Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
File: 795bae65-e494-4497-8c64-6c78c5a4b388.roa (raw, json)
Hash identifier: /xAZbQfshRABZsxuoW+mzllW6cCu337x7+J6vV/7cSs=
Subject key identifier: 9F:28:DD:24:57:4C:84:61:7A:6D:55:61:3D:77:53:F1:B7:28:77:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 470D13E14FE5720C6128FCD4C3735E64BBC1EB79
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
Signing time: Fri 23 May 2025 00:50:10 +0000
ROA not before: Fri 23 May 2025 00:50:10 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:0d:13:e1:4f:e5:72:0c:61:28:fc:d4:c3:73:5e:64:bb:c1:eb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:10 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=164054df2b1b86c0fede40e86e610b0357f8ec4e4b3e833c5b74f77017df22b2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a8:d3:48:ab:74:5e:78:fa:7b:8d:71:1d:a6:
8b:bb:cd:95:65:6e:17:91:04:c2:55:54:23:9a:74:
9a:f9:f9:b4:64:0d:f0:f0:62:55:08:be:32:f0:81:
0f:67:67:c6:84:84:e1:35:f7:ab:27:ab:64:d8:27:
0b:59:91:5c:39:6c:27:21:44:b0:f4:a3:33:3d:dc:
17:27:ad:1d:1e:5d:43:62:93:ff:2d:6b:df:db:75:
c7:f4:f9:88:e5:08:95:ef:63:55:c1:03:4e:17:19:
6e:c3:c5:d8:8d:1e:dc:f8:b6:7c:4b:d3:40:5e:4b:
a2:7e:9f:3b:f2:71:27:b3:58:2c:b9:7d:e6:22:0f:
cf:27:85:93:e3:88:0a:10:4a:58:64:45:9f:68:2e:
92:2e:21:85:30:35:d9:cb:e2:ce:13:de:23:84:d3:
2b:80:72:b6:b2:79:9f:a8:3b:42:3c:df:ce:60:cc:
ed:55:bc:d6:3e:d4:a0:7b:69:e1:22:ed:8d:5e:3b:
4d:bb:94:85:38:09:dd:3b:b2:14:cb:9e:9a:24:ab:
55:bf:60:e8:45:bd:23:7f:e3:c2:1f:e3:b2:71:69:
a2:42:9c:2d:ba:d9:36:b0:4d:25:ce:1b:18:04:1e:
7a:9a:26:68:2f:d9:e2:52:0a:e5:a2:8c:72:39:66:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:28:DD:24:57:4C:84:61:7A:6D:55:61:3D:77:53:F1:B7:28:77:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.104.0/21
Signature Algorithm: sha256WithRSAEncryption
cc:26:fa:87:f7:a8:79:0c:0c:ad:d5:d8:88:9f:54:c3:19:25:
b6:3f:e9:4a:9c:41:8c:dd:c8:61:ce:21:7d:7f:07:06:b8:b2:
6b:d8:98:88:4f:e6:65:8a:5b:e6:a6:fa:06:5c:ff:85:56:7f:
6f:29:ff:9b:8a:29:25:d0:3c:45:10:1a:ac:78:71:4f:85:bc:
51:ff:fd:c1:a9:40:de:6b:16:16:c3:5f:ed:94:8b:09:10:6c:
61:7d:b5:fa:98:66:ed:43:eb:75:1c:87:e4:ba:17:42:76:78:
d1:51:3a:f9:15:02:97:44:51:bf:1f:32:d1:4a:ec:eb:9e:eb:
4e:61:1d:99:ca:77:f1:15:d0:f6:20:eb:5d:82:37:70:0e:1b:
6d:ef:a4:df:48:41:74:56:69:65:69:6e:9b:1f:89:3c:55:21:
bd:50:b2:ca:2b:08:80:a9:d5:64:22:1f:35:66:2f:0d:c7:9a:
0c:90:77:45:0b:24:12:25:86:61:76:df:29:13:ef:7e:91:46:
3c:37:5f:d3:fa:34:92:4f:90:9c:5e:4e:97:e9:28:e1:fa:7f:
ef:15:2c:e1:fc:c2:af:09:07:b4:e3:48:dc:b3:d1:23:42:01:
1f:c7:8c:83:32:75:fd:68:a9:c9:c2:df:25:39:60:c7:49:a3:
fc:fb:3a:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURw0T4U/lcgxhKPzUw3NeZLvB63kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTBaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NDA1NGRmMmIxYjg2YzBmZWRlNDBlODZlNjEwYjAzNTdmOGVjNGU0YjNl
ODMzYzViNzRmNzcwMTdkZjIyYjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCo00irdF54+nuNcR2mi7vNlWVuF5EEwlVUI5p0mvn5tGQN8PBiVQi+MvCB
D2dnxoSE4TX3qyerZNgnC1mRXDlsJyFEsPSjMz3cFyetHR5dQ2KT/y1r39t1x/T5
iOUIle9jVcEDThcZbsPF2I0e3Pi2fEvTQF5Lon6fO/JxJ7NYLLl95iIPzyeFk+OI
ChBKWGRFn2guki4hhTA12cvizhPeI4TTK4BytrJ5n6g7QjzfzmDM7VW81j7UoHtp
4SLtjV47TbuUhTgJ3TuyFMuemiSrVb9g6EW9I3/jwh/jsnFpokKcLbrZNrBNJc4b
GAQeepomaC/Z4lIK5aKMcjlmbHcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSfKN0k
V0yEYXptVWE9d1Pxtyh31zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzk1YmFlNjUtZTQ5NC00NDk3LThjNjQtNmM3OGM1YTRiMzg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAaDAN
BgkqhkiG9w0BAQsFAAOCAQEAzCb6h/eoeQwMrdXYiJ9Uwxkltj/pSpxBjN3IYc4h
fX8HBriya9iYiE/mZYpb5qb6Blz/hVZ/byn/m4opJdA8RRAarHhxT4W8Uf/9walA
3msWFsNf7ZSLCRBsYX21+phm7UPrdRyH5LoXQnZ40VE6+RUCl0RRvx8y0Urs657r
TmEdmcp38RXQ9iDrXYI3cA4bbe+k30hBdFZpZWlumx+JPFUhvVCyyisIgKnVZCIf
NWYvDceaDJB3RQskEiWGYXbfKRPvfpFGPDdf0/o0kk+QnF5Ol+ko4fp/7xUs4fzC
rwkHtONI3LPRI0IBH8eMgzJ1/WipycLfJTlgx0mj/Ps6uw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:16:26 2025 by rpki-client