:9F:E4:02:7A:E4:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.80.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:0b:b5:87:1a:e9:34:57:45:4f:d0:e3:cf:91:64:16:8f:84:
59:2e:d7:d9:24:33:e9:ca:25:69:7a:f3:dc:95:21:c2:17:66:
91:2e:f2:91:bf:b8:53:0b:d1:01:67:5c:9a:b7:42:a8:23:79:
8e:50:80:96:d7:bd:e2:78:51:76:75:3e:f2:20:4a:2b:47:a3:
d4:d4:92:4b:6d:bb:62:c8:d5:7a:f4:cc:31:4b:e5:cc:8a:3c:
ab:85:6a:e5:f4:c7:62:15:aa:88:b4:ba:9a:64:96:51:2a:50:
de:73:55:19:98:c4:2c:31:72:0b:9d:d8:57:2c:06:4e:00:48:
38:5b:14:6c:99:41:ef:e0:d2:53:8e:cb:29:8e:1f:27:97:88:
6a:95:7b:94:1c:73:5b:6c:d5:bd:4b:e5:55:01:46:13:09:87:
92:1a:33:8f:2b:15:84:d3:b3:7d:f7:36:ee:7a:4e:48:37:6f:
cb:03:b5:7a:13:06:6e:a4:3d:ed:47:43:63:7e:ae:5d:e9:48:
32:72:83:25:59:8c:78:19:1a:0d:4c:b3:15:d1:e2:7e:f9:02:
38:a8:95:31:7c:e2:49:d9:73:00:13:c3:44:8f:7d:71:4f:99:
b9:f2:79:bd:04:58:72:06:85:37:be:0d:64:e6:d6:59:bd:2f:
50:1b:4f:09
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY3C9/t6fsJP1vJpsVtRTD0KY66gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTJaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhOTQ1YTdkMzhhYzhkNmI1MmQyMWViM2RjYTIwMWVmMTlhYjU5NmI4NDU2
MmRlMmY4NjgzMmQ2MDZjYjMxYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANA9kR2Bw/48EwhOaF5X+ZanwYuXOye/kLifVNQ7A2HJ+vib/vrS7KpqAG89
1MB8DOT0gxPsZYbVtKsIG4nDcMzHGZtHs7ZSyNiC1CsN7znboGHT/Xz4xaIKZba8
6aDjew8QLbEvku9bOiiVQOchiALtx+OrUK61bgf+yt0b2k7zuEryR235CUsl7BJF
E8FPizq48EaQpYhfvfyTrQsT51yCHAxxRZHGDJsvsD2++0gmv5o35DlrNIkwmEAR
zjv9xgZw5m/0BjdgtxlTV14hWFzlBBw5boHb4mEuj09TX138WiZsxfJZJGgCOfVy
sOwvPwH8495yb9F7NIlciHvVBy0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRo3oU1
TCGyDXkMGoV775/kAnrktzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzkwMzJhMDUtMDhhYS00MmYyLTk4ZmMtOGFhNmFlZWUxZGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAUDAN
BgkqhkiG9w0BAQsFAAOCAQEArAu1hxrpNFdFT9Djz5FkFo+EWS7X2SQz6colaXrz
3JUhwhdmkS7ykb+4UwvRAWdcmrdCqCN5jlCAlte94nhRdnU+8iBKK0ej1NSSS227
YsjVevTMMUvlzIo8q4Vq5fTHYhWqiLS6mmSWUSpQ3nNVGZjELDFyC53YVywGTgBI
OFsUbJlB7+DSU47LKY4fJ5eIapV7lBxzW2zVvUvlVQFGEwmHkhozjysVhNOzffc2
7npOSDdvywO1ehMGbqQ97UdDY36uXelIMnKDJVmMeBkaDUyzFdHifvkCOKiVMXzi
SdlzABPDRI99cU+ZufJ5vQRYcgaFN74NZObWWb0vUBtPCQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:45 2025 by rpki-client