Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
File: 63e023f1-83fd-412f-8365-33afe1ac80af.roa (raw, json)
Hash identifier: hSVVYAjl1HN+YjzKnN2ha3Php4pu4RvrRl1r1pAcyVM=
Subject key identifier: 31:76:92:9A:DE:90:A5:3F:91:3F:B3:75:FB:09:B8:A8:33:DE:79:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 218CE7D4BB1493CFB208D5A57F47F31AB650B567
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
Signing time: Tue 20 May 2025 20:40:15 +0000
ROA not before: Tue 20 May 2025 20:40:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:8c:e7:d4:bb:14:93:cf:b2:08:d5:a5:7f:47:f3:1a:b6:50:b5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0421b0858c34491fbd15b0eddb583ef6ac7c57f8caa1f27933df72179940fa83, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c0:e3:14:80:d5:8a:8b:ad:e5:52:df:cb:a0:
51:4e:04:af:57:31:7e:36:f8:82:91:23:87:85:fb:
87:57:06:bf:ac:de:7f:80:66:ef:46:ed:e2:db:da:
17:d6:9f:63:2f:b3:f7:d4:68:40:67:12:4b:f2:f6:
46:37:ab:d6:23:ae:01:3e:21:82:5f:86:d1:e5:6a:
d4:05:7c:4e:7b:04:fd:77:e3:8c:db:f1:fb:6c:30:
19:2c:d9:a0:54:cb:de:13:61:3a:79:d3:20:be:64:
07:8a:36:d7:33:da:95:f4:57:c9:38:6e:4a:43:ec:
2c:df:68:43:07:ef:6d:74:bd:d5:0f:23:d4:d0:42:
57:40:9f:ad:d1:70:6a:2c:97:30:39:70:d3:8b:ff:
3e:09:08:f9:53:07:49:ef:97:f8:9f:ff:63:cf:2f:
9f:d4:d0:a9:06:96:f1:91:56:25:bb:4e:ae:4e:2e:
f8:8c:d6:00:02:70:22:0e:d3:b7:d0:54:12:b9:27:
74:77:1d:6a:30:ce:80:5f:76:97:36:ff:bc:cd:dc:
41:b6:29:cb:0b:35:30:e1:0e:77:17:c1:b5:3b:3d:
42:02:ee:da:f7:46:57:d8:e0:73:97:4f:5b:4a:3b:
f5:18:a2:df:55:4e:85:88:37:7a:a2:e5:38:fc:a3:
8f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:76:92:9A:DE:90:A5:3F:91:3F:B3:75:FB:09:B8:A8:33:DE:79:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:74:30:59:84:5c:d4:34:b6:9c:8b:ff:bc:16:7b:d7:6b:db:
ae:3f:97:aa:c4:c4:92:ea:08:f4:46:17:fd:3a:ab:e3:00:13:
eb:6b:2e:9b:c4:d7:c5:5f:dc:73:ed:5a:4e:5b:a3:82:b3:81:
3f:34:8a:c6:c5:77:85:5a:b6:69:16:c2:9d:05:0c:c3:b7:ce:
2b:bf:56:7e:cb:9e:f9:97:dd:a6:97:29:32:a2:e5:c0:e8:09:
9f:22:03:6d:23:78:83:f9:85:b5:6d:29:c2:bc:7c:52:1a:20:
d0:1c:dd:4f:14:40:ea:d1:ee:7e:cd:f4:15:81:a3:bb:c2:9c:
5e:c6:7c:3b:30:e9:f0:7a:f0:ff:fb:a8:7f:03:b2:88:b1:6d:
4a:c2:2a:14:de:73:7c:73:29:2f:19:6a:7d:a4:51:ac:df:c7:
84:9b:50:6b:42:f3:2c:0e:a8:ce:96:f2:35:a8:e7:25:6c:a6:
cd:0a:6c:70:c8:ab:35:0e:0f:4c:16:f0:55:e0:c9:43:21:9a:
3d:de:ad:e0:cb:75:b4:87:52:93:88:80:84:6f:5f:e4:8f:f8:
28:61:a1:8d:9a:33:0f:84:10:59:cb:9e:ab:60:65:89:08:db:
0b:dd:29:d5:56:53:d7:72:d6:4d:0e:52:54:f1:74:f0:23:09:
eb:4b:27:30
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIYzn1LsUk8+yCNWlf0fzGrZQtWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0MjFiMDg1OGMzNDQ5MWZiZDE1YjBlZGRiNTgzZWY2YWM3YzU3ZjhjYWEx
ZjI3OTMzZGY3MjE3OTk0MGZhODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/A4xSA1YqLreVS38ugUU4Er1cxfjb4gpEjh4X7h1cGv6zef4Bm70bt4tva
F9afYy+z99RoQGcSS/L2Rjer1iOuAT4hgl+G0eVq1AV8TnsE/XfjjNvx+2wwGSzZ
oFTL3hNhOnnTIL5kB4o21zPalfRXyThuSkPsLN9oQwfvbXS91Q8j1NBCV0CfrdFw
aiyXMDlw04v/PgkI+VMHSe+X+J//Y88vn9TQqQaW8ZFWJbtOrk4u+IzWAAJwIg7T
t9BUErkndHcdajDOgF92lzb/vM3cQbYpyws1MOEOdxfBtTs9QgLu2vdGV9jgc5dP
W0o79Rii31VOhYg3eqLlOPyjj2kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQxdpKa
3pClP5E/s3X7CbioM955ZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjNlMDIzZjEtODNmZC00MTJmLTgzNjUtMzNhZmUxYWM4MGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQCTdDBZhFzUNLaci/+8FnvXa9uuP5eqxMSS6gj0Rhf9
OqvjABPray6bxNfFX9xz7VpOW6OCs4E/NIrGxXeFWrZpFsKdBQzDt84rv1Z+y575
l92mlykyouXA6AmfIgNtI3iD+YW1bSnCvHxSGiDQHN1PFEDq0e5+zfQVgaO7wpxe
xnw7MOnwevD/+6h/A7KIsW1KwioU3nN8cykvGWp9pFGs38eEm1BrQvMsDqjOlvI1
qOclbKbNCmxwyKs1Dg9MFvBV4MlDIZo93q3gy3W0h1KTiICEb1/kj/goYaGNmjMP
hBBZy56rYGWJCNsL3SnVVlPXctZNDlJU8XTwIwnrSycw
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:27:14 2025 by rpki-client