Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
File: 6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa (raw, json)
Hash identifier: 5QI02c5ygpZzFHeGzuynWz9KvCgh+lbPvA/m1s6RcX4=
Subject key identifier: 53:F4:95:28:58:7A:31:5D:B8:B4:CF:17:63:E1:DE:D9:FF:82:DE:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 57B1A63A308480CD5AEB1FB3013127910AE6A561
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
Signing time: Fri 23 May 2025 00:51:09 +0000
ROA not before: Fri 23 May 2025 00:51:09 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:b1:a6:3a:30:84:80:cd:5a:eb:1f:b3:01:31:27:91:0a:e6:a5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:09 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=3c25900f9fb10cc80918223aa81bca6a52b8fa39198247dba9ad90e7be131680, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5b:74:58:25:7f:36:8d:1e:ed:a5:73:cc:cf:
e9:e6:28:30:b2:45:88:eb:ef:b6:01:e1:dd:48:78:
5d:e8:93:7d:fc:54:73:7e:b0:62:f3:da:a1:98:2e:
96:68:e4:e8:5b:af:ee:5a:de:88:fb:2c:c8:c5:a6:
c2:9d:2c:d8:5b:ee:d7:ba:d9:a0:5f:6b:20:54:e2:
41:a3:df:7f:ee:19:b5:88:2f:b5:69:78:07:ad:d7:
56:e7:d1:bd:59:67:d4:19:09:6d:f7:cf:84:a7:67:
78:51:75:bf:bd:85:62:89:95:ae:a8:0c:4a:20:9e:
16:a3:d2:02:48:60:53:fc:aa:9d:2e:7c:7b:52:70:
b4:a8:2b:56:8f:7f:aa:9e:7e:bb:65:82:3b:7f:75:
01:e6:f6:7a:26:e1:06:c8:66:5d:4c:67:16:e7:43:
a4:24:3e:ab:e6:9e:18:72:0c:c1:b2:18:e8:6e:3f:
5d:5c:57:6c:d8:3e:5c:63:76:ab:c4:aa:1f:c6:66:
77:9c:61:64:26:60:5e:62:ea:49:96:4e:21:5b:24:
c7:63:6b:29:b7:15:2e:d6:7a:38:b7:9f:66:06:dd:
30:f8:73:02:e1:0d:77:f2:10:74:0c:34:6e:c5:bd:
fe:d0:5c:c4:dd:e7:90:07:37:03:a6:eb:74:f2:65:
6b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F4:95:28:58:7A:31:5D:B8:B4:CF:17:63:E1:DE:D9:FF:82:DE:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0b:3d:09:e2:8d:3a:1d:8f:dc:ce:49:23:3d:fb:62:ba:16:69:
6a:93:6e:ef:e9:94:42:f5:c4:46:85:a0:e4:f6:61:32:25:1e:
08:ef:32:70:1f:4f:42:2e:90:4d:b9:2e:a8:3c:2f:9b:5e:c0:
d9:00:86:b0:b0:0c:84:a6:aa:42:a6:00:6b:8e:d5:36:77:1d:
43:7a:f8:36:05:41:42:a9:13:63:b5:31:2e:5b:00:a8:2c:42:
f7:1d:4f:c0:f2:6a:8f:17:1a:97:c9:2d:5b:1a:a5:b8:7c:15:
d8:3c:cc:1b:01:3d:3e:f6:10:0b:47:04:51:c4:b6:a4:a5:a2:
d2:e7:e9:85:a8:55:82:14:ed:a8:6a:8b:a0:8a:f9:fe:fd:bc:
0b:39:2b:14:09:bf:44:2f:93:e1:2e:5b:fd:7d:9c:b9:b5:da:
d3:f7:61:55:19:cc:c6:e4:15:7a:41:36:cf:d2:08:00:65:d9:
09:50:7a:ff:53:ee:84:14:e0:40:b0:b9:a5:da:80:12:fb:f6:
3e:8b:94:d4:77:7a:fc:5c:60:ac:ec:02:5f:9d:e2:bb:68:b3:
89:b4:6b:0b:07:7b:9c:24:79:56:bf:df:f4:20:5f:54:35:f1:
4c:bc:e0:71:e1:e2:e2:ab:90:2d:4f:80:48:d2:ec:aa:9b:71:
3f:07:be:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV7GmOjCEgM1a6x+zATEnkQrmpWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMDlaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMjU5MDBmOWZiMTBjYzgwOTE4MjIzYWE4MWJjYTZhNTJiOGZhMzkxOTgy
NDdkYmE5YWQ5MGU3YmUxMzE2ODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIVbdFglfzaNHu2lc8zP6eYoMLJFiOvvtgHh3Uh4XeiTffxUc36wYvPaoZgu
lmjk6Fuv7lreiPssyMWmwp0s2Fvu17rZoF9rIFTiQaPff+4ZtYgvtWl4B63XVufR
vVln1BkJbffPhKdneFF1v72FYomVrqgMSiCeFqPSAkhgU/yqnS58e1JwtKgrVo9/
qp5+u2WCO391Aeb2eibhBshmXUxnFudDpCQ+q+aeGHIMwbIY6G4/XVxXbNg+XGN2
q8SqH8Zmd5xhZCZgXmLqSZZOIVskx2NrKbcVLtZ6OLefZgbdMPhzAuENd/IQdAw0
bsW9/tBcxN3nkAc3A6brdPJla9UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRT9JUo
WHoxXbi0zxdj4d7Z/4Le0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjI1MmU5YTMtNGZkYy00YzQzLWI5MWItZGViNThjYTJkZDdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G
CSqGSIb3DQEBCwUAA4IBAQALPQnijTodj9zOSSM9+2K6Fmlqk27v6ZRC9cRGhaDk
9mEyJR4I7zJwH09CLpBNuS6oPC+bXsDZAIawsAyEpqpCpgBrjtU2dx1Devg2BUFC
qRNjtTEuWwCoLEL3HU/A8mqPFxqXyS1bGqW4fBXYPMwbAT0+9hALRwRRxLakpaLS
5+mFqFWCFO2oaougivn+/bwLOSsUCb9EL5PhLlv9fZy5tdrT92FVGczG5BV6QTbP
0ggAZdkJUHr/U+6EFOBAsLml2oAS+/Y+i5TUd3r8XGCs7AJfneK7aLOJtGsLB3uc
JHlWv9/0IF9UNfFMvOBx4eLiq5AtT4BI0uyqm3E/B74A
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:32 2025 by rpki-client