Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: qpX7gVcaJ0e7OpAnYuXMX8PBB0ON1RHiLaxELyLF9/M=
Subject key identifier: 7A:68:99:52:E0:0E:D3:08:09:6D:5A:4D:16:FB:4F:9A:60:F7:4D:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F422ABA571A3AB6F64ACF594EBBD80A21F623E0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Tue 20 May 2025 20:50:06 +0000
ROA not before: Tue 20 May 2025 20:50:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:42:2a:ba:57:1a:3a:b6:f6:4a:cf:59:4e:bb:d8:0a:21:f6:23:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=56abafb4a23b9ada881d66c4024c7bc387c10b5f3fa00d84d97365ff5fb540ca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a2:1f:9f:17:bf:24:4b:6b:ef:60:8a:0b:14:
eb:fa:c3:b4:52:ac:97:6d:b6:d2:b4:9d:60:46:0e:
4e:65:36:27:2c:63:57:fd:9d:bb:90:0f:6f:80:1a:
fc:7c:3f:47:05:62:93:f1:4c:d3:57:5b:ee:ec:2e:
d4:28:43:60:ea:1f:92:cb:60:82:5b:4c:64:6c:43:
73:20:97:c4:62:98:2f:2c:70:25:0c:61:e8:84:89:
e5:ce:76:6e:7a:7f:d4:2e:cf:d8:94:58:95:2c:17:
81:97:9a:fc:1a:b4:b8:a0:df:d7:c0:a8:98:50:b2:
73:60:74:1d:49:6f:83:f8:77:b0:9c:6a:cb:d4:dd:
14:84:b6:18:48:94:08:a2:03:be:44:99:a4:c1:84:
65:0b:14:b6:a9:f1:e6:22:33:1a:ee:3f:62:4a:2d:
47:97:87:05:f7:f3:0e:d5:58:7d:40:62:4f:36:58:
fb:92:41:36:57:6b:47:c8:70:50:1f:49:d3:cd:13:
bc:a2:a7:0b:1d:32:3f:9d:4f:41:5f:f2:b9:b5:2d:
bf:70:8f:4e:b6:72:1f:f2:1c:32:fd:b3:b6:71:24:
f9:84:e9:8d:d8:22:8f:4c:33:e4:1c:2d:f8:10:c7:
ac:68:fc:99:9f:2d:65:9c:cd:8a:d8:50:f7:76:cb:
d9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:68:99:52:E0:0E:D3:08:09:6D:5A:4D:16:FB:4F:9A:60:F7:4D:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:ea:d4:b3:66:41:0c:5d:fe:d1:2b:b4:2f:20:0f:b2:ba:68:
36:34:16:43:18:68:1f:1d:62:3a:52:c1:64:6c:46:b1:eb:1e:
df:73:7a:57:04:c1:ad:11:03:e5:fb:62:c0:b9:36:d0:89:f0:
26:6b:47:9e:e4:1d:48:5d:46:ec:86:68:59:f7:b7:2f:0f:11:
c6:96:65:75:6f:07:d4:d5:b7:c5:10:5a:4d:63:bc:b7:32:90:
ff:9d:49:c2:22:7b:8c:b9:de:46:8f:5a:98:2b:9b:f7:04:a4:
e1:2e:74:66:a5:41:8e:8e:74:96:c5:b1:6b:c8:42:6e:12:07:
94:05:e7:5a:12:71:2f:40:de:bd:29:aa:c6:7b:e4:2a:94:18:
e5:cf:78:b8:4f:40:62:e4:b8:f1:e1:88:34:54:70:9a:5e:1f:
67:3d:eb:ba:74:ff:10:84:89:b2:fe:9a:1e:50:4a:b3:3f:69:
76:09:bc:56:32:ce:28:0f:3b:af:43:c4:d6:1a:46:23:9d:18:
4b:57:2c:d0:a3:21:cf:ac:17:06:20:dc:d4:27:61:c4:92:83:
b5:06:da:a4:6d:3a:d9:e4:b4:e7:7f:0c:75:8b:27:d5:0a:82:
71:63:be:8e:23:0d:83:bb:c9:f6:37:a5:d2:73:d5:76:5d:65:
91:43:b1:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb0IqulcaOrb2Ss9ZTrvYCiH2I+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2YWJhZmI0YTIzYjlhZGE4ODFkNjZjNDAyNGM3YmMzODdjMTBiNWYzZmEw
MGQ4NGQ5NzM2NWZmNWZiNTQwY2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSiH58XvyRLa+9gigsU6/rDtFKsl2220rSdYEYOTmU2JyxjV/2du5APb4Aa
/Hw/RwVik/FM01db7uwu1ChDYOofkstggltMZGxDcyCXxGKYLyxwJQxh6ISJ5c52
bnp/1C7P2JRYlSwXgZea/Bq0uKDf18ComFCyc2B0HUlvg/h3sJxqy9TdFIS2GEiU
CKIDvkSZpMGEZQsUtqnx5iIzGu4/YkotR5eHBffzDtVYfUBiTzZY+5JBNldrR8hw
UB9J080TvKKnCx0yP51PQV/yubUtv3CPTrZyH/IcMv2ztnEk+YTpjdgij0wz5Bwt
+BDHrGj8mZ8tZZzNithQ93bL2Q8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR6aJlS
4A7TCAltWk0W+0+aYPdN6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQDJ6tSzZkEMXf7RK7QvIA+yumg2NBZDGGgfHWI6UsFk
bEax6x7fc3pXBMGtEQPl+2LAuTbQifAma0ee5B1IXUbshmhZ97cvDxHGlmV1bwfU
1bfFEFpNY7y3MpD/nUnCInuMud5Gj1qYK5v3BKThLnRmpUGOjnSWxbFryEJuEgeU
BedaEnEvQN69KarGe+QqlBjlz3i4T0Bi5Ljx4Yg0VHCaXh9nPeu6dP8QhImy/poe
UEqzP2l2CbxWMs4oDzuvQ8TWGkYjnRhLVyzQoyHPrBcGINzUJ2HEkoO1BtqkbTrZ
5LTnfwx1iyfVCoJxY76OIw2Du8n2N6XSc9V2XWWRQ7F+
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:59:06 2025 by rpki-client