Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: 0JoLL6HLpt85pvXzwbS+OW0a1BrV4tp8knV3He4Nock=
Subject key identifier: 9A:94:71:8A:CA:FA:AF:13:A6:87:50:10:47:7F:D0:BD:45:DE:EE:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1133596F4183470893974E009A823CFCA0E18408
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Sat 31 May 2025 00:50:26 +0000
ROA not before: Sat 31 May 2025 00:50:26 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:33:59:6f:41:83:47:08:93:97:4e:00:9a:82:3c:fc:a0:e1:84:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:26 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=4da2658e19fcd946fac2853322d8f0e7b8f0e48afbe9d0649adba1e4a6b831ed, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d5:a9:d8:84:39:85:30:a2:48:9c:7a:79:1e:
9b:19:12:ff:33:5f:2e:79:98:2f:2e:f9:5e:0c:73:
04:28:5a:5f:db:55:15:b7:7b:05:a6:37:2f:47:27:
7a:a2:b1:b9:dc:e9:31:dd:43:57:60:85:0f:df:a8:
1b:6d:a3:fd:0a:c0:f2:9b:e5:78:a7:dc:9d:10:f2:
e4:c1:5c:43:bb:3d:c1:6b:c1:65:99:5b:9b:51:25:
4f:04:d4:ff:58:61:73:c2:bf:2a:2a:0c:94:2a:b2:
56:f6:93:49:37:bd:71:87:26:5b:42:0f:08:4c:b4:
d3:ca:7e:b2:47:01:67:0d:7c:85:fd:5d:be:cb:ac:
25:ba:b1:06:12:18:45:ca:a3:09:e6:3f:4d:f3:34:
d9:97:6a:0a:ef:3c:ec:db:77:8f:47:df:c5:df:9f:
aa:e1:a9:88:d7:88:6f:f5:81:a8:76:c9:42:83:1b:
6a:b2:c0:10:45:13:e3:f6:27:cd:d1:2f:b2:b0:70:
8f:2b:0b:66:b6:92:9e:d3:fa:79:0c:36:fa:0c:a1:
82:0b:94:f1:6f:85:ee:f9:ac:a7:17:3e:30:97:23:
05:18:d7:73:95:6d:06:09:d3:dd:06:ad:67:cd:d5:
54:6c:7a:31:d7:ab:00:45:b1:58:fa:51:54:d3:27:
93:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:94:71:8A:CA:FA:AF:13:A6:87:50:10:47:7F:D0:BD:45:DE:EE:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c0:d1:f8:34:89:12:29:6e:73:ee:cb:27:8a:2e:a9:42:86:9b:
81:b9:95:7d:4b:98:0a:27:ee:d1:ed:be:15:60:a1:bd:d2:13:
83:d0:7c:fd:80:99:84:22:43:b0:94:c1:f1:67:f7:ef:ba:41:
02:2a:2f:aa:58:1b:0d:3d:da:20:71:9f:ab:da:7a:e2:7f:6d:
7a:31:90:df:05:09:b3:36:a8:94:40:c3:18:d3:cb:ee:7d:bd:
32:e4:fc:b4:38:0a:9d:00:62:79:4b:20:dd:f1:4c:e9:04:23:
83:2b:8a:e7:bd:02:e1:51:2d:d3:d3:fa:ed:f1:8e:60:9c:84:
a0:17:57:f7:76:ec:08:0b:9d:11:ef:89:fe:32:ef:a6:1f:70:
06:77:b5:70:ab:14:05:a9:61:94:42:f6:cb:1e:66:d6:39:60:
1a:49:52:34:89:30:d4:07:de:00:5a:4c:45:60:85:ca:8c:4a:
d3:10:02:95:85:38:98:c3:81:ef:ea:52:28:70:6a:34:c0:de:
5b:79:f0:18:27:ac:25:02:11:3b:a0:e1:88:fd:a8:c9:bd:96:
d4:2d:04:aa:ed:e0:9d:4c:91:12:76:6c:90:af:5a:cc:9c:5c:
ea:da:b4:56:a3:cd:f9:ad:03:43:03:f4:bc:96:bd:d5:e5:77:
88:e2:39:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUETNZb0GDRwiTl04AmoI8/KDhhAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjZaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkYTI2NThlMTlmY2Q5NDZmYWMyODUzMzIyZDhmMGU3YjhmMGU0OGFmYmU5
ZDA2NDlhZGJhMWU0YTZiODMxZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/VqdiEOYUwokicenkemxkS/zNfLnmYLy75XgxzBChaX9tVFbd7BaY3L0cn
eqKxudzpMd1DV2CFD9+oG22j/QrA8pvleKfcnRDy5MFcQ7s9wWvBZZlbm1ElTwTU
/1hhc8K/KioMlCqyVvaTSTe9cYcmW0IPCEy008p+skcBZw18hf1dvsusJbqxBhIY
RcqjCeY/TfM02ZdqCu887Nt3j0ffxd+fquGpiNeIb/WBqHbJQoMbarLAEEUT4/Yn
zdEvsrBwjysLZraSntP6eQw2+gyhgguU8W+F7vmspxc+MJcjBRjXc5VtBgnT3Qat
Z83VVGx6MderAEWxWPpRVNMnk6kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSalHGK
yvqvE6aHUBBHf9C9Rd7uOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQDA0fg0iRIpbnPuyyeKLqlChpuBuZV9S5gKJ+7R7b4V
YKG90hOD0Hz9gJmEIkOwlMHxZ/fvukECKi+qWBsNPdogcZ+r2nrif216MZDfBQmz
NqiUQMMY08vufb0y5Py0OAqdAGJ5SyDd8UzpBCODK4rnvQLhUS3T0/rt8Y5gnISg
F1f3duwIC50R74n+Mu+mH3AGd7VwqxQFqWGUQvbLHmbWOWAaSVI0iTDUB94AWkxF
YIXKjErTEAKVhTiYw4Hv6lIocGo0wN5befAYJ6wlAhE7oOGI/ajJvZbULQSq7eCd
TJESdmyQr1rMnFzq2rRWo835rQNDA/S8lr3V5XeI4jmf
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:17 2025 by rpki-client