Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: y+46bJCBXvD4Jw5V958N1+hiCXGaTQsaVHkU7RSfqxM=
Subject key identifier: 16:46:22:9D:47:C4:11:12:5A:3D:AB:A2:F4:BC:10:B2:AA:16:8B:3A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F174F749544CE0BB91E5D855BAC68905AE39A8A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Tue 20 May 2025 20:40:10 +0000
ROA not before: Tue 20 May 2025 20:40:10 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:17:4f:74:95:44:ce:0b:b9:1e:5d:85:5b:ac:68:90:5a:e3:9a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:10 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=861aafd50ffbf5ddb1e0c49a72bd274aae5171b777bc963ab67f88dca4144db7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6d:22:d7:76:cc:d4:6e:b7:80:ba:68:ef:d3:
56:a6:97:72:39:cb:af:87:00:dd:4b:7e:66:ae:f1:
88:60:32:e4:66:47:57:51:1c:df:04:30:c8:89:77:
0f:1f:99:34:ed:89:0f:4a:a9:7f:cb:38:88:b2:d5:
c6:2c:53:ea:c6:5c:b1:5d:62:0c:ec:7d:c0:99:43:
83:6a:29:29:26:c0:ad:b1:09:01:2e:e9:09:d8:cc:
e8:cf:dc:3b:12:19:3f:7c:79:49:77:2d:47:54:ec:
db:55:63:8d:26:1c:cb:f7:34:9a:32:63:82:45:a2:
55:0b:ff:de:d1:61:f9:6d:62:76:f5:77:13:9a:6c:
c2:79:c0:95:61:26:bd:da:80:d1:4e:8b:55:4a:05:
21:58:6e:39:bc:75:c5:8c:49:e0:a2:f0:51:ea:93:
c6:d9:a1:1c:88:b5:49:17:16:3e:bf:a3:9a:52:33:
2c:a4:f8:a6:75:3b:97:d7:90:83:92:a8:72:68:5a:
78:df:d4:c5:f2:3a:f1:fd:21:b3:42:c9:cb:75:f8:
a6:ee:5b:92:ad:19:5b:61:ed:8c:98:b5:82:17:47:
e8:50:61:95:ff:88:c7:70:a5:45:95:35:6d:8b:7b:
2c:08:fd:f0:b5:d7:97:d0:0a:bc:23:5b:35:c3:cc:
f5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:46:22:9D:47:C4:11:12:5A:3D:AB:A2:F4:BC:10:B2:AA:16:8B:3A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:9b:75:0a:20:97:a7:1f:9f:64:9e:43:e1:3f:3f:c4:ae:b5:
0e:0b:04:b1:bb:a7:75:aa:21:ce:76:85:ed:13:78:7c:bd:c8:
ed:3d:94:ab:f4:85:10:70:6b:c4:55:8c:6d:6c:24:07:9d:a2:
68:f3:e4:7f:55:18:a4:7b:b2:42:cd:3b:52:81:1d:48:eb:4d:
a4:46:8d:80:9c:3d:6d:b0:6a:ea:81:11:14:a2:89:86:32:3b:
ff:e0:8c:ea:84:2d:50:5e:92:61:ad:d9:e8:c5:61:4a:76:cc:
b2:4c:a7:8e:d7:00:56:d5:24:d5:6b:ad:6c:16:1d:43:7a:0b:
fb:5e:a7:a4:3e:cd:10:39:76:cc:f0:d5:ac:65:ae:23:61:f6:
db:fe:31:da:6f:77:df:e3:1d:38:4c:88:98:6c:4b:37:f9:72:
f4:06:32:9f:09:6a:b8:11:eb:d5:49:b9:ff:18:70:72:7b:c5:
a6:9b:2d:73:ba:37:58:16:40:19:e7:a2:b7:a6:67:f5:ce:59:
b8:9b:83:2f:c4:9b:80:b0:2b:35:ae:30:70:7f:93:98:6d:8b:
19:9f:62:d9:50:77:09:f6:54:22:a6:93:93:17:5b:71:25:60:
9c:f9:fc:0f:05:d3:0e:ed:46:f8:b2:e9:a4:c0:b4:80:bb:42:
94:7d:e4:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULxdPdJVEzgu5Hl2FW6xokFrjmoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MWFhZmQ1MGZmYmY1ZGRiMWUwYzQ5YTcyYmQyNzRhYWU1MTcxYjc3N2Jj
OTYzYWI2N2Y4OGRjYTQxNDRkYjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBtItd2zNRut4C6aO/TVqaXcjnLr4cA3Ut+Zq7xiGAy5GZHV1Ec3wQwyIl3
Dx+ZNO2JD0qpf8s4iLLVxixT6sZcsV1iDOx9wJlDg2opKSbArbEJAS7pCdjM6M/c
OxIZP3x5SXctR1Ts21VjjSYcy/c0mjJjgkWiVQv/3tFh+W1idvV3E5pswnnAlWEm
vdqA0U6LVUoFIVhuObx1xYxJ4KLwUeqTxtmhHIi1SRcWPr+jmlIzLKT4pnU7l9eQ
g5KocmhaeN/UxfI68f0hs0LJy3X4pu5bkq0ZW2HtjJi1ghdH6FBhlf+Ix3ClRZU1
bYt7LAj98LXXl9AKvCNbNcPM9e8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQWRiKd
R8QRElo9q6L0vBCyqhaLOjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQAQm3UKIJenH59knkPhPz/ErrUOCwSxu6d1qiHOdoXt
E3h8vcjtPZSr9IUQcGvEVYxtbCQHnaJo8+R/VRike7JCzTtSgR1I602kRo2AnD1t
sGrqgREUoomGMjv/4IzqhC1QXpJhrdnoxWFKdsyyTKeO1wBW1STVa61sFh1Degv7
XqekPs0QOXbM8NWsZa4jYfbb/jHab3ff4x04TIiYbEs3+XL0BjKfCWq4EevVSbn/
GHBye8Wmmy1zujdYFkAZ56K3pmf1zlm4m4MvxJuAsCs1rjBwf5OYbYsZn2LZUHcJ
9lQippOTF1txJWCc+fwPBdMO7Ub4sumkwLSAu0KUfeSj
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:39 2025 by rpki-client