Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: AYiOeaje+YprrnF7z00w7FImoJrmpPyjhucKlq1Ur30=
Subject key identifier: 55:37:97:C2:BC:7A:A8:8A:A0:F1:A7:4A:39:32:40:2B:89:47:EC:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CAEAF5278C2F7156BE9CECDEDA92DAD07CB329B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Fri 23 May 2025 00:51:13 +0000
ROA not before: Fri 23 May 2025 00:51:13 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ae:af:52:78:c2:f7:15:6b:e9:ce:cd:ed:a9:2d:ad:07:cb:32:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:13 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=1682f04c0fd348b1cea81f9f08335c70de87342b8f905154cacfd08ab7daecac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fd:da:99:3d:98:ec:3d:42:a2:4b:04:61:1d:
20:6f:d1:2a:e1:c5:13:12:14:4e:2f:ae:d4:1c:49:
22:12:a1:fe:d4:82:d0:b2:ea:c6:1b:3e:b8:ff:58:
3e:e1:a2:ec:be:c5:34:19:78:d8:1e:a2:65:87:73:
0f:0c:21:77:f0:7d:d2:de:59:f4:6d:ea:81:2c:eb:
8e:8b:73:43:32:ab:63:0c:b6:07:6a:eb:12:79:08:
d6:9f:82:86:8c:72:bf:6e:22:fb:ce:4a:c6:bc:65:
5d:3e:54:cb:c4:39:b0:91:4d:14:da:17:75:1f:f7:
d7:d1:e8:91:41:74:53:5b:bf:62:cf:8e:b9:32:81:
15:4a:ba:a0:4a:40:2e:af:46:95:94:98:a1:95:fc:
c7:8a:98:a9:c7:47:75:6c:e0:51:70:fc:7b:e5:17:
29:a2:ff:7b:ac:a3:2f:53:8a:a2:79:dd:ed:0e:73:
64:a8:42:eb:39:3e:22:25:ee:39:c1:35:00:65:79:
d6:83:e1:f4:9e:a8:16:ae:95:e7:99:72:0b:82:52:
f7:75:81:23:66:d5:b8:41:e4:30:4e:1e:dd:ec:01:
15:a8:bc:e1:4a:bf:a1:cf:dc:e6:36:8f:57:2a:2d:
5c:c0:b4:ab:e5:f0:7d:8a:21:98:1a:9c:3f:63:c7:
13:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:37:97:C2:BC:7A:A8:8A:A0:F1:A7:4A:39:32:40:2B:89:47:EC:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:d8:1c:1b:56:a7:ed:85:31:27:cf:98:af:56:6b:60:dd:17:
bb:85:e5:d3:5e:10:31:16:49:18:f3:a8:a0:61:2a:ff:0a:1f:
2c:b6:03:a9:90:09:55:55:05:14:a5:56:cc:15:4d:1b:2e:75:
70:af:d1:7b:57:3f:94:1d:a0:32:1e:5e:81:11:0d:d4:41:90:
b4:74:16:3d:66:be:e1:93:6d:2e:f8:37:a6:8d:bd:6b:11:2c:
77:6c:c0:81:f7:77:14:f5:98:09:9d:b8:f4:a7:1c:57:33:41:
49:73:b6:85:73:86:c4:38:20:6e:b0:a9:a8:88:4c:cc:a6:d2:
40:e8:fd:4e:e9:1c:b0:42:13:15:3a:cc:77:20:af:ed:91:c3:
6d:f9:3d:61:b0:a3:82:a9:c4:8c:e9:57:e3:6d:5a:1d:79:6a:
59:9a:4b:ab:07:31:3b:1b:88:fe:42:03:64:bf:32:74:02:cd:
0c:65:ae:c5:4e:84:ef:30:76:b4:f9:dd:ad:72:26:4c:16:c0:
bc:da:ba:9d:1a:f3:4f:b0:5e:5a:99:70:6a:dd:e0:82:09:66:
95:65:41:43:af:2f:65:12:02:ff:4b:d0:e1:7e:bf:e6:27:c0:
9f:0c:cb:ac:d7:80:61:bf:7e:00:fa:7c:ac:04:6c:64:45:09:
8c:80:23:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbK6vUnjC9xVr6c7N7aktrQfLMpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMTNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ODJmMDRjMGZkMzQ4YjFjZWE4MWY5ZjA4MzM1YzcwZGU4NzM0MmI4Zjkw
NTE1NGNhY2ZkMDhhYjdkYWVjYWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOv92pk9mOw9QqJLBGEdIG/RKuHFExIUTi+u1BxJIhKh/tSC0LLqxhs+uP9Y
PuGi7L7FNBl42B6iZYdzDwwhd/B90t5Z9G3qgSzrjotzQzKrYwy2B2rrEnkI1p+C
hoxyv24i+85KxrxlXT5Uy8Q5sJFNFNoXdR/319HokUF0U1u/Ys+OuTKBFUq6oEpA
Lq9GlZSYoZX8x4qYqcdHdWzgUXD8e+UXKaL/e6yjL1OKonnd7Q5zZKhC6zk+IiXu
OcE1AGV51oPh9J6oFq6V55lyC4JS93WBI2bVuEHkME4e3ewBFai84Uq/oc/c5jaP
VyotXMC0q+XwfYohmBqcP2PHEzMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRVN5fC
vHqoiqDxp0o5MkAriUfs2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQDH2BwbVqfthTEnz5ivVmtg3Re7heXTXhAxFkkY86ig
YSr/Ch8stgOpkAlVVQUUpVbMFU0bLnVwr9F7Vz+UHaAyHl6BEQ3UQZC0dBY9Zr7h
k20u+Demjb1rESx3bMCB93cU9ZgJnbj0pxxXM0FJc7aFc4bEOCBusKmoiEzMptJA
6P1O6RywQhMVOsx3IK/tkcNt+T1hsKOCqcSM6VfjbVodeWpZmkurBzE7G4j+QgNk
vzJ0As0MZa7FToTvMHa0+d2tciZMFsC82rqdGvNPsF5amXBq3eCCCWaVZUFDry9l
EgL/S9Dhfr/mJ8CfDMus14Bhv34A+nysBGxkRQmMgCNg
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:27 2025 by rpki-client