Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
File: 9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa (raw, json)
Hash identifier: 6NbXMPAh8xsaPkuULWp4l3JfIl8We8JzFeP0RV1IhRw=
Subject key identifier: 3D:FE:14:EB:6B:A8:5B:4A:BD:0A:A8:93:FA:68:56:1A:4F:F9:68:5D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F8C4A2D95AF0DEF28A8AEBAD56E2F736121AEDC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
Signing time: Sat 31 May 2025 00:50:32 +0000
ROA not before: Sat 31 May 2025 00:50:32 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:8c:4a:2d:95:af:0d:ef:28:a8:ae:ba:d5:6e:2f:73:61:21:ae:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:32 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=0da39687a331cc160db0ad7b9987665898a9d0458a59c6ff9399273f9fd8efff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:27:2f:aa:36:8b:45:af:d0:83:24:86:3c:aa:
0d:2c:36:b4:3f:c4:6d:f2:5f:26:34:45:e2:59:f0:
66:71:2f:84:e6:71:af:ef:9a:40:07:46:5a:55:44:
00:67:29:2b:42:77:92:1c:6f:25:6a:13:ac:e1:bb:
fa:4e:29:3b:b3:d6:d5:3b:11:0b:e6:64:02:cf:ca:
06:b1:8d:53:69:24:3a:f5:88:ef:ee:32:e4:dc:69:
7a:8f:77:90:40:36:cc:fc:81:ee:7c:50:47:b3:5a:
e0:e1:99:20:f1:13:29:e9:16:97:05:90:27:45:ad:
09:2d:44:92:91:b3:1e:01:62:53:9f:78:ef:3f:84:
46:b8:14:51:b3:ff:58:9b:24:24:ce:f3:86:b9:99:
6f:d4:25:2e:c6:da:f9:ca:0b:57:c7:57:08:49:ac:
23:0e:2a:b6:52:ae:9c:f5:c0:c6:36:5f:86:55:06:
2d:fa:96:52:91:49:5e:3a:0a:6d:8b:31:35:77:22:
68:b1:c6:58:84:21:db:57:25:89:a8:ea:83:7d:05:
09:3b:1e:6e:8e:45:a7:65:3b:dc:39:5e:52:c6:48:
6f:34:d0:8c:9e:7b:ab:5b:34:8e:bd:b4:0f:37:a7:
12:37:90:0a:28:ec:ca:fe:39:fd:8b:21:a7:d7:dc:
ed:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:FE:14:EB:6B:A8:5B:4A:BD:0A:A8:93:FA:68:56:1A:4F:F9:68:5D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:6b:65:8d:78:06:5f:2a:ab:d1:94:50:be:bd:50:25:ed:c4:
13:f6:87:f1:8c:82:12:21:54:99:e3:af:fd:a7:d6:66:ca:b4:
9c:63:28:4f:65:a4:e3:af:9d:4f:6b:7c:c9:06:15:c1:95:98:
5f:89:5b:b3:92:02:78:97:ba:02:90:e3:90:13:78:60:bc:f0:
86:9a:44:3d:51:6f:47:03:c3:24:a2:65:34:c2:0d:7f:bc:8b:
a0:b2:32:88:1e:43:58:32:b1:e8:70:d1:de:e4:4b:dd:76:e5:
c9:19:94:a3:69:0e:b8:46:0d:77:b5:e3:02:12:ba:70:fa:ac:
27:e4:04:01:02:44:8c:c4:da:43:41:08:29:17:58:31:d7:70:
e4:c4:91:5b:39:dd:a9:fd:c6:44:27:4e:35:ed:7b:61:42:f3:
bb:bd:d0:ad:1e:d1:96:2c:00:1e:90:41:a4:9c:56:4c:69:46:
36:86:df:7f:6c:76:49:45:a2:1a:cc:e0:8f:e0:4b:97:8a:8a:
c7:25:fc:2a:12:69:a0:1a:28:1c:4a:55:62:99:6f:84:81:51:
bf:5f:61:26:87:ba:4d:0f:a0:1c:66:1c:42:37:cb:af:36:0e:
fd:bc:3b:22:30:68:7b:ad:fe:73:83:5a:66:15:b6:25:38:f9:
f9:b3:39:68
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX4xKLZWvDe8oqK661W4vc2EhrtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMzJaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkYTM5Njg3YTMzMWNjMTYwZGIwYWQ3Yjk5ODc2NjU4OThhOWQwNDU4YTU5
YzZmZjkzOTkyNzNmOWZkOGVmZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4nL6o2i0Wv0IMkhjyqDSw2tD/EbfJfJjRF4lnwZnEvhOZxr++aQAdGWlVE
AGcpK0J3khxvJWoTrOG7+k4pO7PW1TsRC+ZkAs/KBrGNU2kkOvWI7+4y5Nxpeo93
kEA2zPyB7nxQR7Na4OGZIPETKekWlwWQJ0WtCS1EkpGzHgFiU5947z+ERrgUUbP/
WJskJM7zhrmZb9QlLsba+coLV8dXCEmsIw4qtlKunPXAxjZfhlUGLfqWUpFJXjoK
bYsxNXciaLHGWIQh21cliajqg30FCTsebo5Fp2U73DleUsZIbzTQjJ57q1s0jr20
DzenEjeQCijsyv45/Yshp9fc7UECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9/hTr
a6hbSr0KqJP6aFYaT/loXTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWU1NjUxMGItNWYxYy00N2Y2LThhNTQtMmVmOWM5NmM1NzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQCpa2WNeAZfKqvRlFC+vVAl7cQT9ofxjIISIVSZ46/9
p9ZmyrScYyhPZaTjr51Pa3zJBhXBlZhfiVuzkgJ4l7oCkOOQE3hgvPCGmkQ9UW9H
A8MkomU0wg1/vIugsjKIHkNYMrHocNHe5EvdduXJGZSjaQ64Rg13teMCErpw+qwn
5AQBAkSMxNpDQQgpF1gx13DkxJFbOd2p/cZEJ0417XthQvO7vdCtHtGWLAAekEGk
nFZMaUY2ht9/bHZJRaIazOCP4EuXiorHJfwqEmmgGigcSlVimW+EgVG/X2Emh7pN
D6AcZhxCN8uvNg79vDsiMGh7rf5zg1pmFbYlOPn5szlo
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:53:57 2025 by rpki-client