Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
File: 9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa (raw, json)
Hash identifier: kAPVIoZSeHprkfWHat3K5fgDUODc/6YiEGqZ0wX1ulk=
Subject key identifier: B6:EA:C5:8A:7D:09:4F:3C:9C:30:F1:33:67:BB:D6:98:F8:DD:2A:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B046F32D77C0A8376F4499DF7700E7B362D722A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
Signing time: Fri 23 May 2025 00:51:10 +0000
ROA not before: Fri 23 May 2025 00:51:10 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:04:6f:32:d7:7c:0a:83:76:f4:49:9d:f7:70:0e:7b:36:2d:72:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:10 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=4bb0f89cf54a4aa39204b747d6065d479fca960d000736bd6727c74f3927fb5c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3f:58:8e:8d:0c:04:c1:bc:b3:2c:3c:3d:d1:
16:f5:9b:7a:27:da:01:e2:3a:b0:30:f3:a3:3e:11:
da:7b:82:72:7a:34:2b:5d:8e:62:46:f4:e1:82:73:
3d:b7:7c:5a:d7:ba:74:60:9c:55:07:07:e4:ed:3e:
4d:76:b6:38:af:37:ec:8b:4a:a3:47:44:4b:a5:99:
48:d9:03:cb:c1:28:ac:46:e2:c1:2e:f6:ff:b3:9d:
39:11:dc:d0:9f:29:fc:e2:32:93:be:41:55:54:b4:
1c:ea:28:09:f8:1e:89:99:94:9c:d4:c4:fa:32:e5:
45:ab:fe:24:3c:cc:af:c8:5f:4e:ae:ec:ef:b8:f8:
80:db:ce:2a:5a:d7:3f:51:08:a8:52:b8:25:68:5f:
72:4e:e6:a2:56:27:01:97:49:12:2f:3c:e7:28:30:
2d:e0:98:f4:ce:73:e9:93:0a:e8:3e:2c:42:06:d4:
14:5b:73:17:db:30:95:aa:12:f4:d8:a9:5e:ef:f5:
15:94:a3:96:a0:42:63:08:2c:42:97:72:fd:fe:f2:
ac:44:ac:eb:b8:f2:5e:f8:4e:66:4d:ff:9c:af:16:
ab:65:d2:29:cc:4f:b9:71:51:38:5b:24:8d:68:8e:
f0:c5:0f:22:4c:85:b5:5c:89:ca:06:d1:69:29:f8:
8a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EA:C5:8A:7D:09:4F:3C:9C:30:F1:33:67:BB:D6:98:F8:DD:2A:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
04:1f:f9:f8:c9:2a:a5:21:48:75:7d:31:a0:37:e7:83:7f:73:
df:83:94:3b:c5:11:fd:91:e9:2d:6b:51:35:af:29:03:e7:49:
3e:68:56:70:13:71:75:57:8a:3c:a2:c0:88:67:fc:70:17:43:
fb:59:b2:4b:8e:f4:73:75:10:79:71:57:69:dd:fb:3b:89:00:
ea:52:74:e4:f0:c0:9e:f7:4a:f8:28:79:49:e0:96:e0:ea:bf:
fc:d8:b1:e0:72:c1:17:e0:35:34:ae:c6:e0:af:58:f7:f5:d6:
87:df:6d:34:67:37:d2:e1:47:78:76:00:70:fb:f8:6e:85:89:
34:61:b3:5b:04:41:c3:a5:ac:0b:c1:a3:20:72:75:19:79:4b:
51:cb:bd:a8:cb:c0:ef:e3:bc:f9:dd:c4:cc:ce:0e:4a:ff:49:
51:86:4e:5c:83:63:17:3e:2a:24:b3:93:70:9c:05:50:9b:d9:
15:ef:1e:70:67:27:92:6e:a3:8d:c7:65:c7:13:79:68:64:78:
85:6a:1f:84:c8:01:c9:98:a7:c4:22:da:18:94:64:cf:85:61:
42:b7:b3:d5:64:1a:7a:ce:f8:6d:88:59:a2:ac:9e:50:0e:6d:
a3:a7:6c:4a:b0:cb:b5:07:5d:eb:6d:47:ef:9a:70:89:5e:94:
5f:29:be:ea
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSwRvMtd8CoN29Emd93AOezYtciowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMTBaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYjBmODljZjU0YTRhYTM5MjA0Yjc0N2Q2MDY1ZDQ3OWZjYTk2MGQwMDA3
MzZiZDY3MjdjNzRmMzkyN2ZiNWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANM/WI6NDATBvLMsPD3RFvWbeifaAeI6sDDzoz4R2nuCcno0K12OYkb04YJz
Pbd8Wte6dGCcVQcH5O0+TXa2OK837ItKo0dES6WZSNkDy8EorEbiwS72/7OdORHc
0J8p/OIyk75BVVS0HOooCfgeiZmUnNTE+jLlRav+JDzMr8hfTq7s77j4gNvOKlrX
P1EIqFK4JWhfck7molYnAZdJEi885ygwLeCY9M5z6ZMK6D4sQgbUFFtzF9swlaoS
9NipXu/1FZSjlqBCYwgsQpdy/f7yrESs67jyXvhOZk3/nK8Wq2XSKcxPuXFROFsk
jWiO8MUPIkyFtVyJygbRaSn4iq0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS26sWK
fQlPPJww8TNnu9aY+N0qeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWExZmEzOTEtNDM3Ny00NGJhLWE2YzctYzc4NWZjOWE3NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQAEH/n4ySqlIUh1fTGgN+eDf3Pfg5Q7xRH9kekta1E1
rykD50k+aFZwE3F1V4o8osCIZ/xwF0P7WbJLjvRzdRB5cVdp3fs7iQDqUnTk8MCe
90r4KHlJ4Jbg6r/82LHgcsEX4DU0rsbgr1j39daH3200ZzfS4Ud4dgBw+/huhYk0
YbNbBEHDpawLwaMgcnUZeUtRy72oy8Dv47z53cTMzg5K/0lRhk5cg2MXPioks5Nw
nAVQm9kV7x5wZyeSbqONx2XHE3loZHiFah+EyAHJmKfEItoYlGTPhWFCt7PVZBp6
zvhtiFmirJ5QDm2jp2xKsMu1B13rbUfvmnCJXpRfKb7q
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:54:54 2025 by rpki-client