Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: RLjgNGVdKyTiJ6gIy9xMZzl/Pw6Mo3LH89Sua6gu+F8=
Subject key identifier: 8C:25:72:39:D6:27:AE:9D:B9:29:8A:F4:2E:33:3C:A7:1C:5A:13:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66F0E7FC3F9E5FFE0959DB8626D584EA150A7CE0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Fri 23 May 2025 00:50:13 +0000
ROA not before: Fri 23 May 2025 00:50:13 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f0:e7:fc:3f:9e:5f:fe:09:59:db:86:26:d5:84:ea:15:0a:7c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:13 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=6a50b2097d1c3c14a2981452895e8ed6fe5c526f2718f75c89071f17f892f9da, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:08:1a:b4:8e:3d:ab:70:da:d1:60:d8:24:9d:
cf:ba:a3:ac:23:be:26:ce:58:c3:21:3e:98:ae:69:
8a:1c:88:3a:dd:1a:85:b8:83:90:17:1a:c6:7e:2a:
d2:f9:45:3a:d6:70:77:3a:4b:fa:20:4a:3f:45:41:
10:13:cb:d4:e3:41:92:ef:2f:44:2d:fb:b1:1c:e0:
2c:3f:87:9c:10:47:2c:7b:1d:12:06:e5:37:aa:a9:
9e:01:81:98:9b:31:d0:9a:9f:5f:bd:b5:b1:21:c4:
7a:2d:7f:95:47:cf:26:ef:af:03:79:64:fd:c2:88:
58:df:c7:f1:04:0c:4f:e2:82:73:02:5c:2a:f6:e4:
a9:44:22:da:67:8b:ac:95:92:9c:a0:cc:bc:95:c2:
33:57:f6:38:90:f4:05:93:16:9e:d4:10:bd:b6:df:
45:60:39:04:9f:92:03:9b:93:7c:2b:b0:3f:10:c7:
01:ad:eb:c4:af:0b:7c:75:24:31:ef:ec:bc:a8:cd:
69:2d:7b:a7:ef:85:7b:3c:fc:b6:ba:90:8f:3e:9d:
35:2d:5a:b7:04:37:8f:07:79:b7:75:8d:26:8f:59:
64:8d:60:0f:1f:a6:f3:09:27:01:28:89:b0:d0:6f:
9c:0e:1b:a5:0f:eb:43:8b:72:36:40:f8:01:0b:2e:
53:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:25:72:39:D6:27:AE:9D:B9:29:8A:F4:2E:33:3C:A7:1C:5A:13:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:bc:d6:da:d2:d5:90:0d:37:b2:ba:c3:f7:3a:a1:72:33:e3:
5f:6a:98:02:88:9f:74:a1:9d:5d:39:e7:48:c0:b7:31:1d:0b:
6f:37:a4:d6:16:96:2c:ec:a6:9e:d4:c8:74:68:75:2a:77:07:
20:de:aa:91:a8:a4:35:a8:a5:8f:49:f4:0a:a9:02:d1:9a:5f:
e8:d5:19:28:23:46:03:59:c9:27:a5:8c:e3:1e:26:12:6d:a2:
44:12:67:2e:09:e4:c5:8e:25:7f:55:6d:56:97:6d:16:fe:aa:
15:27:eb:3d:5a:9a:be:d1:87:a6:0b:4d:b1:42:56:42:c1:f8:
d7:73:d8:36:fe:ff:a6:11:80:b6:60:d6:e0:60:41:1c:fa:2a:
87:ec:9f:03:9c:8e:d6:b7:be:27:a3:10:50:ed:0e:1d:e9:87:
7c:06:32:81:90:35:e1:0d:aa:1c:4a:7d:e2:45:5a:7a:16:2e:
4d:d3:bd:c8:44:33:99:eb:3a:39:9f:17:2b:95:d7:e1:ae:08:
ce:32:bf:a0:1f:16:39:1d:34:83:69:06:13:d5:43:36:fd:14:
3d:de:15:8c:67:e0:61:be:c8:28:de:53:14:7c:de:14:43:8b:
14:f6:a6:51:94:bd:c9:66:b0:20:0b:f9:5e:24:c1:0e:31:f4:
3d:31:87:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZvDn/D+eX/4JWduGJtWE6hUKfOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhNTBiMjA5N2QxYzNjMTRhMjk4MTQ1Mjg5NWU4ZWQ2ZmU1YzUyNmYyNzE4
Zjc1Yzg5MDcxZjE3Zjg5MmY5ZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUIGrSOPatw2tFg2CSdz7qjrCO+Js5YwyE+mK5pihyIOt0ahbiDkBcaxn4q
0vlFOtZwdzpL+iBKP0VBEBPL1ONBku8vRC37sRzgLD+HnBBHLHsdEgblN6qpngGB
mJsx0JqfX721sSHEei1/lUfPJu+vA3lk/cKIWN/H8QQMT+KCcwJcKvbkqUQi2meL
rJWSnKDMvJXCM1f2OJD0BZMWntQQvbbfRWA5BJ+SA5uTfCuwPxDHAa3rxK8LfHUk
Me/svKjNaS17p++Fezz8trqQjz6dNS1atwQ3jwd5t3WNJo9ZZI1gDx+m8wknASiJ
sNBvnA4bpQ/rQ4tyNkD4AQsuU38CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSMJXI5
1ieunbkpivQuMzynHFoTETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQBjvNba0tWQDTeyusP3OqFyM+NfapgCiJ90oZ1dOedI
wLcxHQtvN6TWFpYs7Kae1Mh0aHUqdwcg3qqRqKQ1qKWPSfQKqQLRml/o1RkoI0YD
WcknpYzjHiYSbaJEEmcuCeTFjiV/VW1Wl20W/qoVJ+s9Wpq+0YemC02xQlZCwfjX
c9g2/v+mEYC2YNbgYEEc+iqH7J8DnI7Wt74noxBQ7Q4d6Yd8BjKBkDXhDaocSn3i
RVp6Fi5N073IRDOZ6zo5nxcrldfhrgjOMr+gHxY5HTSDaQYT1UM2/RQ93hWMZ+Bh
vsgo3lMUfN4UQ4sU9qZRlL3JZrAgC/leJMEOMfQ9MYfk
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:24 2025 by rpki-client