Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: TNM1KfoSrXWlihk8+5XDrHUzayEQKuvd6tLvBSlO+6w=
Subject key identifier: 0A:B2:2E:7C:50:67:D6:4A:E9:AA:91:87:18:E2:B0:28:85:B9:52:21
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11C56729231589F1574076920D4A3E7DD7BF1633
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Fri 23 May 2025 00:51:19 +0000
ROA not before: Fri 23 May 2025 00:51:19 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:c5:67:29:23:15:89:f1:57:40:76:92:0d:4a:3e:7d:d7:bf:16:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:19 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=d0963e5b7725aa87a292277ee2f3e1fce1359075180455feac62c6c790f180cd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:90:84:87:a7:17:c3:f4:50:4c:d5:9c:41:84:
52:42:ef:9c:ca:08:d3:47:3f:9b:fe:12:18:60:38:
a4:1a:e0:35:43:65:6b:b1:fe:f1:ea:ff:02:8e:f3:
f7:04:04:b8:34:2c:3f:8b:f4:e7:51:5e:b6:76:d4:
02:22:42:8f:c7:fb:f9:a0:2c:1b:9b:fd:ba:63:c6:
69:60:6c:87:ad:4c:dd:e6:81:4a:3f:a1:10:72:ac:
43:1e:4c:68:01:17:9f:50:6b:a8:c2:26:ae:db:a6:
72:75:6a:4e:64:95:ae:9d:9b:27:67:33:1b:fb:c2:
c9:f1:c6:2a:60:e9:f6:2f:ef:a2:bb:d4:db:95:c1:
af:fc:c8:cf:97:7d:d6:cf:e5:93:d6:55:ee:e9:3d:
5a:03:8f:f6:f4:5e:47:d6:73:4a:7a:43:2c:8c:a0:
1e:fd:d8:24:6f:b3:8b:b4:b3:25:8c:cc:19:0c:7a:
1e:77:48:02:f0:d0:d8:bf:96:d6:93:15:15:78:ae:
69:30:80:4b:3a:0e:fc:29:78:60:d4:61:91:73:9e:
12:f3:f2:d1:d9:16:fc:06:7d:8a:28:41:40:55:ac:
76:e3:21:57:cc:b0:04:a1:02:c3:a0:bd:36:cf:2d:
f3:f6:5d:96:7a:b6:54:17:12:29:81:71:33:56:93:
1e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B2:2E:7C:50:67:D6:4A:E9:AA:91:87:18:E2:B0:28:85:B9:52:21
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
10:c3:d2:e0:dc:c2:41:27:7e:ad:80:12:79:2b:00:fa:ad:bd:
29:d8:f9:74:b4:9f:09:77:67:2c:a9:fd:67:8a:9f:a5:ce:d1:
d2:2f:dd:c0:60:b6:1a:77:8b:62:ec:f7:ff:99:f4:89:64:f0:
d4:39:00:2e:66:7c:b8:24:b5:ad:a2:9a:13:d1:64:ac:da:ce:
e7:36:21:d0:90:5d:9e:10:0d:75:07:59:ee:45:32:c1:af:44:
02:8c:70:4d:cb:6b:0f:7b:2a:91:e2:4d:14:3c:3c:42:3d:68:
4a:84:dd:09:ed:63:53:ba:0d:45:5f:0f:9d:9d:0c:82:c7:a5:
cb:14:5e:d4:ca:96:24:ca:55:61:84:42:d0:2d:26:54:50:d1:
68:72:d8:d3:46:65:83:79:84:66:72:13:42:44:40:f4:e9:8c:
51:b5:f6:6b:ea:8f:fd:3b:8b:09:71:65:6c:f0:18:64:ba:9e:
28:99:29:ce:84:39:b3:05:b1:13:f4:2a:82:58:3d:88:83:f7:
29:1c:f9:5c:06:44:66:b4:5f:5c:ab:a0:a8:f9:be:2e:c7:6d:
45:3f:84:1a:73:50:a5:a9:78:32:56:6a:fd:21:50:0c:7b:c4:
0d:10:df:08:e5:1d:ad:0b:02:52:7a:f4:df:7d:f8:bb:39:43:
67:31:47:ac
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEcVnKSMVifFXQHaSDUo+fde/FjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMTlaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwOTYzZTViNzcyNWFhODdhMjkyMjc3ZWUyZjNlMWZjZTEzNTkwNzUxODA0
NTVmZWFjNjJjNmM3OTBmMTgwY2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGQhIenF8P0UEzVnEGEUkLvnMoI00c/m/4SGGA4pBrgNUNla7H+8er/Ao7z
9wQEuDQsP4v051FetnbUAiJCj8f7+aAsG5v9umPGaWBsh61M3eaBSj+hEHKsQx5M
aAEXn1BrqMImrtumcnVqTmSVrp2bJ2czG/vCyfHGKmDp9i/vorvU25XBr/zIz5d9
1s/lk9ZV7uk9WgOP9vReR9ZzSnpDLIygHv3YJG+zi7SzJYzMGQx6HndIAvDQ2L+W
1pMVFXiuaTCASzoO/Cl4YNRhkXOeEvPy0dkW/AZ9iihBQFWsduMhV8ywBKECw6C9
Ns8t8/Zdlnq2VBcSKYFxM1aTHpECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQKsi58
UGfWSumqkYcY4rAohblSITAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQAQw9Lg3MJBJ36tgBJ5KwD6rb0p2Pl0tJ8Jd2csqf1n
ip+lztHSL93AYLYad4ti7Pf/mfSJZPDUOQAuZny4JLWtopoT0WSs2s7nNiHQkF2e
EA11B1nuRTLBr0QCjHBNy2sPeyqR4k0UPDxCPWhKhN0J7WNTug1FXw+dnQyCx6XL
FF7UypYkylVhhELQLSZUUNFoctjTRmWDeYRmchNCRED06YxRtfZr6o/9O4sJcWVs
8Bhkup4omSnOhDmzBbET9CqCWD2Ig/cpHPlcBkRmtF9cq6Co+b4ux21FP4Qac1Cl
qXgyVmr9IVAMe8QNEN8I5R2tCwJSevTfffi7OUNnMUes
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:53:56 2025 by rpki-client