Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: 3j8VDFg+BVgtgb4DN7y1rTKsG2pNzHgPjzSCl03MIkw=
Subject key identifier: 91:FD:CE:6E:94:8B:70:35:27:DF:3F:06:7B:65:93:EC:AA:C8:77:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2595D750427019A8B3FA09CAB94D176B206B1922
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Sat 31 May 2025 00:50:28 +0000
ROA not before: Sat 31 May 2025 00:50:28 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:95:d7:50:42:70:19:a8:b3:fa:09:ca:b9:4d:17:6b:20:6b:19:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:28 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=442ad599cabbb58eb24dcfeb4150cbba96864aacd31c6d4e3295b2c994425bae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:70:5d:35:8a:98:05:d7:68:8e:70:f2:eb:f4:
74:6d:a9:27:f2:d7:ac:73:8f:75:4b:b9:b8:63:8e:
f6:0c:91:d3:17:e2:fa:f1:0d:bf:2d:f8:45:45:e5:
b1:1d:fe:75:4b:4e:46:d3:b6:5b:85:6a:29:d0:12:
07:11:9f:47:85:cd:be:1e:54:1a:1a:a1:2c:9d:c8:
51:f5:bb:1e:c1:9e:62:30:03:c5:74:ff:0a:49:f6:
c1:3e:6c:eb:fb:68:d0:83:76:bf:28:55:a0:cd:48:
ea:df:be:05:e3:85:a9:71:26:2f:71:13:ff:02:80:
f3:96:d8:d3:f1:cd:46:68:05:d9:63:78:24:0c:e2:
b9:9f:5f:17:20:00:f3:5e:79:c8:64:d6:47:d3:a6:
ed:3b:ea:71:9a:a8:1c:f4:63:71:77:30:03:06:65:
de:fe:f1:78:f9:7d:6b:de:40:69:65:c5:61:10:fa:
56:24:52:e8:87:b4:48:60:4e:e0:5a:05:9d:27:de:
4c:ad:fb:15:2c:ac:df:9c:6e:de:01:cf:ac:69:e8:
47:93:f8:0a:7d:50:7b:7d:31:a3:84:63:57:6e:af:
26:24:8f:b3:16:ae:f0:92:f3:62:ad:5e:8c:b6:36:
a0:a6:a9:05:b6:4c:c7:83:cc:fa:50:37:2d:14:50:
aa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FD:CE:6E:94:8B:70:35:27:DF:3F:06:7B:65:93:EC:AA:C8:77:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:ec:dc:c5:ae:cd:3c:75:28:0a:1b:1a:7f:e7:34:d7:07:b3:
6a:50:74:04:9e:cb:1d:58:08:ee:30:f5:d4:33:ab:04:28:b8:
54:67:ec:15:23:b7:04:05:4a:8d:85:cb:58:fd:85:67:6d:7d:
6f:77:9f:ab:f8:3c:0c:4c:62:3c:8b:88:19:6e:87:85:3d:70:
cc:2c:4f:11:08:77:36:3d:db:26:97:fc:3c:b6:58:26:f6:68:
f3:c9:eb:e9:16:48:d4:87:9b:7a:73:60:78:f5:30:e5:c4:09:
99:30:ab:ed:bc:1e:ae:52:51:72:c9:64:a1:35:0e:16:f8:d3:
2e:e4:0e:7b:a0:3d:99:ca:36:0b:f1:27:14:0b:a3:cc:14:37:
2b:f5:98:af:10:85:10:79:be:9e:ee:2e:a8:b8:6b:68:0b:f8:
1b:69:e2:8a:50:5f:e5:ed:f9:2a:b0:c9:89:65:71:47:8b:7b:
1f:0f:01:16:b3:bf:d9:61:1f:2a:46:ff:e0:ff:77:16:ae:2a:
83:5b:cc:01:eb:db:20:70:b0:de:95:93:04:3c:c8:63:fb:b4:
04:dc:e7:c0:0a:db:20:9c:8a:34:d7:e3:7b:ae:0e:78:8a:f1:
06:a1:3c:be:3d:94:b2:7c:68:f9:15:7f:10:34:bb:84:dd:f7:
75:c5:83:05
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJZXXUEJwGaiz+gnKuU0XayBrGSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjhaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0MmFkNTk5Y2FiYmI1OGViMjRkY2ZlYjQxNTBjYmJhOTY4NjRhYWNkMzFj
NmQ0ZTMyOTViMmM5OTQ0MjViYWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJwXTWKmAXXaI5w8uv0dG2pJ/LXrHOPdUu5uGOO9gyR0xfi+vENvy34RUXl
sR3+dUtORtO2W4VqKdASBxGfR4XNvh5UGhqhLJ3IUfW7HsGeYjADxXT/Ckn2wT5s
6/to0IN2vyhVoM1I6t++BeOFqXEmL3ET/wKA85bY0/HNRmgF2WN4JAziuZ9fFyAA
8155yGTWR9Om7TvqcZqoHPRjcXcwAwZl3v7xePl9a95AaWXFYRD6ViRS6Ie0SGBO
4FoFnSfeTK37FSys35xu3gHPrGnoR5P4Cn1Qe30xo4RjV26vJiSPsxau8JLzYq1e
jLY2oKapBbZMx4PM+lA3LRRQqvMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSR/c5u
lItwNSffPwZ7ZZPsqsh34TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQC67NzFrs08dSgKGxp/5zTXB7NqUHQEnssdWAjuMPXU
M6sEKLhUZ+wVI7cEBUqNhctY/YVnbX1vd5+r+DwMTGI8i4gZboeFPXDMLE8RCHc2
Pdsml/w8tlgm9mjzyevpFkjUh5t6c2B49TDlxAmZMKvtvB6uUlFyyWShNQ4W+NMu
5A57oD2ZyjYL8ScUC6PMFDcr9ZivEIUQeb6e7i6ouGtoC/gbaeKKUF/l7fkqsMmJ
ZXFHi3sfDwEWs7/ZYR8qRv/g/3cWriqDW8wB69sgcLDelZMEPMhj+7QE3OfACtsg
nIo01+N7rg54ivEGoTy+PZSyfGj5FX8QNLuE3fd1xYMF
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:34:11 2025 by rpki-client