Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json)
Hash identifier: kTHluswTJuJxUBTVPmy3gt/U+UilP5vmyXmTuVGQN/Q=
Subject key identifier: 43:B1:5B:C3:FF:87:95:C3:0C:BC:24:3F:4A:E2:C6:2E:D5:92:62:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E19DB1B40D291457AC5E9B264136BBE7D0ECA8B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
Signing time: Fri 23 May 2025 00:50:17 +0000
ROA not before: Fri 23 May 2025 00:50:17 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:19:db:1b:40:d2:91:45:7a:c5:e9:b2:64:13:6b:be:7d:0e:ca:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:17 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=d549f0d7c354973d7995bb28f6aa5c4023159a17840f19ceb9291beee723c85c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0d:9a:cc:7f:63:48:e7:15:c5:30:12:01:ab:
18:fd:b5:d3:e3:7f:9d:e7:35:d5:a7:d2:09:ce:2f:
e6:92:21:b2:e0:9e:85:43:47:62:b1:3c:f7:85:fe:
dc:d9:ba:99:f4:f9:50:84:53:35:40:c3:33:a3:05:
dc:9f:fe:72:51:64:2d:da:e2:28:c1:ce:c8:d1:4a:
b6:99:96:92:05:84:8e:cb:08:67:39:1c:2f:1c:27:
5a:33:61:c2:6e:ae:17:68:58:1e:a1:05:28:e8:ea:
49:e8:99:3e:5d:4b:e4:1c:df:c4:e2:42:ad:52:40:
16:cf:ea:1e:6f:83:bf:62:56:1f:19:66:90:02:8f:
2f:c4:0e:0b:fc:e9:eb:7e:35:2b:ef:23:22:57:47:
93:c9:b7:7d:6d:9b:23:62:e0:71:90:a2:a4:60:80:
2e:d6:07:34:43:58:6e:38:43:24:c0:9a:36:4e:d1:
da:79:10:4c:c9:71:e7:86:6d:cf:c7:b5:bf:38:31:
43:ff:28:c6:94:70:b0:3b:db:fe:8f:6b:bf:4d:f9:
12:25:7f:f8:47:5a:48:25:8a:1f:ce:69:7f:4c:80:
52:00:0e:d6:f6:eb:d9:03:4e:b5:c7:2f:c6:6e:e2:
1d:9d:32:4c:59:31:ea:ba:b6:ea:4b:8c:63:d7:ee:
16:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B1:5B:C3:FF:87:95:C3:0C:BC:24:3F:4A:E2:C6:2E:D5:92:62:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:ea:08:bf:1d:e8:4c:26:61:b9:06:72:26:21:c5:2e:5b:5a:
e5:6e:c7:53:40:63:6b:60:74:68:93:8d:f3:b5:13:aa:74:b7:
51:de:5f:97:39:38:bd:76:80:ec:dc:26:a6:e2:b8:b9:80:02:
73:4b:6a:df:07:67:19:be:52:e4:00:e8:62:4c:67:34:ba:cd:
1a:2f:ec:e8:cd:6f:19:fd:9b:de:7b:bc:57:3c:1f:45:59:26:
4c:97:7e:25:53:ac:f6:e6:4e:f2:6b:4e:44:0d:e4:c4:9c:0c:
7e:82:d8:28:08:e6:91:ba:36:fb:20:a9:b4:f5:75:78:90:0b:
7d:cc:fe:a7:e4:0d:bf:d3:df:97:64:f1:3a:bf:db:ad:16:17:
fb:4f:bc:c1:b3:fe:9f:89:d2:c7:66:21:de:8f:35:ab:c1:2f:
30:cd:52:4d:0f:fe:f5:f1:7d:ff:27:0a:b2:0b:72:54:4b:fd:
78:e0:03:bf:77:3a:21:45:f3:94:57:99:fe:b7:a8:de:c4:4b:
47:54:80:f5:d4:7b:69:3d:bc:42:a4:63:db:a1:29:fc:13:c8:
36:65:35:6b:10:5b:7e:4f:ee:42:60:c1:8f:bc:47:73:f1:0a:
09:ab:56:9a:08:48:05:91:0a:e3:8c:af:68:d4:53:41:14:77:
b3:02:5d:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDhnbG0DSkUV6xemyZBNrvn0OyoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTdaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1NDlmMGQ3YzM1NDk3M2Q3OTk1YmIyOGY2YWE1YzQwMjMxNTlhMTc4NDBm
MTljZWI5MjkxYmVlZTcyM2M4NWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJINmsx/Y0jnFcUwEgGrGP210+N/nec11afSCc4v5pIhsuCehUNHYrE894X+
3Nm6mfT5UIRTNUDDM6MF3J/+clFkLdriKMHOyNFKtpmWkgWEjssIZzkcLxwnWjNh
wm6uF2hYHqEFKOjqSeiZPl1L5BzfxOJCrVJAFs/qHm+Dv2JWHxlmkAKPL8QOC/zp
6341K+8jIldHk8m3fW2bI2LgcZCipGCALtYHNENYbjhDJMCaNk7R2nkQTMlx54Zt
z8e1vzgxQ/8oxpRwsDvb/o9rv035EiV/+EdaSCWKH85pf0yAUgAO1vbr2QNOtccv
xm7iHZ0yTFkx6rq26kuMY9fuFlsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDsVvD
/4eVwwy8JD9K4sYu1ZJiHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAxOoIvx3oTCZhuQZyJiHFLlta5W7HU0Bja2B0aJON
87UTqnS3Ud5flzk4vXaA7NwmpuK4uYACc0tq3wdnGb5S5ADoYkxnNLrNGi/s6M1v
Gf2b3nu8VzwfRVkmTJd+JVOs9uZO8mtORA3kxJwMfoLYKAjmkbo2+yCptPV1eJAL
fcz+p+QNv9Pfl2TxOr/brRYX+0+8wbP+n4nSx2Yh3o81q8EvMM1STQ/+9fF9/ycK
sgtyVEv9eOADv3c6IUXzlFeZ/reo3sRLR1SA9dR7aT28QqRj26Ep/BPINmU1axBb
fk/uQmDBj7xHc/EKCatWmghIBZEK44yvaNRTQRR3swJdsw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:56:59 2025 by rpki-client