Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
File: 42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa (raw, json)
Hash identifier: GNZ9JHcC9Oq6lvrI7pp2f2+Z0DjFM3f+75sAu0kkINI=
Subject key identifier: B7:6A:E8:21:53:06:5D:1A:CB:09:CE:2F:30:A8:2F:40:E8:E2:01:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6567D55FB93641E748B6262D0FEDF41CBFA22FF5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
Signing time: Fri 23 May 2025 00:51:03 +0000
ROA not before: Fri 23 May 2025 00:51:03 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:67:d5:5f:b9:36:41:e7:48:b6:26:2d:0f:ed:f4:1c:bf:a2:2f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:03 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=3569726b2a6e4ee0091dba44f24ca3fcba3c22197a1afb0cdf024e947668533f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:08:07:07:1c:3a:96:48:96:de:cc:6a:f8:84:
a1:52:60:60:f0:f9:a2:fa:cd:3d:67:ed:94:6d:03:
a4:29:4a:cb:07:2d:3b:7c:34:9b:ad:25:2d:a0:bf:
e6:80:42:2b:27:2a:e6:aa:35:99:9e:11:3e:57:92:
88:1b:7f:37:47:76:bd:7d:65:59:dc:c6:63:8f:40:
f2:6f:9f:c3:01:1e:98:df:9b:38:b2:1b:a1:0c:2d:
a0:68:03:ff:ae:38:ce:a6:5e:3e:e1:4e:e9:46:57:
65:a5:2d:1a:3d:19:c3:5a:6d:c2:56:a3:e3:5d:d9:
83:df:91:8b:58:7a:ce:32:c3:92:b2:9d:c6:62:63:
bd:3a:5c:92:da:93:51:40:07:96:94:52:c7:b9:e3:
8e:2e:61:81:e1:08:10:28:b8:33:ce:78:10:85:eb:
ac:50:78:b1:dd:e6:1d:43:e1:10:68:b9:c2:22:14:
56:61:54:ac:18:1f:9a:d9:66:4a:76:6f:f7:49:dc:
2b:17:7c:cf:ca:92:ba:dd:4d:d7:ff:4e:36:14:6b:
ca:e9:83:21:e7:68:2b:71:50:06:78:e8:99:5d:4f:
3a:49:a3:e0:02:85:86:a6:65:85:46:c3:90:39:01:
40:61:7d:f0:55:86:71:f2:97:84:e6:9b:95:3b:6f:
35:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6A:E8:21:53:06:5D:1A:CB:09:CE:2F:30:A8:2F:40:E8:E2:01:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c6:30:b4:93:d7:fa:4d:63:a9:90:d0:e5:ea:ee:76:23:c5:a8:
eb:88:ba:86:72:f1:e0:ab:02:d7:cb:d8:95:54:13:1a:90:8a:
17:a2:89:5b:73:9b:b6:a3:ec:21:a1:b3:32:fb:6d:84:be:7e:
e8:63:df:a9:c6:5e:38:8c:7d:7f:78:6a:84:5b:b0:78:c6:f0:
5d:8c:c4:20:b0:86:d9:32:a8:72:e0:32:76:93:46:73:63:57:
a9:93:ed:87:ac:df:60:c2:f0:6b:76:cc:1f:15:5c:c0:a8:5a:
37:ab:5c:0e:6e:72:73:c9:11:a2:5d:27:82:38:cc:64:f6:0a:
ea:2d:1d:28:dc:e2:90:d1:da:16:16:1c:5e:90:58:4c:53:01:
a0:73:25:f0:53:11:e3:5e:f4:0c:05:57:39:54:ec:77:cd:3a:
b8:3e:93:fe:8e:3b:e6:f2:32:ee:b7:45:53:cf:71:c6:ad:4c:
09:bd:a6:ce:fb:77:d6:e2:07:0b:2d:c7:20:96:6c:d6:c7:38:
ed:71:f5:7d:99:25:a0:1c:c3:a5:e1:33:e2:82:af:9f:c0:8f:
02:19:49:60:c6:c0:9b:9f:7a:7f:87:a0:18:b2:5a:7d:2e:e0:
62:a5:98:db:d1:b9:0b:5d:d1:a3:cb:a5:4a:e5:47:0e:d0:91:
83:bb:9f:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZWfVX7k2QedItiYtD+30HL+iL/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMDNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1Njk3MjZiMmE2ZTRlZTAwOTFkYmE0NGYyNGNhM2ZjYmEzYzIyMTk3YTFh
ZmIwY2RmMDI0ZTk0NzY2ODUzM2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcIBwccOpZIlt7MaviEoVJgYPD5ovrNPWftlG0DpClKywctO3w0m60lLaC/
5oBCKycq5qo1mZ4RPleSiBt/N0d2vX1lWdzGY49A8m+fwwEemN+bOLIboQwtoGgD
/644zqZePuFO6UZXZaUtGj0Zw1ptwlaj413Zg9+Ri1h6zjLDkrKdxmJjvTpcktqT
UUAHlpRSx7njji5hgeEIECi4M854EIXrrFB4sd3mHUPhEGi5wiIUVmFUrBgfmtlm
SnZv90ncKxd8z8qSut1N1/9ONhRryumDIedoK3FQBnjomV1POkmj4AKFhqZlhUbD
kDkBQGF98FWGcfKXhOablTtvNV8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS3augh
UwZdGssJzi8wqC9A6OIBHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJmNDdjODUtZTlmZS00MGY5LWFlMWMtNTdlYTFiODA1NDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMYMA0G
CSqGSIb3DQEBCwUAA4IBAQDGMLST1/pNY6mQ0OXq7nYjxajriLqGcvHgqwLXy9iV
VBMakIoXoolbc5u2o+whobMy+22Evn7oY9+pxl44jH1/eGqEW7B4xvBdjMQgsIbZ
Mqhy4DJ2k0ZzY1epk+2HrN9gwvBrdswfFVzAqFo3q1wObnJzyRGiXSeCOMxk9grq
LR0o3OKQ0doWFhxekFhMUwGgcyXwUxHjXvQMBVc5VOx3zTq4PpP+jjvm8jLut0VT
z3HGrUwJvabO+3fW4gcLLccglmzWxzjtcfV9mSWgHMOl4TPigq+fwI8CGUlgxsCb
n3p/h6AYslp9LuBipZjb0bkLXdGjy6VK5UcO0JGDu5/B
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:22 2025 by rpki-client