Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json)
Hash identifier: Pfe6ijEqU5hTOySy/YcT8ofByJ2KCdBmdk40qMLtXBo=
Subject key identifier: 98:F9:E1:35:E5:97:A6:92:F6:FE:27:B3:62:B8:A2:9D:5D:8C:F7:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6320E250FFE6453202DD08434F30168961A7E625
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
Signing time: Sat 24 May 2025 00:30:41 +0000
ROA not before: Sat 24 May 2025 00:30:41 +0000
ROA not after: Sat 28 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:20:e2:50:ff:e6:45:32:02:dd:08:43:4f:30:16:89:61:a7:e6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 24 00:30:41 2025 GMT
Not After : Jun 28 23:59:59 2025 GMT
Subject: serialNumber=829916264e3845b13b794c3ada6d1369a4d48de6f19252a61806b060d734a4ea, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:19:1e:17:66:12:7e:ed:c6:ce:87:cb:90:6e:
fe:87:07:02:8a:77:4c:fe:e3:0a:2a:44:ed:75:f2:
28:73:c2:f6:54:97:87:23:6d:8d:57:cd:5c:46:8d:
a1:cd:8d:f5:18:60:93:58:49:86:7d:69:78:77:43:
fc:ab:48:9c:52:ba:8d:07:fe:e5:76:70:9b:ac:65:
b8:61:92:6e:36:af:3f:dc:cf:ea:a3:7c:19:4c:ab:
aa:a1:69:5e:5b:db:4b:6f:81:a9:a5:90:d9:3e:95:
92:9a:bd:46:4d:fb:43:e9:bf:fb:e5:33:ff:fa:42:
b7:79:49:5b:a2:79:12:6a:ad:74:7c:7e:3b:13:c6:
29:c9:97:86:89:2d:50:21:43:e5:f9:3f:71:8a:1f:
07:6d:a6:82:f5:35:da:41:f3:2d:05:1e:26:b8:3f:
89:9e:42:c7:45:18:4a:c7:74:10:88:c3:f9:6b:d0:
5b:3b:ff:fd:c3:ed:c1:0a:ae:3b:fd:69:67:9c:04:
77:67:aa:bf:3c:53:53:0a:a9:f2:f0:90:d4:45:27:
72:23:81:80:a4:3f:14:62:be:71:b9:f1:01:97:da:
b9:1f:0c:57:3b:55:47:e0:93:eb:6b:57:55:de:dd:
2e:9c:ce:41:e9:86:6a:f1:bc:61:13:21:7b:12:fa:
85:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F9:E1:35:E5:97:A6:92:F6:FE:27:B3:62:B8:A2:9D:5D:8C:F7:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
44:fd:37:98:72:77:22:b3:cf:a0:b8:8d:4b:00:72:ec:8a:3f:
06:cf:25:e2:c8:08:87:10:90:8f:d4:bb:67:91:6f:f7:27:dc:
1d:41:b9:f1:37:75:a8:b8:0b:f5:51:66:e5:e4:ba:35:27:15:
1d:ab:72:e8:bd:fd:0c:e6:4c:ee:f3:8e:66:03:bd:e3:e7:42:
33:81:e2:c8:dc:bb:6e:a7:2c:ba:97:e4:cd:42:f3:09:27:5b:
22:3a:f5:e0:5d:ba:5a:1c:bd:f9:0f:0d:e1:ea:b2:52:3f:8a:
86:df:0b:f2:db:ba:f5:b5:28:aa:02:b2:b6:98:b2:9a:71:93:
4f:07:73:60:e4:e4:ff:e9:3f:1c:a6:2b:5f:a7:45:d4:88:1c:
32:83:4b:d6:e0:05:21:98:0c:1f:e0:96:19:96:bc:ff:39:9f:
ca:b5:70:47:7f:13:7a:26:40:49:2b:99:40:73:fe:6e:77:d0:
e3:25:9a:60:18:d8:81:0e:cf:33:89:04:5f:bf:0d:20:c5:6b:
dd:bf:e9:7d:94:47:c4:94:b9:91:11:ea:23:d7:d8:1f:64:b2:
af:2b:53:98:c0:69:de:91:a7:31:76:df:2d:fa:eb:05:93:e5:
54:41:05:d9:20:04:5f:ec:81:4d:41:09:0d:fe:a4:9d:23:7d:
ef:04:db:d5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYyDiUP/mRTIC3QhDTzAWiWGn5iUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjQwMDMwNDFaFw0yNTA2MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyOTkxNjI2NGUzODQ1YjEzYjc5NGMzYWRhNmQxMzY5YTRkNDhkZTZmMTky
NTJhNjE4MDZiMDYwZDczNGE0ZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0ZHhdmEn7txs6Hy5Bu/ocHAop3TP7jCipE7XXyKHPC9lSXhyNtjVfNXEaN
oc2N9Rhgk1hJhn1peHdD/KtInFK6jQf+5XZwm6xluGGSbjavP9zP6qN8GUyrqqFp
XlvbS2+BqaWQ2T6Vkpq9Rk37Q+m/++Uz//pCt3lJW6J5EmqtdHx+OxPGKcmXhokt
UCFD5fk/cYofB22mgvU12kHzLQUeJrg/iZ5Cx0UYSsd0EIjD+WvQWzv//cPtwQqu
O/1pZ5wEd2eqvzxTUwqp8vCQ1EUnciOBgKQ/FGK+cbnxAZfauR8MVztVR+CT62tX
Vd7dLpzOQemGavG8YRMhexL6hVMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSY+eE1
5Zemkvb+J7NiuKKdXYz3cjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBE/TeYcncis8+guI1LAHLsij8GzyXiyAiHEJCP1Ltn
kW/3J9wdQbnxN3WouAv1UWbl5Lo1JxUdq3Lovf0M5kzu845mA73j50IzgeLI3Ltu
pyy6l+TNQvMJJ1siOvXgXbpaHL35Dw3h6rJSP4qG3wvy27r1tSiqArK2mLKacZNP
B3Ng5OT/6T8cpitfp0XUiBwyg0vW4AUhmAwf4JYZlrz/OZ/KtXBHfxN6JkBJK5lA
c/5ud9DjJZpgGNiBDs8ziQRfvw0gxWvdv+l9lEfElLmREeoj19gfZLKvK1OYwGne
kacxdt8t+usFk+VUQQXZIARf7IFNQQkN/qSdI33vBNvV
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:07:22 2025 by rpki-client