Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
File: 97585122-fbed-4029-849a-162097054103.roa (raw, json)
Hash identifier: S+gJIcYMeUF0oC4Qjfj4SGbFqxz+KnCcXrSdE57j8eQ=
Subject key identifier: FE:AE:19:8D:7F:89:35:1E:44:DD:C7:92:4B:20:B4:F9:CA:CE:17:35
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52708E4BA3BDD993637493FA41B6C02D08ECB6AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
Signing time: Sat 31 May 2025 00:50:31 +0000
ROA not before: Sat 31 May 2025 00:50:31 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:70:8e:4b:a3:bd:d9:93:63:74:93:fa:41:b6:c0:2d:08:ec:b6:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:31 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=9208effcb3877756dfa71fb8df438495bb39d491e23c1cf68267fe14e4c2de15, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d1:fb:50:5c:20:4e:98:e4:ea:3c:8b:8a:fa:
c5:3a:af:b1:7c:40:41:93:a8:45:6e:33:9b:99:e2:
1e:bf:6b:b8:74:0c:d2:e5:fb:a2:3f:7b:dd:2a:72:
be:7b:ec:5d:da:08:61:70:75:0e:b9:57:b8:f0:14:
ad:9b:18:59:66:30:e6:92:14:7f:bc:cd:9e:05:44:
99:fb:7e:1e:ab:c7:c9:86:bd:34:8b:52:66:d4:b0:
6e:74:95:30:3e:4e:9a:cd:35:88:c9:be:17:1f:21:
11:88:c3:1e:4d:a9:5c:44:76:11:a3:7b:65:81:b3:
29:e9:09:90:b5:56:9a:24:d9:c3:ca:f2:72:1a:a8:
24:7b:3a:40:3d:6c:9e:0d:d8:8a:44:d3:cc:e2:83:
45:87:3a:eb:1d:3c:2b:32:23:57:8c:97:f1:d7:66:
83:6b:9f:6b:ad:40:eb:dc:d4:c1:70:8f:14:4b:5a:
a1:7b:3e:f3:20:aa:3c:e3:88:e8:bb:b2:d8:8a:83:
2c:66:01:c7:af:d7:e7:4e:3a:5d:52:12:6d:38:a1:
2e:7d:76:c7:77:dc:cc:07:ef:52:96:12:b2:31:8e:
89:c7:90:6d:af:8f:3b:03:96:92:3b:a5:72:5e:74:
4d:47:69:64:8f:f5:83:08:02:c0:4e:37:e1:ac:a6:
3a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:AE:19:8D:7F:89:35:1E:44:DD:C7:92:4B:20:B4:F9:CA:CE:17:35
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7a:cb:ad:1b:b8:37:74:2c:b4:aa:6c:89:91:85:2e:6f:de:ef:
6b:bb:1c:74:33:3f:17:58:90:4a:cc:af:9d:55:1c:fe:0b:99:
73:49:49:c4:3b:c7:05:63:e1:04:7e:96:cb:48:00:97:a5:68:
3b:8e:38:c7:fb:7d:e2:48:2d:c2:d3:69:3b:53:13:fb:01:6f:
ab:9a:bf:d2:3a:29:76:5e:a7:f7:88:9f:66:51:89:7a:ac:34:
57:50:ec:36:af:68:be:18:9c:29:a5:07:dc:b2:08:52:2a:e4:
d5:ae:71:b1:60:ac:02:4a:6e:3e:33:78:3a:56:2e:c2:4b:95:
c8:b5:89:29:dd:70:85:13:e7:eb:0e:18:df:15:a6:bd:cb:92:
c9:a6:5a:b3:b5:0e:8a:bd:ee:b1:84:2c:9b:d9:e8:67:36:06:
ba:8a:d8:a8:a4:90:b2:63:be:b2:b4:12:27:31:b2:2f:c9:09:
21:65:76:46:0b:62:d5:91:51:1c:85:2f:7d:6b:b8:08:ab:9e:
ea:9d:45:64:5a:5e:8c:80:1c:42:bd:7b:20:50:54:7f:6d:60:
48:2b:7c:32:76:a8:76:25:79:bb:9e:5b:f4:f9:8e:66:8d:64:
ee:4b:77:f8:21:57:73:73:69:41:18:8b:3d:ef:ee:8f:ad:b0:
63:82:fa:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUnCOS6O92ZNjdJP6QbbALQjstq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMzFaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyMDhlZmZjYjM4Nzc3NTZkZmE3MWZiOGRmNDM4NDk1YmIzOWQ0OTFlMjNj
MWNmNjgyNjdmZTE0ZTRjMmRlMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvR+1BcIE6Y5Oo8i4r6xTqvsXxAQZOoRW4zm5niHr9ruHQM0uX7oj973Spy
vnvsXdoIYXB1DrlXuPAUrZsYWWYw5pIUf7zNngVEmft+HqvHyYa9NItSZtSwbnSV
MD5Oms01iMm+Fx8hEYjDHk2pXER2EaN7ZYGzKekJkLVWmiTZw8rychqoJHs6QD1s
ng3YikTTzOKDRYc66x08KzIjV4yX8ddmg2ufa61A69zUwXCPFEtaoXs+8yCqPOOI
6Luy2IqDLGYBx6/X5046XVISbTihLn12x3fczAfvUpYSsjGOiceQba+POwOWkjul
cl50TUdpZI/1gwgCwE434aymOgMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+rhmN
f4k1HkTdx5JLILT5ys4XNTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTc1ODUxMjItZmJlZC00MDI5LTg0OWEtMTYyMDk3MDU0MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQB6y60buDd0LLSqbImRhS5v3u9ruxx0Mz8XWJBKzK+d
VRz+C5lzSUnEO8cFY+EEfpbLSACXpWg7jjjH+33iSC3C02k7UxP7AW+rmr/SOil2
Xqf3iJ9mUYl6rDRXUOw2r2i+GJwppQfcsghSKuTVrnGxYKwCSm4+M3g6Vi7CS5XI
tYkp3XCFE+frDhjfFaa9y5LJplqztQ6Kve6xhCyb2ehnNga6itiopJCyY76ytBIn
MbIvyQkhZXZGC2LVkVEchS99a7gIq57qnUVkWl6MgBxCvXsgUFR/bWBIK3wydqh2
JXm7nlv0+Y5mjWTuS3f4IVdzc2lBGIs97+6PrbBjgvrG
-----END CERTIFICATE-----
Generated at Sat Jun 14 18:52:56 2025 by rpki-client