Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
File: a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa (raw, json)
Hash identifier: OyxD49vjjMVlOXA0gOYlWMslvM4+desjklYzuDzyDCA=
Subject key identifier: 58:2A:70:20:59:AB:79:C5:5F:FC:32:9B:AE:74:5E:B0:27:37:CD:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 421CEF5144B71DB44CE11B423A246BE665CABC34
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
Signing time: Fri 23 May 2025 00:50:14 +0000
ROA not before: Fri 23 May 2025 00:50:14 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:1c:ef:51:44:b7:1d:b4:4c:e1:1b:42:3a:24:6b:e6:65:ca:bc:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:14 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=7618843599c84a13428c0e866beba230fcb1ad1ec903ca22d1cabae69b8b939d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:14:dd:94:85:fb:c0:b1:b7:ae:e4:c2:6a:d5:
0a:12:6c:bf:c2:3d:44:61:b9:79:28:d9:91:9d:29:
3c:38:c0:46:5a:5a:bc:1c:a5:9d:5d:30:10:1a:9c:
25:db:de:c0:0f:fa:8b:89:d5:c9:f7:11:18:21:cb:
af:85:31:28:ff:4e:47:c5:36:1f:42:40:18:b2:c0:
e5:db:06:17:35:53:65:19:e7:bb:f5:12:03:df:dc:
e0:e6:f3:18:1d:90:05:08:5a:7f:26:21:9c:26:84:
27:4b:f4:b2:56:03:22:70:3c:99:0c:de:1a:b7:15:
fb:b6:9b:2e:93:31:74:cd:64:12:df:ff:fe:6f:f3:
50:e0:f8:c9:50:4e:d8:46:cb:0b:dc:57:53:a6:5e:
be:29:26:83:0b:ac:2b:d3:3e:ed:de:41:cf:1d:f4:
eb:8e:b9:29:52:da:03:81:1a:86:8a:5d:a9:8a:01:
14:9d:83:57:6e:e0:72:76:d4:70:50:f9:f2:ee:d2:
2f:35:30:78:a9:15:9e:a3:49:0a:03:0b:5e:ab:ff:
d4:d9:df:b4:93:1b:c6:ba:4b:6e:55:5e:61:13:20:
83:f7:66:6a:23:a5:a8:46:fe:b0:ab:e2:22:1d:5a:
1d:0d:90:33:d0:15:0c:81:c6:56:78:83:9f:0f:b3:
4a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2A:70:20:59:AB:79:C5:5F:FC:32:9B:AE:74:5E:B0:27:37:CD:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
46:29:29:b7:15:19:18:d0:2c:99:57:d1:5e:d6:d4:fc:e0:c7:
26:a0:26:44:ce:61:45:f8:12:3f:17:ef:47:d0:16:dc:5d:2b:
cf:25:dd:89:f2:87:e4:83:f8:a9:d9:ff:1f:ea:fc:de:7e:65:
5c:8b:20:17:98:dc:86:6a:b8:e0:b3:1c:9d:e6:82:0b:fb:de:
ff:8b:db:2e:a4:dd:65:83:49:f3:b9:30:5a:ce:12:73:95:8c:
53:04:35:30:3a:f8:e9:27:cf:41:90:de:c9:2f:6e:7a:2f:0d:
4b:fd:7e:52:4c:6d:53:82:a5:78:9e:cf:52:f3:c7:c4:39:11:
3c:6e:8d:42:a3:ca:11:58:bb:c2:6d:ce:dc:f3:4b:fe:5e:34:
e4:53:8b:f2:fa:71:e0:d2:3e:2c:b6:f0:94:40:79:83:74:7e:
b3:81:f5:e4:2a:49:a4:eb:e7:b4:df:21:ee:8b:37:07:36:52:
47:a6:78:47:a0:c3:b9:f5:e5:70:b7:88:c0:fe:0b:59:44:b9:
aa:e2:c0:78:31:94:50:76:6c:40:b9:e6:67:80:01:32:eb:75:
32:bc:3a:c3:f0:7c:66:e6:74:74:b9:01:00:1c:47:3e:b7:cb:
41:f0:23:4c:17:f7:78:f4:52:e5:88:1e:1c:fb:4c:8a:82:fa:
68:07:36:b7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQhzvUUS3HbRM4RtCOiRr5mXKvDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTRaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2MTg4NDM1OTljODRhMTM0MjhjMGU4NjZiZWJhMjMwZmNiMWFkMWVjOTAz
Y2EyMmQxY2FiYWU2OWI4YjkzOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoU3ZSF+8Cxt67kwmrVChJsv8I9RGG5eSjZkZ0pPDjARlpavBylnV0wEBqc
JdvewA/6i4nVyfcRGCHLr4UxKP9OR8U2H0JAGLLA5dsGFzVTZRnnu/USA9/c4Obz
GB2QBQhafyYhnCaEJ0v0slYDInA8mQzeGrcV+7abLpMxdM1kEt///m/zUOD4yVBO
2EbLC9xXU6ZevikmgwusK9M+7d5Bzx306465KVLaA4EahopdqYoBFJ2DV27gcnbU
cFD58u7SLzUweKkVnqNJCgMLXqv/1NnftJMbxrpLblVeYRMgg/dmaiOlqEb+sKvi
Ih1aHQ2QM9AVDIHGVniDnw+zSm8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRYKnAg
Wat5xV/8MpuudF6wJzfN4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFiMjdlODctODAxZi00YzllLTk4YTItZjgxYjU0ZThiOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQBGKSm3FRkY0CyZV9Fe1tT84McmoCZEzmFF+BI/F+9H
0BbcXSvPJd2J8ofkg/ip2f8f6vzefmVciyAXmNyGarjgsxyd5oIL+97/i9supN1l
g0nzuTBazhJzlYxTBDUwOvjpJ89BkN7JL256Lw1L/X5STG1TgqV4ns9S88fEORE8
bo1Co8oRWLvCbc7c80v+XjTkU4vy+nHg0j4stvCUQHmDdH6zgfXkKkmk6+e03yHu
izcHNlJHpnhHoMO59eVwt4jA/gtZRLmq4sB4MZRQdmxAueZngAEy63UyvDrD8Hxm
5nR0uQEAHEc+t8tB8CNMF/d49FLliB4c+0yKgvpoBza3
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:22 2025 by rpki-client