Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: haSwTzF/8y78jC/GWZd8pb6lcMlPfDASKTV07KYwgoY=
Subject key identifier: 22:B0:8A:FB:4E:14:EA:20:AD:DF:DE:FA:97:1A:49:EA:D0:F4:32:00
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 492AC673E5AB3D00EBD49ECCD2492219E4158D54
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Fri 23 May 2025 00:50:15 +0000
ROA not before: Fri 23 May 2025 00:50:15 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:2a:c6:73:e5:ab:3d:00:eb:d4:9e:cc:d2:49:22:19:e4:15:8d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:15 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=33f5bdf07b8192e2bc5921d2de94c38bce6a6f9e1acb47a17a20eb1e0c15efa0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a3:f8:f6:c6:8d:15:86:5f:c4:13:8f:77:30:
15:a2:bd:ff:30:c6:85:31:9e:f6:4a:63:93:e5:e9:
85:b2:0f:72:74:02:7e:a6:12:17:0d:80:bf:b2:45:
48:97:74:e9:a4:2e:b2:b1:6b:49:46:84:0f:4a:08:
8a:ae:50:aa:61:3e:04:5e:5d:03:7a:bc:56:ff:1c:
53:5b:8b:06:2f:23:b1:69:4f:2c:a5:97:12:98:b7:
81:3d:3f:90:a2:11:8a:76:49:3e:21:75:91:68:46:
43:65:56:61:eb:4b:f0:ae:69:aa:25:47:2b:a0:aa:
2d:4f:bb:2f:3b:a3:54:d7:2e:57:cf:80:d0:70:f7:
90:0b:d0:ec:c5:fb:36:4e:18:b2:25:41:c5:f5:06:
51:b2:24:00:62:8b:ee:7f:0d:14:5d:0f:ed:d3:70:
68:1b:2d:cf:f6:a4:9f:10:83:bd:c4:23:46:27:36:
06:8e:6b:a2:5c:7a:34:19:f9:54:d4:09:b0:d3:60:
83:55:e2:6c:6b:93:7d:cb:bc:72:f6:cb:a9:69:b1:
59:56:a8:3b:5a:7d:5c:2d:77:69:a9:ff:2a:be:fd:
4e:45:70:e5:20:f8:5a:5a:97:0e:b5:e2:78:42:f5:
d8:80:15:30:9e:75:5a:3a:0b:b6:a4:36:ef:33:66:
42:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B0:8A:FB:4E:14:EA:20:AD:DF:DE:FA:97:1A:49:EA:D0:F4:32:00
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
92:93:19:47:22:b5:7f:76:c9:55:9e:79:e4:b8:30:6b:a0:6a:
fb:c0:79:c9:94:01:db:cd:48:a6:75:e3:79:bd:47:78:80:69:
93:91:27:41:5c:97:3d:19:97:dd:79:2c:7a:e7:42:d4:94:63:
48:da:b1:8a:5d:01:1c:44:fa:21:0d:34:ad:28:09:f1:c8:c9:
dd:c6:72:1c:d4:cb:d9:7d:ce:9c:c1:ed:37:87:aa:32:db:51:
2e:33:48:8b:e8:31:f1:da:56:5a:7e:88:64:3e:09:11:b9:e8:
65:cc:41:76:11:e6:4c:a9:48:19:ee:e3:aa:8b:cb:44:8a:65:
13:3b:f9:b1:d7:19:5f:d8:01:b1:79:bc:05:48:35:35:60:51:
a9:7c:d6:c2:db:c0:c5:e5:29:65:7e:a7:9f:1b:9d:c9:65:54:
60:b0:7a:86:97:24:4e:c3:ab:93:51:f4:d4:89:69:97:3f:64:
e1:fa:c7:1a:d0:3e:9f:b3:90:d7:ce:4f:35:bb:dc:6c:f3:f1:
81:b3:80:50:93:46:37:3e:59:78:71:7e:ac:b0:08:f2:f2:a2:
1e:34:33:6e:98:44:34:03:71:2d:6f:e9:60:6a:bf:e7:7b:f0:
f4:09:df:e2:ac:14:dc:3b:37:4e:15:7e:13:12:7d:42:52:33:
22:ff:04:c1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSSrGc+WrPQDr1J7M0kkiGeQVjVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTVaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZjViZGYwN2I4MTkyZTJiYzU5MjFkMmRlOTRjMzhiY2U2YTZmOWUxYWNi
NDdhMTdhMjBlYjFlMGMxNWVmYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOqj+PbGjRWGX8QTj3cwFaK9/zDGhTGe9kpjk+XphbIPcnQCfqYSFw2Av7JF
SJd06aQusrFrSUaED0oIiq5QqmE+BF5dA3q8Vv8cU1uLBi8jsWlPLKWXEpi3gT0/
kKIRinZJPiF1kWhGQ2VWYetL8K5pqiVHK6CqLU+7LzujVNcuV8+A0HD3kAvQ7MX7
Nk4YsiVBxfUGUbIkAGKL7n8NFF0P7dNwaBstz/aknxCDvcQjRic2Bo5rolx6NBn5
VNQJsNNgg1XibGuTfcu8cvbLqWmxWVaoO1p9XC13aan/Kr79TkVw5SD4WlqXDrXi
eEL12IAVMJ51WjoLtqQ27zNmQmcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQisIr7
ThTqIK3f3vqXGknq0PQyADAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEAkpMZRyK1f3bJVZ555Lgwa6Bq+8B5yZQB281IpnXj
eb1HeIBpk5EnQVyXPRmX3XkseudC1JRjSNqxil0BHET6IQ00rSgJ8cjJ3cZyHNTL
2X3OnMHtN4eqMttRLjNIi+gx8dpWWn6IZD4JEbnoZcxBdhHmTKlIGe7jqovLRIpl
Ezv5sdcZX9gBsXm8BUg1NWBRqXzWwtvAxeUpZX6nnxudyWVUYLB6hpckTsOrk1H0
1Ilplz9k4frHGtA+n7OQ185PNbvcbPPxgbOAUJNGNz5ZeHF+rLAI8vKiHjQzbphE
NANxLW/pYGq/53vw9Anf4qwU3Ds3ThV+ExJ9QlIzIv8EwQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:26 2025 by rpki-client