Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: OqhEgiX1ldCgPiJ/Crk1OWMIAF/fNHY9zqYLdxDDXgU=
Subject key identifier: 66:39:74:FE:78:88:DD:C8:31:19:4D:CD:9C:49:23:62:3F:81:87:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4550F86FBD29ED5A7B8902F62D4EDA8283AA8930
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Tue 20 May 2025 20:40:19 +0000
ROA not before: Tue 20 May 2025 20:40:19 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:50:f8:6f:bd:29:ed:5a:7b:89:02:f6:2d:4e:da:82:83:aa:89:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:19 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e47cf520c8dfdad3a4a9ad9ba6cb8bf80476cea61653ec3a5be8bd1d095d9c6c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6a:0e:87:2c:ac:91:8b:c5:f1:32:36:0f:3b:
e0:a6:c9:40:47:80:59:53:8f:a8:fe:b2:0a:76:d7:
49:b6:86:9f:96:45:07:af:21:c6:d1:b1:71:78:47:
c9:76:33:2e:2a:a6:7b:0f:49:04:1e:b7:fe:64:15:
88:39:66:37:23:f1:ab:3d:e1:ee:33:f7:0b:79:e8:
a2:fc:c2:87:1d:54:cd:de:89:5d:9d:7b:ce:15:c5:
fc:d9:ab:e7:e8:be:88:16:aa:cf:a6:5d:60:42:c1:
39:50:be:0b:46:1a:f9:06:d2:18:e6:4c:44:4f:5e:
e4:4b:d1:72:d6:88:22:6c:8f:1e:cb:14:8f:25:57:
d6:41:f4:57:01:9c:fb:4f:6c:9a:d6:63:ba:65:37:
d8:33:4f:65:66:ae:06:49:db:6b:ce:1c:2f:a4:01:
6d:06:fe:89:39:1c:34:1f:8c:58:a1:26:78:7c:2b:
79:28:98:6c:c8:f5:32:73:98:cd:0c:cc:3d:07:da:
05:71:58:27:69:b4:7d:7d:8e:f7:78:b6:46:35:c4:
f0:12:1f:de:17:9c:35:33:94:32:75:b3:b8:2c:5b:
f1:50:3b:6a:9e:53:02:0d:f6:6f:2c:e5:9d:68:8e:
3b:f0:d5:20:91:f5:38:61:08:83:c9:aa:2f:04:5c:
e0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:39:74:FE:78:88:DD:C8:31:19:4D:CD:9C:49:23:62:3F:81:87:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
27:64:1e:d4:a8:a2:3d:84:8d:bd:34:90:8a:3b:0e:be:0a:25:
93:99:f5:14:37:27:a9:9c:df:86:b3:28:96:47:83:20:c5:7a:
af:3d:cf:81:b9:75:4a:11:b2:15:bf:4b:ed:be:b3:89:71:ae:
65:7b:14:68:bd:51:35:84:b8:f5:67:23:d3:9a:fa:35:b2:ca:
23:9c:b9:4a:5a:f8:51:5d:f9:8b:d9:04:28:b9:54:4b:5e:20:
68:03:e8:c6:55:52:ec:49:6d:7d:7d:25:8a:6a:47:9b:0d:d0:
60:4d:4c:4d:1c:2f:f8:2a:6c:81:20:c5:01:ab:87:9c:30:c1:
46:29:0a:00:98:da:d3:25:b3:a9:59:ed:9d:be:ed:e4:c0:e5:
af:8a:37:00:fb:a9:e8:ca:6a:77:ba:16:49:23:ad:02:78:27:
69:5c:a6:5e:b9:b5:e6:ee:6e:2c:f8:69:31:ec:90:a7:32:51:
f1:4b:24:a5:4d:76:b0:95:41:07:f6:6b:32:45:3d:ad:20:54:
48:6d:1d:cf:f4:5a:fe:4e:4a:2f:02:30:34:89:46:9a:ba:42:
72:2a:11:78:34:03:c9:cb:bb:00:50:95:9e:3b:a5:31:42:95:
69:89:7e:60:96:9d:5d:af:9d:79:c9:84:ef:8b:66:dc:22:44:
a5:43:3e:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURVD4b70p7Vp7iQL2LU7agoOqiTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0N2NmNTIwYzhkZmRhZDNhNGE5YWQ5YmE2Y2I4YmY4MDQ3NmNlYTYxNjUz
ZWMzYTViZThiZDFkMDk1ZDljNmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJqDocsrJGLxfEyNg874KbJQEeAWVOPqP6yCnbXSbaGn5ZFB68hxtGxcXhH
yXYzLiqmew9JBB63/mQViDlmNyPxqz3h7jP3C3noovzChx1Uzd6JXZ17zhXF/Nmr
5+i+iBaqz6ZdYELBOVC+C0Ya+QbSGOZMRE9e5EvRctaIImyPHssUjyVX1kH0VwGc
+09smtZjumU32DNPZWauBknba84cL6QBbQb+iTkcNB+MWKEmeHwreSiYbMj1MnOY
zQzMPQfaBXFYJ2m0fX2O93i2RjXE8BIf3hecNTOUMnWzuCxb8VA7ap5TAg32byzl
nWiOO/DVIJH1OGEIg8mqLwRc4FMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmOXT+
eIjdyDEZTc2cSSNiP4GHATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQAnZB7UqKI9hI29NJCKOw6+CiWTmfUUNyepnN+GsyiW
R4MgxXqvPc+BuXVKEbIVv0vtvrOJca5lexRovVE1hLj1ZyPTmvo1ssojnLlKWvhR
XfmL2QQouVRLXiBoA+jGVVLsSW19fSWKakebDdBgTUxNHC/4KmyBIMUBq4ecMMFG
KQoAmNrTJbOpWe2dvu3kwOWvijcA+6noymp3uhZJI60CeCdpXKZeubXm7m4s+Gkx
7JCnMlHxSySlTXawlUEH9msyRT2tIFRIbR3P9Fr+TkovAjA0iUaaukJyKhF4NAPJ
y7sAUJWeO6UxQpVpiX5glp1dr515yYTvi2bcIkSlQz5t
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:36 2025 by rpki-client