Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
File: c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa (raw, json)
Hash identifier: cY+0H3VQs/DHzoyLrSj8KVGQcX7LweijyjPDZWy90YA=
Subject key identifier: FB:83:E8:02:57:D6:7B:CA:04:55:7F:54:8B:86:68:B3:E7:F1:01:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0EC0D2CF43EA468730100A13E7A12B271FC39CB9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
Signing time: Fri 23 May 2025 00:50:58 +0000
ROA not before: Fri 23 May 2025 00:50:58 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:c0:d2:cf:43:ea:46:87:30:10:0a:13:e7:a1:2b:27:1f:c3:9c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:58 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=892e1578e4bc39e9b61016f5eeff9bead89a5d580c35a5f701f4ac8c8fe4f5ee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:27:60:f6:c0:ed:d1:37:bd:25:40:bc:84:e9:
bc:32:7d:ee:cb:86:40:72:be:81:63:3b:12:e3:3d:
eb:b2:57:79:8a:bf:41:05:27:bb:10:40:80:18:f0:
2e:ec:f5:74:5a:a3:38:d9:63:d6:83:a5:01:af:df:
c0:88:e8:aa:5c:9f:d9:6f:fa:29:78:a9:ef:ab:b3:
24:a6:37:04:5b:bc:4c:ef:cb:27:53:e3:af:03:a9:
0c:24:b3:46:77:10:89:33:a6:de:fc:f9:18:de:73:
f4:54:2b:b4:a8:4e:31:e7:fd:d6:7b:1e:98:b3:25:
c0:92:ab:98:2c:54:8c:4f:de:68:b6:02:97:eb:80:
2f:68:78:28:f5:be:d0:7c:40:df:41:1e:5b:06:f4:
9b:37:5e:10:be:7f:12:ec:7e:1a:1f:9d:42:29:f4:
ad:6a:ae:63:03:86:3f:16:ef:7c:64:e3:2e:f0:30:
be:a6:57:a2:66:44:ca:c1:9e:d8:7b:c0:05:5a:e2:
c4:91:19:07:90:4f:ae:71:fc:ce:32:48:fb:93:ae:
89:12:00:d4:a6:1b:e2:e8:5b:44:98:36:50:49:de:
58:d8:c7:0e:16:d5:6b:e1:59:50:88:07:d7:07:2b:
9e:33:58:26:79:dd:6b:a3:6a:83:5a:34:f3:0e:66:
3d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:83:E8:02:57:D6:7B:CA:04:55:7F:54:8B:86:68:B3:E7:F1:01:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.238.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:e5:13:8b:23:24:b0:e6:54:c5:b3:9b:1a:71:e5:bb:59:81:
c0:f1:b3:15:03:36:1e:f7:a2:79:a8:83:1f:f4:c6:4b:dc:cc:
4e:da:17:15:d8:13:a6:54:e1:e2:c1:3a:fd:16:c3:1a:de:a4:
f9:b1:a1:7a:84:9d:88:35:c7:f1:2b:27:0f:b3:a0:cd:f5:9c:
87:b6:04:27:06:20:55:04:71:0c:a2:b7:d9:c2:f2:87:43:79:
a1:ce:67:01:23:5a:7d:1a:1d:c1:0b:67:09:8d:8a:2e:78:61:
73:6a:f0:cc:3b:fa:e1:e7:3c:87:e5:93:51:80:84:35:93:17:
00:73:8a:a0:67:23:7a:3a:c4:1c:56:f8:17:7e:ee:a8:47:da:
49:98:27:1d:e1:fb:9b:d1:55:21:82:88:57:65:0d:01:cc:de:
58:0e:38:83:30:f6:a6:d1:73:45:66:54:d7:7d:1a:6c:cd:c5:
2e:da:ed:01:a1:94:15:10:16:47:30:b4:e8:74:de:2b:b1:d0:
df:28:7b:72:91:a6:f9:d6:c2:fc:ad:37:28:1d:df:b1:2a:c8:
20:da:97:1e:3f:c0:8d:93:02:9e:33:a3:19:fb:5f:d4:05:cd:
8c:60:1e:43:21:99:33:73:2c:33:26:a5:1c:86:a2:2b:fb:fa:
04:19:f4:6f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDsDSz0PqRocwEAoT56ErJx/DnLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwNThaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MmUxNTc4ZTRiYzM5ZTliNjEwMTZmNWVlZmY5YmVhZDg5YTVkNTgwYzM1
YTVmNzAxZjRhYzhjOGZlNGY1ZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYnYPbA7dE3vSVAvITpvDJ97suGQHK+gWM7EuM967JXeYq/QQUnuxBAgBjw
Luz1dFqjONlj1oOlAa/fwIjoqlyf2W/6KXip76uzJKY3BFu8TO/LJ1PjrwOpDCSz
RncQiTOm3vz5GN5z9FQrtKhOMef91nsemLMlwJKrmCxUjE/eaLYCl+uAL2h4KPW+
0HxA30EeWwb0mzdeEL5/Eux+Gh+dQin0rWquYwOGPxbvfGTjLvAwvqZXomZEysGe
2HvABVrixJEZB5BPrnH8zjJI+5OuiRIA1KYb4uhbRJg2UEneWNjHDhbVa+FZUIgH
1wcrnjNYJnnda6Nqg1o08w5mPc0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT7g+gC
V9Z7ygRVf1SLhmiz5/EBhDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzhmZDhjNDQtNzUxNC00MGU2LTkxOTgtZTBiNmUzN2I0YzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQ7jAN
BgkqhkiG9w0BAQsFAAOCAQEAxuUTiyMksOZUxbObGnHlu1mBwPGzFQM2HveieaiD
H/TGS9zMTtoXFdgTplTh4sE6/RbDGt6k+bGheoSdiDXH8SsnD7OgzfWch7YEJwYg
VQRxDKK32cLyh0N5oc5nASNafRodwQtnCY2KLnhhc2rwzDv64ec8h+WTUYCENZMX
AHOKoGcjejrEHFb4F37uqEfaSZgnHeH7m9FVIYKIV2UNAczeWA44gzD2ptFzRWZU
130abM3FLtrtAaGUFRAWRzC06HTeK7HQ3yh7cpGm+dbC/K03KB3fsSrIINqXHj/A
jZMCnjOjGftf1AXNjGAeQyGZM3MsMyalHIaiK/v6BBn0bw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:51:47 2025 by rpki-client