Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: EXDt9Qfz00fhK/8ZQg4sGLAgTjICycwVailhdEs/7PY=
Subject key identifier: E6:AF:18:3E:D0:B2:B9:89:3A:29:2E:0B:3C:E5:A3:D6:B0:E1:5B:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C4DA9069E119B180BEE5C2831657D9BD5BDD856
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Sat 31 May 2025 00:50:25 +0000
ROA not before: Sat 31 May 2025 00:50:25 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:4d:a9:06:9e:11:9b:18:0b:ee:5c:28:31:65:7d:9b:d5:bd:d8:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:25 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=7e5cdc8f800a42a012987201978d8ef7099e7931141c7dc5c2ee7f32de214689, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bc:5f:91:7e:1b:f0:1c:9f:12:ed:69:30:11:
4a:eb:7d:b6:7e:b2:49:c3:87:5f:0b:5d:e3:95:20:
60:83:06:6e:74:50:12:79:af:b6:c2:b0:80:62:40:
80:a7:ed:aa:9d:85:4c:ab:3f:b3:b6:3d:16:5e:9c:
a4:c3:2b:80:95:10:5b:ba:c2:3b:d5:d7:f1:fe:bc:
5f:bd:de:b8:34:76:37:1c:ba:d4:8f:1a:40:61:c1:
77:ad:d6:f5:38:f5:52:36:8c:68:4b:a6:da:c3:20:
fc:fa:67:0d:22:99:23:21:5a:1b:70:2d:e0:46:d4:
72:57:73:77:da:01:69:a0:c3:e0:50:0e:a7:fc:c5:
66:11:e4:59:70:9b:3f:57:39:40:68:0c:99:9f:33:
75:1c:e1:44:4e:38:bb:5b:3d:5c:d6:cf:7a:a0:ce:
9a:76:b8:e8:45:3f:8e:a5:d8:4b:b6:a1:f1:a4:13:
1b:ca:77:ea:4a:04:70:04:3b:49:4c:60:c5:48:4c:
2d:9a:ca:c4:15:06:18:4e:fa:82:96:01:4d:a8:82:
14:6e:76:95:6a:c3:4e:57:52:05:27:d5:cf:47:5d:
6c:4d:3b:dc:d6:59:0e:76:34:8c:91:64:5e:d6:0c:
39:fd:9d:69:bb:8d:96:0a:60:a0:0f:29:07:09:15:
37:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AF:18:3E:D0:B2:B9:89:3A:29:2E:0B:3C:E5:A3:D6:B0:E1:5B:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:ec:6d:9d:7a:23:86:f2:73:d4:a0:36:2c:fa:f1:98:eb:95:
27:d5:0a:66:a5:02:fe:8e:26:36:a1:70:76:c1:2c:d3:5c:7c:
2b:d1:b8:b9:2a:2e:ea:93:e8:f3:d9:44:71:e9:d8:90:eb:61:
63:b7:36:07:d9:ca:7b:5f:f7:37:7c:a5:3a:93:a8:ad:27:68:
b5:ac:85:b5:2d:c5:0c:19:6d:9d:5a:c6:11:9f:56:06:bd:ca:
f7:9e:05:e9:48:c9:1d:b5:11:4e:cd:3b:49:c7:cf:06:96:43:
7b:2a:2c:65:5b:0c:00:bc:1a:34:34:d8:38:07:b7:81:93:5e:
c1:32:39:89:ff:ef:9a:a5:97:74:f0:e8:df:a9:be:61:72:74:
b9:de:85:ec:b0:23:22:e7:49:e7:4a:d0:39:68:e6:3f:a7:ff:
3a:49:82:3b:79:16:d0:80:ca:64:d4:be:b2:ec:3f:30:74:3f:
4f:6c:dc:e2:84:69:d5:51:e2:90:74:98:93:74:85:ba:ef:ba:
66:e3:67:c9:7b:e8:47:7d:01:0a:5a:8e:ce:71:c0:a8:50:aa:
c2:f5:26:ec:22:4c:c8:f9:cf:62:4d:57:5c:07:e3:45:f3:af:
10:11:4b:d3:fd:a3:32:7b:96:b4:3b:68:04:62:88:37:59:36:
25:a1:e9:80
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPE2pBp4RmxgL7lwoMWV9m9W92FYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjVaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlNWNkYzhmODAwYTQyYTAxMjk4NzIwMTk3OGQ4ZWY3MDk5ZTc5MzExNDFj
N2RjNWMyZWU3ZjMyZGUyMTQ2ODkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJa8X5F+G/AcnxLtaTARSut9tn6yScOHXwtd45UgYIMGbnRQEnmvtsKwgGJA
gKftqp2FTKs/s7Y9Fl6cpMMrgJUQW7rCO9XX8f68X73euDR2Nxy61I8aQGHBd63W
9Tj1UjaMaEum2sMg/PpnDSKZIyFaG3At4EbUcldzd9oBaaDD4FAOp/zFZhHkWXCb
P1c5QGgMmZ8zdRzhRE44u1s9XNbPeqDOmna46EU/jqXYS7ah8aQTG8p36koEcAQ7
SUxgxUhMLZrKxBUGGE76gpYBTaiCFG52lWrDTldSBSfVz0ddbE073NZZDnY0jJFk
XtYMOf2dabuNlgpgoA8pBwkVN7UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTmrxg+
0LK5iTopLgs85aPWsOFbZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQC77G2deiOG8nPUoDYs+vGY65Un1QpmpQL+jiY2oXB2
wSzTXHwr0bi5Ki7qk+jz2URx6diQ62FjtzYH2cp7X/c3fKU6k6itJ2i1rIW1LcUM
GW2dWsYRn1YGvcr3ngXpSMkdtRFOzTtJx88GlkN7KixlWwwAvBo0NNg4B7eBk17B
MjmJ/++apZd08Ojfqb5hcnS53oXssCMi50nnStA5aOY/p/86SYI7eRbQgMpk1L6y
7D8wdD9PbNzihGnVUeKQdJiTdIW677pm42fJe+hHfQEKWo7OccCoUKrC9SbsIkzI
+c9iTVdcB+NF868QEUvT/aMye5a0O2gEYog3WTYloemA
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:29 2025 by rpki-client