Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
File: b39e8644-b3a5-4477-b7b6-d340235a9010.roa (raw, json)
Hash identifier: xXuDuQftMqZl3kidskss3WfxvApn6NFZ80tRGIa5KeQ=
Subject key identifier: 33:BB:A2:06:8F:60:0F:68:F3:1E:E8:64:27:6F:E3:ED:98:0B:57:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0CCED98BACE89E58E7DE0706B6264DBF3496459C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
Signing time: Tue 10 Jun 2025 17:30:06 +0000
ROA not before: Tue 10 Jun 2025 17:30:06 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:ce:d9:8b:ac:e8:9e:58:e7:de:07:06:b6:26:4d:bf:34:96:45:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 17:30:06 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=e32d9e2d483df35d7042249080948c8020430f54c7cb9ae2ece511fe532cc1d3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a7:b6:01:e5:e9:22:b2:7d:75:94:2a:da:82:
5d:3b:08:c4:88:6b:51:2e:e6:b9:30:59:8f:19:36:
68:4b:7f:74:58:37:b6:f6:a2:a8:57:95:b2:b3:39:
c8:28:0a:eb:3b:65:b7:c3:f2:a2:f2:60:70:9a:f2:
3c:7a:b1:86:6a:40:8c:2a:7a:2d:a7:97:19:8e:15:
56:46:b9:71:97:71:e2:a4:d3:87:f7:2e:5c:da:8f:
fc:e1:96:14:6f:dd:a4:cc:c8:56:f0:a4:0c:96:78:
da:ba:bd:97:a0:12:5c:5d:f2:1a:f9:76:d8:f2:8d:
f7:ed:b4:05:8f:a6:4b:b2:4a:55:bb:72:34:0c:c7:
cb:71:f0:ec:97:1e:44:46:9b:ee:93:19:5b:12:b5:
3b:3a:7f:1b:b2:eb:35:50:f2:e8:80:de:7b:e1:bf:
1b:92:ec:f7:bd:bc:99:e9:45:25:f6:5c:fe:f9:56:
28:72:e5:92:8b:84:0d:10:4b:a7:f7:f5:df:f7:f0:
b9:ac:3a:27:bd:b1:60:be:81:e9:54:78:46:ba:95:
ee:75:4e:74:96:11:1a:ec:8f:b2:26:53:2f:49:4e:
9f:66:10:89:d0:db:b6:c7:c4:37:7b:57:1f:ee:00:
36:ba:21:b3:9c:28:31:c5:ca:9d:b3:3f:26:b1:7b:
4c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BB:A2:06:8F:60:0F:68:F3:1E:E8:64:27:6F:E3:ED:98:0B:57:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ab:18:14:0a:0f:10:56:d0:0e:4b:d0:ab:eb:f3:0c:0d:dc:94:
cc:2c:25:20:e5:d7:c5:15:df:a8:0d:9a:ae:2b:bc:35:ee:4a:
f6:04:d4:54:bc:d4:f9:46:ca:57:69:db:94:4a:07:3d:7a:c8:
ac:82:14:33:9c:1f:bc:01:d3:4d:72:bf:98:31:82:f5:f6:5b:
f4:61:d4:48:64:21:7c:04:2f:e0:68:7a:9c:36:b5:ab:31:7f:
8f:60:92:17:91:84:4f:73:43:4c:c7:3d:e3:46:38:9f:e7:98:
68:a4:bf:bc:a6:6e:c3:9b:b8:3b:f7:62:55:98:0c:44:7f:1f:
32:3e:87:c3:ff:38:31:f5:0a:ac:e6:63:17:5b:47:56:42:26:
82:e4:11:b5:c5:0b:31:dd:d8:e8:85:93:60:97:3e:3a:85:37:
10:c4:90:78:7d:95:0f:cc:11:ad:19:4e:fa:93:f0:b9:b0:97:
7f:c5:9c:be:d6:8f:fe:d5:14:b8:38:e8:89:8c:c8:ce:53:d9:
60:11:aa:00:e9:bf:a7:2b:3a:9b:84:15:15:1a:f3:7e:30:12:
d9:e0:87:62:a9:7f:51:63:80:b0:ee:ea:b8:26:a6:bc:f7:52:
01:ae:d1:fd:e6:4e:b5:98:a7:d3:ef:5a:e6:b3:3c:e8:2d:2f:
1e:bc:0a:a9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDM7Zi6zonljn3gcGtiZNvzSWRZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTAxNzMwMDZaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMmQ5ZTJkNDgzZGYzNWQ3MDQyMjQ5MDgwOTQ4YzgwMjA0MzBmNTRjN2Ni
OWFlMmVjZTUxMWZlNTMyY2MxZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6ntgHl6SKyfXWUKtqCXTsIxIhrUS7muTBZjxk2aEt/dFg3tvaiqFeVsrM5
yCgK6ztlt8PyovJgcJryPHqxhmpAjCp6LaeXGY4VVka5cZdx4qTTh/cuXNqP/OGW
FG/dpMzIVvCkDJZ42rq9l6ASXF3yGvl22PKN9+20BY+mS7JKVbtyNAzHy3Hw7Jce
REab7pMZWxK1Ozp/G7LrNVDy6IDee+G/G5Ls9728melFJfZc/vlWKHLlkouEDRBL
p/f13/fwuaw6J72xYL6B6VR4RrqV7nVOdJYRGuyPsiZTL0lOn2YQidDbtsfEN3tX
H+4ANrohs5woMcXKnbM/JrF7TPkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQzu6IG
j2APaPMe6GQnb+PtmAtXWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjM5ZTg2NDQtYjNhNS00NDc3LWI3YjYtZDM0MDIzNWE5MDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQCrGBQKDxBW0A5L0Kvr8wwN3JTMLCUg5dfFFd+oDZqu
K7w17kr2BNRUvNT5RspXaduUSgc9esisghQznB+8AdNNcr+YMYL19lv0YdRIZCF8
BC/gaHqcNrWrMX+PYJIXkYRPc0NMxz3jRjif55hopL+8pm7Dm7g792JVmAxEfx8y
PofD/zgx9Qqs5mMXW0dWQiaC5BG1xQsx3djohZNglz46hTcQxJB4fZUPzBGtGU76
k/C5sJd/xZy+1o/+1RS4OOiJjMjOU9lgEaoA6b+nKzqbhBUVGvN+MBLZ4IdiqX9R
Y4Cw7uq4Jqa891IBrtH95k61mKfT71rmszzoLS8evAqp
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:52:54 2025 by rpki-client