Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: hdXGp3zuT8Gzcyi/Cff8SLRFao27Vjgq3LfcujD20Cw=
Subject key identifier: C1:78:6B:F3:F2:10:75:8C:4D:7E:71:77:F3:C1:82:B5:6F:34:E0:94
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B0C653EC862232E8BD845EA5177C32D6B0B6B63
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Tue 20 May 2025 20:50:41 +0000
ROA not before: Tue 20 May 2025 20:50:41 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:0c:65:3e:c8:62:23:2e:8b:d8:45:ea:51:77:c3:2d:6b:0b:6b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:41 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=3fe8dc25e0728ca9eb2e272c3245b827f8d148b1d1c99888aef5fb2760f00a93, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:89:06:73:41:b4:6b:22:0f:4a:50:fc:c9:85:
5d:f9:a3:21:9c:55:2e:b9:e1:b6:7c:5a:0d:0c:87:
0d:24:19:f0:a4:c5:e7:9d:2d:ed:1e:8c:39:0c:29:
6c:d3:b3:50:36:60:df:50:ad:74:90:92:08:21:fe:
2a:fc:74:bf:e0:b7:52:1f:5b:81:9e:82:e2:33:2e:
a4:61:c4:d5:07:08:8d:bc:f7:f1:12:54:bb:e1:b1:
6f:7e:04:60:5a:96:7f:bc:9f:0f:cd:71:95:d4:98:
82:2f:8d:ea:ea:b9:6a:44:56:5a:4c:3c:d0:85:9e:
f3:c2:f2:75:d1:84:46:7b:d5:8d:ed:45:29:5e:4d:
a5:ff:50:30:72:2b:07:ba:a2:70:68:8b:80:6a:be:
d7:b6:83:d6:84:7d:75:5d:7a:c5:11:2c:00:aa:13:
e5:d4:01:bd:5b:6e:1e:fc:a5:8d:ea:a7:8e:58:5a:
81:74:1b:8c:db:33:57:65:07:5e:9d:ee:64:5f:60:
9e:1b:fc:c6:06:b4:6b:11:cc:d3:78:b0:42:7a:d1:
b8:ce:28:be:a3:4a:5b:12:9b:76:26:79:b3:01:07:
93:4c:5c:98:f4:b4:14:11:b8:1b:8d:63:03:bf:1d:
b8:9d:91:ec:67:e4:bd:84:8c:0b:cc:58:de:c9:b7:
07:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:78:6B:F3:F2:10:75:8C:4D:7E:71:77:F3:C1:82:B5:6F:34:E0:94
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5b:83:0d:0d:dd:32:c6:f0:0c:d4:cb:ff:71:e9:d2:05:38:d1:
7a:11:0f:d2:ce:d4:cd:52:3c:d4:23:d9:f1:36:68:5c:9b:63:
a0:ed:f1:62:dc:d4:ec:4b:29:e0:b3:a4:14:60:da:04:fe:e7:
71:76:3e:81:ce:71:81:e5:86:53:2e:17:d8:39:33:d6:67:03:
bd:57:b4:a5:2d:be:df:88:92:a4:29:f5:d8:49:bd:d1:c2:ee:
a1:45:40:eb:e3:8c:eb:2a:f6:32:b6:64:4b:78:f6:f2:dc:ed:
6d:a6:55:bf:0b:09:70:0d:09:8b:6c:3e:f6:1a:44:35:13:70:
0d:76:91:39:fc:10:b4:72:a5:99:91:f3:f0:7f:30:6d:14:e0:
78:1c:3a:1b:dc:81:6e:53:c4:60:5c:91:f0:8e:00:a8:36:36:
dc:f6:db:4e:17:6c:db:e7:d7:57:42:24:38:22:8a:4f:d2:9c:
9c:a4:b8:8e:5d:52:33:f4:3b:8b:db:f0:69:e7:3c:e8:98:d9:
c1:21:dd:09:c1:63:da:6b:75:e8:86:dd:67:73:a8:88:c0:2b:
cf:46:96:23:b7:1b:ea:04:d0:b5:4e:1e:e9:fe:6b:49:ad:9b:
b6:17:61:ad:b1:7a:7b:0e:52:69:c4:94:18:f9:56:16:78:f6:
7d:bd:dc:63
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOwxlPshiIy6L2EXqUXfDLWsLa2MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmZThkYzI1ZTA3MjhjYTllYjJlMjcyYzMyNDViODI3ZjhkMTQ4YjFkMWM5
OTg4OGFlZjVmYjI3NjBmMDBhOTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyJBnNBtGsiD0pQ/MmFXfmjIZxVLrnhtnxaDQyHDSQZ8KTF550t7R6MOQwp
bNOzUDZg31CtdJCSCCH+Kvx0v+C3Uh9bgZ6C4jMupGHE1QcIjbz38RJUu+Gxb34E
YFqWf7yfD81xldSYgi+N6uq5akRWWkw80IWe88LyddGERnvVje1FKV5Npf9QMHIr
B7qicGiLgGq+17aD1oR9dV16xREsAKoT5dQBvVtuHvyljeqnjlhagXQbjNszV2UH
Xp3uZF9gnhv8xga0axHM03iwQnrRuM4ovqNKWxKbdiZ5swEHk0xcmPS0FBG4G41j
A78duJ2R7GfkvYSMC8xY3sm3B+8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTBeGvz
8hB1jE1+cXfzwYK1bzTglDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQBbgw0N3TLG8AzUy/9x6dIFONF6EQ/SztTNUjzUI9nx
Nmhcm2Og7fFi3NTsSyngs6QUYNoE/udxdj6BznGB5YZTLhfYOTPWZwO9V7SlLb7f
iJKkKfXYSb3Rwu6hRUDr44zrKvYytmRLePby3O1tplW/CwlwDQmLbD72GkQ1E3AN
dpE5/BC0cqWZkfPwfzBtFOB4HDob3IFuU8RgXJHwjgCoNjbc9ttOF2zb59dXQiQ4
IopP0pycpLiOXVIz9DuL2/Bp5zzomNnBId0JwWPaa3Xoht1nc6iIwCvPRpYjtxvq
BNC1Th7p/mtJrZu2F2GtsXp7DlJpxJQY+VYWePZ9vdxj
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:18:27 2025 by rpki-client