Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: 1WxsXQto7ujQfzUUwtaGWkxHQtXqLAKddJXecKbSo4o=
Subject key identifier: 20:38:37:6C:88:BD:4D:F5:68:D8:9A:83:6C:4B:31:24:B7:DD:66:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 42B5F3543E99C59010AB31531181E992956A7AFC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Tue 20 May 2025 20:40:22 +0000
ROA not before: Tue 20 May 2025 20:40:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:b5:f3:54:3e:99:c5:90:10:ab:31:53:11:81:e9:92:95:6a:7a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d6e96aa892aa578b4436e9b45622ff7e35f1ba4ed86351ca32ecf3b42fa21174, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:85:e8:a4:28:5e:a4:b3:b4:ca:a7:23:25:87:
72:91:3c:13:bb:b5:84:6d:c5:50:91:b7:cd:37:e6:
99:d2:ae:01:3f:43:66:43:53:c6:80:c5:d2:08:db:
bd:98:78:49:1f:89:aa:5d:fd:4b:53:02:fb:fb:0c:
19:9f:9b:2a:22:50:9a:be:f5:eb:e5:e7:54:f7:d0:
95:56:1b:a3:6b:1a:8e:de:bd:fc:df:3d:af:a8:07:
a1:07:ea:b5:7f:15:c9:6a:b0:c6:e2:a0:8f:69:42:
1f:1e:ae:1c:d9:a8:d5:c2:1e:4f:16:14:d3:e8:0d:
e6:24:c7:6c:a8:ea:e9:e2:a4:51:dd:4b:4f:f3:5e:
c1:6d:c6:e2:9f:91:eb:f7:e5:ee:4a:10:20:4b:f5:
22:d8:1f:ba:52:28:c0:a5:82:a7:55:3a:a0:2a:24:
25:7e:8e:7e:e1:82:3b:7d:44:17:0d:0d:9a:5f:b9:
28:d1:5d:bd:4c:bc:fa:86:39:b8:29:83:a4:c8:24:
ec:2b:7b:d5:93:02:86:c2:00:eb:b0:c6:00:60:9e:
f5:86:53:9d:1d:7a:bb:b5:b7:bb:95:76:c0:b2:2a:
62:38:c5:1c:3b:da:d2:5e:a7:aa:07:c5:b3:97:7e:
28:75:8f:1f:21:ce:8e:54:77:ed:36:81:94:c0:e7:
ce:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:38:37:6C:88:BD:4D:F5:68:D8:9A:83:6C:4B:31:24:B7:DD:66:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3d:6c:b6:9a:9c:18:51:1a:90:7d:b2:3c:3c:e0:34:de:37:5b:
6a:cb:be:36:aa:14:2b:2d:2a:7a:f2:94:a4:ef:90:f8:fb:39:
32:08:af:19:9c:02:a1:e9:5c:20:d7:66:1a:5a:51:ed:e9:1e:
b9:56:00:3e:7c:9a:93:11:79:96:0f:63:f0:cb:44:58:43:ec:
d6:42:08:2e:3d:74:3f:32:50:6d:95:3f:f7:93:86:9c:db:fc:
d8:a6:39:a9:91:55:b9:36:d9:52:0e:9d:fb:61:00:78:be:f8:
57:96:bb:40:20:95:00:2c:ae:db:68:9b:c7:16:95:3d:c7:53:
44:f3:61:a8:19:2f:2f:e9:87:f5:51:22:b7:7b:c3:fd:f9:74:
2b:02:3f:81:64:fc:91:b2:68:e1:c6:88:3e:d5:34:e2:3a:bd:
0e:b0:ef:10:92:f3:e3:73:02:db:46:bb:51:4b:82:04:c8:6c:
93:20:31:b3:d8:90:cc:ce:ce:24:de:b9:6d:67:47:e1:bc:19:
86:8f:46:d0:b9:da:30:ff:ca:fe:b1:a8:9c:e5:0b:6b:23:1d:
4e:16:6f:f2:53:b9:b4:52:dc:9b:fe:6a:8f:b6:92:61:43:c2:
dc:e0:85:cc:e8:78:84:ab:c2:32:93:59:10:00:bc:67:1f:dd:
66:79:c6:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQrXzVD6ZxZAQqzFTEYHpkpVqevwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMjJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2ZTk2YWE4OTJhYTU3OGI0NDM2ZTliNDU2MjJmZjdlMzVmMWJhNGVkODYz
NTFjYTMyZWNmM2I0MmZhMjExNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSF6KQoXqSztMqnIyWHcpE8E7u1hG3FUJG3zTfmmdKuAT9DZkNTxoDF0gjb
vZh4SR+Jql39S1MC+/sMGZ+bKiJQmr716+XnVPfQlVYbo2sajt69/N89r6gHoQfq
tX8VyWqwxuKgj2lCHx6uHNmo1cIeTxYU0+gN5iTHbKjq6eKkUd1LT/NewW3G4p+R
6/fl7koQIEv1ItgfulIowKWCp1U6oCokJX6OfuGCO31EFw0Nml+5KNFdvUy8+oY5
uCmDpMgk7Ct71ZMChsIA67DGAGCe9YZTnR16u7W3u5V2wLIqYjjFHDva0l6nqgfF
s5d+KHWPHyHOjlR37TaBlMDnzscCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQgODds
iL1N9WjYmoNsSzEkt91m4DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQA9bLaanBhRGpB9sjw84DTeN1tqy742qhQrLSp68pSk
75D4+zkyCK8ZnAKh6Vwg12YaWlHt6R65VgA+fJqTEXmWD2Pwy0RYQ+zWQgguPXQ/
MlBtlT/3k4ac2/zYpjmpkVW5NtlSDp37YQB4vvhXlrtAIJUALK7baJvHFpU9x1NE
82GoGS8v6Yf1USK3e8P9+XQrAj+BZPyRsmjhxog+1TTiOr0OsO8QkvPjcwLbRrtR
S4IEyGyTIDGz2JDMzs4k3rltZ0fhvBmGj0bQudow/8r+saic5QtrIx1OFm/yU7m0
Utyb/mqPtpJhQ8Lc4IXM6HiEq8Iyk1kQALxnH91mecaS
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:15 2025 by rpki-client