Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: QEEleCUbSZxvMdz8kx+/MM5SBGoNGZQSRMf8QyjLJtM=
Subject key identifier: 7F:AC:35:86:00:DD:F9:17:E1:1C:9A:8E:E5:25:34:3A:10:BE:9B:48
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5A346D4BFACE227010A2A475FACBD15CE111ABEF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Sat 31 May 2025 00:50:30 +0000
ROA not before: Sat 31 May 2025 00:50:30 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:34:6d:4b:fa:ce:22:70:10:a2:a4:75:fa:cb:d1:5c:e1:11:ab:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:30 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=e9c3dc47600e613f4859aeea433ace9bf971ad96fb0b827000f5fb50c45390fe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2b:75:71:04:51:c1:13:d9:36:49:44:ac:f9:
28:55:ec:5e:79:03:67:d3:9a:5b:6b:c5:46:09:14:
51:40:32:d9:94:38:92:53:93:ac:cb:40:02:d5:b5:
fc:d3:73:fd:6f:41:f3:d4:0f:cf:18:ee:b7:15:14:
64:ab:9f:9e:4e:3f:fd:b8:69:69:61:8c:63:e2:c3:
f5:0f:55:d1:91:ed:10:ed:53:66:4d:36:3b:8e:18:
ca:cb:e4:d4:7b:51:70:38:35:9c:12:02:e0:8d:3f:
88:e2:a6:ab:5b:b2:9f:0f:b4:b3:e8:b1:e6:4b:83:
73:40:b1:ad:ee:b6:5f:5d:ad:77:bd:81:7e:34:8b:
75:a0:e2:9a:43:e3:3c:9a:80:c8:9a:b7:2c:78:d6:
d7:ba:7e:a9:0c:4c:08:72:97:28:9a:b6:37:bd:e4:
3a:98:1c:85:52:a7:8d:61:aa:c8:88:80:90:59:f1:
b0:05:2b:29:36:0b:e6:e4:77:68:d4:05:84:24:49:
2b:4b:54:a0:15:59:75:87:ef:c6:0c:e5:b4:3f:7f:
1d:5e:69:cd:49:36:76:2d:d5:45:81:d1:c4:60:bb:
b2:5c:ec:7b:56:0c:8e:b4:34:ad:9a:8f:8a:4e:17:
e2:04:dc:ef:5f:7c:fe:70:66:c7:94:40:eb:3c:f4:
af:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AC:35:86:00:DD:F9:17:E1:1C:9A:8E:E5:25:34:3A:10:BE:9B:48
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:1a:a5:52:da:96:d7:fd:fc:ae:bc:32:ba:a7:3c:a6:7c:82:
59:ae:4f:b1:01:df:bc:8f:04:fc:aa:fd:dd:cc:27:b6:e5:01:
54:6e:bc:14:70:19:bb:5f:73:a7:f2:83:b2:d4:5f:4e:a2:15:
0c:bd:35:18:25:bf:02:22:c6:a9:8d:98:2f:26:20:eb:c2:10:
4f:5d:3d:e2:42:d0:d1:cc:3b:8e:3f:48:6c:06:65:d8:b1:e7:
6e:18:8c:24:ad:db:eb:0a:01:a6:36:08:78:27:69:6c:fe:35:
5e:69:01:0c:ed:53:46:e5:be:af:6e:70:35:28:39:01:db:75:
d3:de:08:56:b2:17:af:57:75:a9:4d:90:96:b9:f2:bb:64:b3:
07:84:57:a9:29:de:9c:be:a7:ee:da:5c:f2:2c:ec:a7:aa:09:
d7:86:e3:9b:f9:a6:5f:07:63:d7:33:2e:bb:69:e2:23:7e:e8:
f5:69:e2:4a:6c:22:0f:c5:c7:48:ef:0f:31:8a:45:fb:55:5b:
82:e3:6a:53:b2:5d:0d:71:32:79:d4:95:c0:02:e5:97:df:33:
d4:db:bd:48:e7:4e:28:ca:50:d6:ed:4d:5b:57:ab:42:75:25:
f2:29:62:a8:d2:f4:0f:1a:ab:0a:62:7d:2b:e5:76:3b:cd:36:
d1:03:a0:1c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWjRtS/rOInAQoqR1+svRXOERq+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMzBaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YzNkYzQ3NjAwZTYxM2Y0ODU5YWVlYTQzM2FjZTliZjk3MWFkOTZmYjBi
ODI3MDAwZjVmYjUwYzQ1MzkwZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8rdXEEUcET2TZJRKz5KFXsXnkDZ9OaW2vFRgkUUUAy2ZQ4klOTrMtAAtW1
/NNz/W9B89QPzxjutxUUZKufnk4//bhpaWGMY+LD9Q9V0ZHtEO1TZk02O44Yysvk
1HtRcDg1nBIC4I0/iOKmq1uynw+0s+ix5kuDc0Cxre62X12td72BfjSLdaDimkPj
PJqAyJq3LHjW17p+qQxMCHKXKJq2N73kOpgchVKnjWGqyIiAkFnxsAUrKTYL5uR3
aNQFhCRJK0tUoBVZdYfvxgzltD9/HV5pzUk2di3VRYHRxGC7slzse1YMjrQ0rZqP
ik4X4gTc7198/nBmx5RA6zz0r/UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR/rDWG
AN35F+Ecmo7lJTQ6EL6bSDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQAIGqVS2pbX/fyuvDK6pzymfIJZrk+xAd+8jwT8qv3d
zCe25QFUbrwUcBm7X3On8oOy1F9OohUMvTUYJb8CIsapjZgvJiDrwhBPXT3iQtDR
zDuOP0hsBmXYseduGIwkrdvrCgGmNgh4J2ls/jVeaQEM7VNG5b6vbnA1KDkB23XT
3ghWshevV3WpTZCWufK7ZLMHhFepKd6cvqfu2lzyLOynqgnXhuOb+aZfB2PXMy67
aeIjfuj1aeJKbCIPxcdI7w8xikX7VVuC42pTsl0NcTJ51JXAAuWX3zPU271I504o
ylDW7U1bV6tCdSXyKWKo0vQPGqsKYn0r5XY7zTbRA6Ac
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:28 2025 by rpki-client