Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: M5tNlDR29gy3vExmo6eh73xb3IUp2GJHM2lFl+HPUpI=
Subject key identifier: 46:49:DC:89:CF:8A:93:48:23:32:FF:6C:13:93:BD:D5:1F:9C:7A:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 085BB0D676BA6DFF31422D8D8C0372455247C8F3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Tue 20 May 2025 20:50:10 +0000
ROA not before: Tue 20 May 2025 20:50:10 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:5b:b0:d6:76:ba:6d:ff:31:42:2d:8d:8c:03:72:45:52:47:c8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:10 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=15896e967472f031897cc7f9876e1be772a862dadd04daf1b067c309b3e0ba31, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:20:a4:fa:d9:a9:66:24:0b:39:d7:82:18:
94:74:ab:af:c5:dc:39:ea:4c:4d:49:13:ac:b8:ae:
31:39:4a:a9:cd:ae:a9:5a:84:2d:22:f0:f5:35:bd:
16:dd:30:eb:33:3a:a5:d3:c6:c8:93:e7:d7:f5:92:
7f:81:34:8e:b4:0b:b8:cb:47:0b:27:97:c8:29:8a:
0c:c6:02:e6:36:0b:78:d7:4f:37:26:5a:0f:58:43:
37:2d:da:d2:d0:65:5d:a3:79:8e:18:1d:2d:a1:09:
1f:26:5d:c8:76:79:b5:8d:8e:fd:f7:da:fe:26:ce:
49:fd:f6:d9:1a:cd:15:4e:41:a7:98:68:94:fa:8f:
e9:3a:cc:7d:73:d1:28:c0:ca:cb:7d:64:a5:1b:a0:
4c:a3:6a:fb:bf:42:ec:7a:3d:40:d7:8f:b0:54:29:
53:93:a2:46:51:ba:1f:89:e5:e5:69:6f:a2:6b:ce:
de:21:95:92:cd:92:55:75:d5:7a:ba:62:c8:6c:fa:
49:bf:b9:98:99:76:bc:d2:b7:2b:74:86:ab:3a:0f:
b1:bb:69:ec:aa:4e:1d:d2:0e:9d:10:1d:27:0d:7b:
1d:12:32:f5:63:f8:9e:8b:1e:2c:9c:8c:c1:c0:0f:
cd:d3:7b:e0:e0:8b:1f:9a:94:96:9a:09:ce:6d:3b:
62:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:49:DC:89:CF:8A:93:48:23:32:FF:6C:13:93:BD:D5:1F:9C:7A:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:aa:f6:42:bc:04:d1:66:35:73:8e:7c:96:54:70:44:55:5f:
92:06:de:57:6a:27:c3:19:2a:e0:13:b5:15:ad:97:5a:06:b8:
81:aa:a7:6e:07:4e:9a:cc:85:1f:1e:e1:32:de:6a:a3:53:75:
27:ab:92:4c:c3:7f:3f:fe:b2:cf:0d:87:f3:5b:4a:10:2c:53:
bb:91:d1:12:3b:dc:5f:3d:8f:42:34:e1:c6:a0:26:97:9a:78:
6c:8e:46:ed:81:09:d0:71:6c:dd:16:4c:9e:75:a0:f5:97:72:
d9:38:74:77:79:99:9a:d6:b7:0a:5c:f1:47:27:45:06:9e:f6:
a7:af:71:ce:0e:f0:59:01:12:84:bd:c1:5c:4f:39:5c:7b:7d:
9e:cf:d5:07:b5:46:41:63:27:f7:b1:f1:ce:27:39:2a:47:e4:
65:9c:a9:ce:e7:a5:53:8e:87:7e:b0:e6:10:ac:3f:20:59:67:
6b:ef:53:33:02:47:cf:88:07:88:c9:19:53:87:01:bb:16:fe:
41:19:71:ac:a7:bb:34:79:8f:f5:d3:34:dc:a5:96:ef:ff:92:
fc:3a:36:1e:5e:99:0e:b2:ff:5f:25:7e:99:c3:e3:78:f1:58:
99:66:57:8b:2e:0c:02:c7:ae:f8:20:80:ff:68:e4:77:04:ea:
ab:49:fb:d8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCFuw1na6bf8xQi2NjANyRVJHyPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ODk2ZTk2NzQ3MmYwMzE4OTdjYzdmOTg3NmUxYmU3NzJhODYyZGFkZDA0
ZGFmMWIwNjdjMzA5YjNlMGJhMzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxjIKT62almJAs514IYlHSrr8XcOepMTUkTrLiuMTlKqc2uqVqELSLw9TW9
Ft0w6zM6pdPGyJPn1/WSf4E0jrQLuMtHCyeXyCmKDMYC5jYLeNdPNyZaD1hDNy3a
0tBlXaN5jhgdLaEJHyZdyHZ5tY2O/ffa/ibOSf322RrNFU5Bp5holPqP6TrMfXPR
KMDKy31kpRugTKNq+79C7Ho9QNePsFQpU5OiRlG6H4nl5WlvomvO3iGVks2SVXXV
erpiyGz6Sb+5mJl2vNK3K3SGqzoPsbtp7KpOHdIOnRAdJw17HRIy9WP4noseLJyM
wcAPzdN74OCLH5qUlpoJzm07Yi8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGSdyJ
z4qTSCMy/2wTk73VH5x6mTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQBRqvZCvATRZjVzjnyWVHBEVV+SBt5XaifDGSrgE7UV
rZdaBriBqqduB06azIUfHuEy3mqjU3Unq5JMw38//rLPDYfzW0oQLFO7kdESO9xf
PY9CNOHGoCaXmnhsjkbtgQnQcWzdFkyedaD1l3LZOHR3eZma1rcKXPFHJ0UGnvan
r3HODvBZARKEvcFcTzlce32ez9UHtUZBYyf3sfHOJzkqR+RlnKnO56VTjod+sOYQ
rD8gWWdr71MzAkfPiAeIyRlThwG7Fv5BGXGsp7s0eY/10zTcpZbv/5L8OjYeXpkO
sv9fJX6Zw+N48ViZZleLLgwCx674IID/aOR3BOqrSfvY
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:43:27 2025 by rpki-client