Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: fCtndXQ2bc5uUpkem8WJ6Zro7H00Ysr26xOj+paGYEc=
Subject key identifier: 45:03:8D:3F:C6:9C:AB:60:6E:CD:6A:55:BA:9A:7D:83:5E:15:A0:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5FF5A7AB38E744206E4B0AE6AB6CF327800987B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Sat 31 May 2025 00:50:24 +0000
ROA not before: Sat 31 May 2025 00:50:24 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:f5:a7:ab:38:e7:44:20:6e:4b:0a:e6:ab:6c:f3:27:80:09:87:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:24 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=d739ee1e14700adaf3e5b06edd35cdc4cdc347704956f9d2708153e36017f827, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8c:74:1c:6e:02:9f:b1:e4:47:6e:5d:8f:c9:
51:a3:e0:0c:b7:ee:8a:d6:75:98:2a:bd:eb:10:a9:
8e:c7:73:96:ab:03:b2:2e:3a:bb:17:2c:01:92:fa:
99:4e:bc:06:8c:0a:c1:d1:91:df:94:48:87:9c:70:
9f:9e:63:08:48:45:c4:0a:a8:e3:64:75:38:44:12:
8c:e0:74:9d:4d:50:7b:7d:7e:23:6b:59:4a:ec:96:
0f:30:ce:83:d1:06:93:31:5e:33:46:f6:ef:e5:93:
de:23:26:43:63:e5:68:e5:67:5e:8b:77:69:00:e2:
47:ea:0c:99:ec:58:97:c5:ce:5b:2b:c2:db:8a:2c:
7b:9b:36:50:a7:81:03:73:f0:05:08:35:53:f0:7d:
bb:4f:ab:49:23:c3:4d:f7:21:df:eb:ef:c5:57:ec:
59:42:2d:22:a9:2f:db:7f:98:23:b1:cd:39:2c:2f:
e8:e4:b5:92:de:3b:ec:ed:a0:cf:65:20:7d:46:75:
06:8e:4e:69:d7:8f:f0:ab:92:5f:94:f2:7b:f1:3c:
a5:23:21:7f:f2:cf:46:31:63:0f:ba:72:12:4d:e7:
6d:cb:da:70:55:33:e2:b2:8c:d0:c4:d4:7c:f3:05:
3b:00:5f:9b:35:0e:88:10:61:30:5f:1c:3e:82:37:
7d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:03:8D:3F:C6:9C:AB:60:6E:CD:6A:55:BA:9A:7D:83:5E:15:A0:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:13:55:84:31:84:be:3b:33:fd:7b:9e:40:6c:a5:f4:cf:65:
85:1e:4a:b1:2c:5e:5e:dd:7c:08:38:34:1b:e7:2a:f8:57:1a:
3c:3e:8a:20:74:24:f0:63:47:c9:55:d3:ea:af:c7:09:61:66:
16:0a:e8:8f:09:48:38:06:c0:01:9d:fa:3d:ab:fd:b6:b7:cf:
e4:3d:d6:5b:54:b4:8d:31:65:67:60:97:e5:f4:c4:20:c0:d5:
ba:90:da:05:99:7d:a2:70:6e:1f:21:43:43:9a:fd:dd:12:36:
02:23:e1:2c:d2:83:e8:2f:87:19:84:be:6a:70:de:d1:1d:63:
46:5c:73:27:d2:95:70:ec:86:b0:ed:0a:49:fc:c7:18:27:c7:
07:6b:00:c0:ca:6a:8e:56:26:89:e3:ba:88:cc:69:43:60:fa:
41:15:3c:c2:2f:97:a6:30:48:6a:75:92:61:44:44:25:da:f9:
9b:56:7e:e0:be:5e:21:32:7b:45:ca:aa:07:f2:a0:0d:12:10:
89:57:21:5f:dc:ae:d1:07:e6:4d:b4:85:37:68:a4:5b:3e:51:
f2:9d:13:1b:3f:37:89:1f:7e:1c:d9:36:31:fd:b1:7d:be:b4:
6c:d2:8e:5a:da:d3:12:c5:71:58:5f:21:dd:b2:c7:e8:bf:24:
35:da:ff:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX/WnqzjnRCBuSwrmq2zzJ4AJh7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjRaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3MzllZTFlMTQ3MDBhZGFmM2U1YjA2ZWRkMzVjZGM0Y2RjMzQ3NzA0OTU2
ZjlkMjcwODE1M2UzNjAxN2Y4MjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6MdBxuAp+x5EduXY/JUaPgDLfuitZ1mCq96xCpjsdzlqsDsi46uxcsAZL6
mU68BowKwdGR35RIh5xwn55jCEhFxAqo42R1OEQSjOB0nU1Qe31+I2tZSuyWDzDO
g9EGkzFeM0b27+WT3iMmQ2PlaOVnXot3aQDiR+oMmexYl8XOWyvC24ose5s2UKeB
A3PwBQg1U/B9u0+rSSPDTfch3+vvxVfsWUItIqkv23+YI7HNOSwv6OS1kt477O2g
z2UgfUZ1Bo5OadeP8KuSX5Tye/E8pSMhf/LPRjFjD7pyEk3nbcvacFUz4rKM0MTU
fPMFOwBfmzUOiBBhMF8cPoI3facCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRFA40/
xpyrYG7NalW6mn2DXhWgzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQAPE1WEMYS+OzP9e55AbKX0z2WFHkqxLF5e3XwIODQb
5yr4Vxo8PoogdCTwY0fJVdPqr8cJYWYWCuiPCUg4BsABnfo9q/22t8/kPdZbVLSN
MWVnYJfl9MQgwNW6kNoFmX2icG4fIUNDmv3dEjYCI+Es0oPoL4cZhL5qcN7RHWNG
XHMn0pVw7Iaw7QpJ/McYJ8cHawDAymqOViaJ47qIzGlDYPpBFTzCL5emMEhqdZJh
REQl2vmbVn7gvl4hMntFyqoH8qANEhCJVyFf3K7RB+ZNtIU3aKRbPlHynRMbPzeJ
H34c2TYx/bF9vrRs0o5a2tMSxXFYXyHdssfovyQ12v91
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:52:47 2025 by rpki-client