Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: A4BG4ZtW5gR0sVtIO+pNcGscQPWCe9frK4ICKcjYfDE=
Subject key identifier: D9:78:7E:98:FD:1F:1F:D8:83:1A:41:46:A1:03:9B:8B:0D:EF:00:B0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3408760CD96A05111135DE9039348D4026C80B12
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Tue 20 May 2025 20:40:18 +0000
ROA not before: Tue 20 May 2025 20:40:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:08:76:0c:d9:6a:05:11:11:35:de:90:39:34:8d:40:26:c8:0b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=fd20a52240730d3353ea79bfbf55dc3c9e615388d240ef6929c01674f8e8f0c7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c1:9b:20:17:fb:4d:eb:37:6a:ae:c5:84:73:
9b:57:35:ab:05:dc:2c:c9:f3:f2:c6:ef:d2:d8:5e:
1d:7c:a7:ab:28:a5:62:ed:3a:f3:26:90:f5:10:13:
4a:06:19:b9:5d:86:bc:54:0d:91:3f:3f:14:c8:c5:
1c:92:a4:a4:1f:94:6f:94:65:3b:3d:a5:17:32:c9:
42:a1:cf:28:fe:67:eb:a5:8d:e5:8f:c2:59:9f:b1:
83:8f:75:41:a1:df:a9:55:56:3d:18:88:b7:a9:0b:
c6:3b:6e:61:15:91:d7:84:da:df:57:3a:74:26:09:
e3:12:ed:61:fa:46:02:2c:24:dd:c5:31:22:cd:f1:
f9:fa:f8:8b:22:bd:f7:5b:e8:db:5b:26:44:c8:84:
d3:5e:d3:2c:be:5f:1a:29:a2:f0:b4:8b:fe:5b:f1:
ef:01:1b:15:81:f3:fa:2e:24:12:b3:b0:b8:cc:3c:
0f:cf:3b:a9:89:26:80:a9:5c:89:11:ad:04:82:05:
e0:4c:87:13:eb:c7:b7:7d:e8:53:b8:f9:67:29:20:
a4:08:17:1f:be:14:71:ac:7b:cb:6e:63:da:bd:5b:
30:61:20:ce:9a:3a:e2:77:9c:49:4e:86:70:06:c4:
2c:b9:4a:51:e6:8c:70:71:6b:cd:40:9f:6e:98:1c:
d3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:78:7E:98:FD:1F:1F:D8:83:1A:41:46:A1:03:9B:8B:0D:EF:00:B0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
20:21:ee:a3:a6:c7:ae:05:76:4b:fb:6b:e4:44:ca:19:07:1a:
f9:74:e8:18:7b:4e:3c:3b:19:c4:8e:99:6a:66:c7:25:93:2f:
31:9a:ec:0a:cd:c6:da:b4:87:11:3b:73:31:c2:15:7e:6b:5e:
9e:bb:0d:1b:df:52:d8:06:94:7f:6b:de:3a:b5:04:17:8e:b6:
1f:12:2f:d6:59:50:ae:81:96:57:0d:d5:9f:70:69:2d:9d:31:
5f:d7:d4:cf:61:86:d4:6c:4c:da:c1:a3:f4:c0:92:32:cf:21:
c0:6d:1f:d3:ce:9b:8e:71:9d:8d:b1:48:7b:56:1d:59:35:eb:
42:f0:66:b5:55:b0:1d:97:29:fd:fa:9f:88:70:e1:c2:69:91:
fd:c7:29:14:24:a6:82:24:a7:21:f0:54:54:43:bb:5f:65:65:
49:12:43:16:39:48:52:f9:b8:e6:6d:a6:ee:31:ac:5a:03:3d:
0d:a8:a5:f8:d8:80:2f:b1:29:f2:37:3c:9b:39:59:e9:de:fe:
f2:ff:86:d1:24:ee:7b:67:75:43:e2:3d:77:80:31:35:12:74:
aa:c8:d8:35:90:58:12:fe:2e:fc:4e:76:eb:26:01:ae:4d:6c:
2e:90:fe:48:61:f5:58:e6:87:a8:cd:4c:ba:2d:0d:62:16:ce:
eb:c0:26:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNAh2DNlqBRERNd6QOTSNQCbICxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMjBhNTIyNDA3MzBkMzM1M2VhNzliZmJmNTVkYzNjOWU2MTUzODhkMjQw
ZWY2OTI5YzAxNjc0ZjhlOGYwYzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzBmyAX+03rN2quxYRzm1c1qwXcLMnz8sbv0theHXynqyilYu068yaQ9RAT
SgYZuV2GvFQNkT8/FMjFHJKkpB+Ub5RlOz2lFzLJQqHPKP5n66WN5Y/CWZ+xg491
QaHfqVVWPRiIt6kLxjtuYRWR14Ta31c6dCYJ4xLtYfpGAiwk3cUxIs3x+fr4iyK9
91vo21smRMiE017TLL5fGimi8LSL/lvx7wEbFYHz+i4kErOwuMw8D887qYkmgKlc
iRGtBIIF4EyHE+vHt33oU7j5ZykgpAgXH74Ucax7y25j2r1bMGEgzpo64necSU6G
cAbELLlKUeaMcHFrzUCfbpgc00cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTZeH6Y
/R8f2IMaQUahA5uLDe8AsDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQAgIe6jpseuBXZL+2vkRMoZBxr5dOgYe048OxnEjplq
Zsclky8xmuwKzcbatIcRO3MxwhV+a16euw0b31LYBpR/a946tQQXjrYfEi/WWVCu
gZZXDdWfcGktnTFf19TPYYbUbEzawaP0wJIyzyHAbR/TzpuOcZ2NsUh7Vh1ZNetC
8Ga1VbAdlyn9+p+IcOHCaZH9xykUJKaCJKch8FRUQ7tfZWVJEkMWOUhS+bjmbabu
MaxaAz0NqKX42IAvsSnyNzybOVnp3v7y/4bRJO57Z3VD4j13gDE1EnSqyNg1kFgS
/i78TnbrJgGuTWwukP5IYfVY5oeozUy6LQ1iFs7rwCao
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:52:53 2025 by rpki-client