Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: E7X7UDC31011oDjb3Ul8B/YgoYHC5PTOBHqbJqmBYpM=
Subject key identifier: 76:D5:C9:DA:64:DC:D1:16:80:7B:87:20:D8:1B:B0:B7:A7:7D:7F:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A361A4C8ADAEE74D8BA093014685FC2EE0A8A4A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Fri 11 Jul 2025 21:01:14 +0000
ROA not before: Fri 11 Jul 2025 21:01:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:36:1a:4c:8a:da:ee:74:d8:ba:09:30:14:68:5f:c2:ee:0a:8a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=64e0a90665233ac5390ec23011445478d1589dc798540f2fd1509ba0eaf70621, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fd:97:82:46:aa:95:2b:fc:2c:08:8f:56:76:
a0:88:c6:51:31:a7:79:19:04:78:eb:b3:02:0f:f7:
c1:97:03:f1:d5:d7:87:85:6e:69:d8:2c:46:44:5a:
23:03:26:0e:33:0e:35:7a:f4:79:88:3f:64:70:df:
2f:aa:38:c8:3e:af:8c:67:ec:72:2a:bb:b6:d9:be:
e4:14:24:8f:34:f9:0a:9b:83:c4:48:03:1d:dc:1a:
18:3d:cf:01:04:71:4d:12:2e:a8:b8:80:a7:cf:92:
c4:89:d0:19:e6:3b:fd:13:3f:25:82:33:96:9e:46:
a7:14:c2:de:9f:22:33:c5:e6:fe:92:5b:b2:c2:95:
49:44:91:5d:ed:35:7d:4c:13:bb:19:a4:c3:4f:17:
b0:53:ac:eb:5c:f0:01:61:dc:fe:52:e1:d5:42:f2:
0a:49:a0:3e:2d:17:f9:4d:67:b9:62:e8:9a:98:9a:
ef:5d:d7:32:a7:0a:05:e9:33:3b:21:26:92:2d:b0:
79:10:4c:c6:eb:ba:5f:15:af:5d:c0:b3:8b:e3:d1:
d9:42:33:3e:d0:fc:8f:06:b6:19:61:40:26:35:c0:
ec:84:2f:20:4c:b4:14:98:58:54:cb:d4:36:38:e0:
0b:55:5f:c0:86:3c:74:b3:47:89:9d:ba:03:97:de:
82:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D5:C9:DA:64:DC:D1:16:80:7B:87:20:D8:1B:B0:B7:A7:7D:7F:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:08:c9:b7:e1:36:78:58:59:c8:0e:47:dc:f5:cb:c9:e6:54:
d3:66:c5:35:db:0b:33:e1:d3:a7:1a:f1:61:06:43:42:46:51:
a1:8b:44:66:9c:c1:4f:92:ca:1e:2f:47:a5:1e:cb:d1:42:13:
3d:e1:9a:7c:b7:de:7c:a9:15:0f:9c:66:99:eb:9f:20:a9:c6:
b1:48:3b:37:88:1d:78:eb:18:12:aa:0e:58:0c:2c:09:d5:85:
7d:52:84:ff:83:51:61:36:45:75:96:6e:32:30:83:0e:53:9a:
7c:64:a6:de:98:e2:0c:e0:da:bf:56:b2:03:29:ed:9c:58:3e:
8e:f6:90:7b:b1:ad:79:62:60:7c:82:96:ba:ff:76:e2:fd:1d:
15:22:0c:a9:15:f1:56:ea:81:0f:db:c5:37:d4:57:48:bd:99:
fe:77:01:6c:d5:6e:3b:be:f0:26:3f:4d:2b:fb:39:f0:eb:2e:
e3:f8:c6:8e:3d:b6:c3:9e:b1:98:6d:7c:8b:59:39:4d:88:f2:
7d:aa:5b:bb:c0:8a:1a:2a:cb:5b:e2:2c:1b:cb:e0:60:1f:66:
27:da:b7:e6:c0:ca:e6:f0:f8:22:9f:aa:c8:57:04:df:76:7c:
31:c1:99:69:7e:57:17:a5:9c:f3:a5:17:b3:1d:37:2c:32:10:
d9:53:22:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOjYaTIra7nTYugkwFGhfwu4KikowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0ZTBhOTA2NjUyMzNhYzUzOTBlYzIzMDExNDQ1NDc4ZDE1ODlkYzc5ODU0
MGYyZmQxNTA5YmEwZWFmNzA2MjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANb9l4JGqpUr/CwIj1Z2oIjGUTGneRkEeOuzAg/3wZcD8dXXh4VuadgsRkRa
IwMmDjMONXr0eYg/ZHDfL6o4yD6vjGfsciq7ttm+5BQkjzT5CpuDxEgDHdwaGD3P
AQRxTRIuqLiAp8+SxInQGeY7/RM/JYIzlp5GpxTC3p8iM8Xm/pJbssKVSUSRXe01
fUwTuxmkw08XsFOs61zwAWHc/lLh1ULyCkmgPi0X+U1nuWLompia713XMqcKBekz
OyEmki2weRBMxuu6XxWvXcCzi+PR2UIzPtD8jwa2GWFAJjXA7IQvIEy0FJhYVMvU
NjjgC1VfwIY8dLNHiZ26A5fegh0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR21cna
ZNzRFoB7hyDYG7C3p31/WjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBhCMm34TZ4WFnIDkfc9cvJ5lTTZsU12wsz4dOnGvFh
BkNCRlGhi0RmnMFPksoeL0elHsvRQhM94Zp8t958qRUPnGaZ658gqcaxSDs3iB14
6xgSqg5YDCwJ1YV9UoT/g1FhNkV1lm4yMIMOU5p8ZKbemOIM4Nq/VrIDKe2cWD6O
9pB7sa15YmB8gpa6/3bi/R0VIgypFfFW6oEP28U31FdIvZn+dwFs1W47vvAmP00r
+znw6y7j+MaOPbbDnrGYbXyLWTlNiPJ9qlu7wIoaKstb4iwby+BgH2Yn2rfmwMrm
8Pgin6rIVwTfdnwxwZlpflcXpZzzpRezHTcsMhDZUyLm
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:04 2025 by rpki-client