Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json)
Hash identifier: lBOV/3GQZLbY9A4j2f6pxqJbFFstqTrZTs73W28Y+iU=
Subject key identifier: 1D:59:B2:97:56:6A:E9:E4:45:67:FB:DC:0E:56:1E:5C:D8:19:BE:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3681B8E09034305E14B9AC902AB552F8E0AAB089
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
Signing time: Fri 23 May 2025 00:50:18 +0000
ROA not before: Fri 23 May 2025 00:50:18 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:81:b8:e0:90:34:30:5e:14:b9:ac:90:2a:b5:52:f8:e0:aa:b0:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:18 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=e33c9bca8ce3998de664b780e1129dd3f6bc9b0a1cef6186740a721b8b639313, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c2:be:02:75:23:75:6e:96:e6:2d:ef:69:a1:
94:9b:2e:14:8a:8c:cf:ac:c8:cb:ad:bd:b2:66:eb:
86:44:21:7b:96:4c:26:38:57:78:3d:67:d4:08:28:
ae:b2:43:c9:41:f3:25:d2:78:9f:05:e0:33:b0:8b:
54:5a:5f:b3:d2:ec:f9:42:77:7c:38:18:db:0a:37:
3d:65:7e:e2:f2:82:73:dc:74:97:83:2b:cf:f8:9f:
0a:d7:aa:26:e7:21:ca:bc:91:3e:7c:cd:f6:ea:77:
58:b4:75:8d:45:fe:58:88:37:22:e0:7a:7f:6e:22:
fe:b0:ed:ff:f6:00:7b:f4:59:53:e9:a4:41:1e:e4:
f1:a3:1c:2a:cc:ae:7c:b1:08:f8:52:96:f2:8d:b9:
32:c7:31:a9:0d:95:72:1f:4c:7e:dc:a8:e8:4e:c3:
0d:26:ee:25:4c:24:09:eb:5d:2b:a8:46:b8:ab:44:
2b:27:41:36:f6:68:86:05:84:19:24:24:86:65:bd:
8e:92:e1:75:1f:8d:e7:3b:e0:e3:33:4b:57:b5:08:
44:ff:bb:10:ba:d7:c3:16:19:f6:e7:51:f4:4f:23:
1d:ee:aa:ee:4f:fc:2e:44:da:d5:6b:c8:48:98:fb:
89:80:94:79:a5:85:84:51:40:08:cc:94:f8:c1:e5:
2a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:59:B2:97:56:6A:E9:E4:45:67:FB:DC:0E:56:1E:5C:D8:19:BE:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.204.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:80:b9:99:b1:d8:77:89:b4:2b:3a:d1:be:7f:da:a3:8e:01:
0c:70:40:65:1f:39:ee:1c:06:7f:ab:28:61:d7:10:cd:fa:d2:
b8:bb:03:d2:ad:56:b6:99:87:33:b0:7d:03:d9:c6:3e:1b:63:
e1:3c:61:4c:0a:18:48:e9:cc:6b:d2:a0:16:f4:fc:fb:0b:8e:
c5:b3:15:1c:35:9f:32:b1:87:f5:a4:22:92:ce:0d:21:9b:3b:
6b:a9:20:82:ea:b3:9b:99:7f:da:ca:64:01:6c:f4:57:e1:cd:
0c:89:2d:3f:89:16:65:fc:89:da:1b:d5:41:33:92:a5:6e:3a:
19:5f:ed:71:e6:9b:e2:99:ec:de:04:3d:36:d9:a4:e1:db:35:
0e:07:23:1a:ba:d4:f9:da:f5:e0:16:3d:a7:54:0f:60:67:03:
78:1e:90:30:e9:02:ea:a2:94:59:34:6a:37:0f:09:e8:78:c1:
a2:61:a9:53:64:26:41:2e:2b:8e:c7:ee:c6:b0:96:c2:e5:2c:
09:ca:0d:3b:74:23:94:13:65:29:79:96:25:c6:cd:6b:59:72:
35:b1:4d:3f:6a:5a:38:1a:45:1c:89:ec:e5:86:14:11:81:f8:
f0:a6:03:0e:35:62:34:61:81:36:8c:e8:84:1e:a4:7f:d9:69:
00:50:1d:4f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNoG44JA0MF4UuayQKrVS+OCqsIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMThaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzM2M5YmNhOGNlMzk5OGRlNjY0Yjc4MGUxMTI5ZGQzZjZiYzliMGExY2Vm
NjE4Njc0MGE3MjFiOGI2MzkzMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3CvgJ1I3VuluYt72mhlJsuFIqMz6zIy629smbrhkQhe5ZMJjhXeD1n1Ago
rrJDyUHzJdJ4nwXgM7CLVFpfs9Ls+UJ3fDgY2wo3PWV+4vKCc9x0l4Mrz/ifCteq
JuchyryRPnzN9up3WLR1jUX+WIg3IuB6f24i/rDt//YAe/RZU+mkQR7k8aMcKsyu
fLEI+FKW8o25MscxqQ2Vch9Mftyo6E7DDSbuJUwkCetdK6hGuKtEKydBNvZohgWE
GSQkhmW9jpLhdR+N5zvg4zNLV7UIRP+7ELrXwxYZ9udR9E8jHe6q7k/8LkTa1WvI
SJj7iYCUeaWFhFFACMyU+MHlKiUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQdWbKX
Vmrp5EVn+9wOVh5c2Bm+6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN
BgkqhkiG9w0BAQsFAAOCAQEA0YC5mbHYd4m0KzrRvn/ao44BDHBAZR857hwGf6so
YdcQzfrSuLsD0q1WtpmHM7B9A9nGPhtj4TxhTAoYSOnMa9KgFvT8+wuOxbMVHDWf
MrGH9aQiks4NIZs7a6kgguqzm5l/2spkAWz0V+HNDIktP4kWZfyJ2hvVQTOSpW46
GV/tceab4pns3gQ9Ntmk4ds1DgcjGrrU+dr14BY9p1QPYGcDeB6QMOkC6qKUWTRq
Nw8J6HjBomGpU2QmQS4rjsfuxrCWwuUsCcoNO3QjlBNlKXmWJcbNa1lyNbFNP2pa
OBpFHIns5YYUEYH48KYDDjViNGGBNozohB6kf9lpAFAdTw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:51:38 2025 by rpki-client