Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: RySc42ihiry3AvsH6SxSRLQ46rhuWgrTRN+hGrxTVV8=
Subject key identifier: BD:84:80:61:6D:E7:A9:CC:3F:A7:D0:F9:93:A6:E8:AE:BD:29:0E:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48C4A45ABF094707238C9A1AC55D7D456F23CC7F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Fri 23 May 2025 00:51:05 +0000
ROA not before: Fri 23 May 2025 00:51:05 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:c4:a4:5a:bf:09:47:07:23:8c:9a:1a:c5:5d:7d:45:6f:23:cc:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:05 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=10e7a141be73f9dee30aab2569e0d83d9ef841811966b7326e6866bba02620a6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b8:5c:4c:8f:18:ae:3d:bd:9d:3c:4d:19:1b:
bb:c7:31:cc:46:54:29:5b:3a:f6:cf:a8:2a:db:fa:
13:d2:f2:e9:5c:c4:5d:d1:68:d6:02:e5:b4:e6:00:
58:1d:b3:54:48:1f:bc:48:9c:93:20:1c:d2:72:48:
89:78:ea:2f:8e:d3:23:74:e8:d9:e0:8d:70:03:8d:
dc:c2:e0:40:6a:11:55:5e:72:82:af:8e:ed:c5:6d:
31:fb:11:2d:52:95:b1:11:d4:63:2a:13:9f:81:c1:
b4:bb:83:66:8e:da:34:b9:55:ee:2f:22:2f:0d:f0:
4e:f9:7b:63:44:cb:1d:67:af:8e:45:d1:0e:01:99:
68:f3:26:93:49:f9:07:5b:97:b0:66:f9:61:f5:71:
4b:0b:e2:cb:b9:0d:d8:56:e0:e8:c7:cb:37:16:e6:
eb:1e:f9:bb:e4:80:43:62:2e:96:f2:f6:05:31:80:
df:e0:50:d1:a0:49:fc:48:33:48:ac:f9:01:4c:7b:
0c:da:c9:24:de:65:df:93:65:3e:4c:74:54:2f:69:
23:6e:0a:4f:23:fe:82:8c:68:68:0b:b9:45:cc:18:
63:22:d5:a3:5b:36:72:89:03:30:56:31:b4:49:8b:
54:62:b6:f9:fa:74:eb:04:cf:4a:b6:98:26:cc:d8:
5e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:84:80:61:6D:E7:A9:CC:3F:A7:D0:F9:93:A6:E8:AE:BD:29:0E:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
61:a3:b0:f9:db:49:f5:ed:74:73:e0:63:21:bb:2e:78:03:86:
09:97:25:56:2e:b2:b6:52:e1:36:65:eb:80:84:70:fd:ce:89:
54:ea:af:fe:79:1f:d2:c0:62:51:52:3d:00:95:02:b6:6c:9e:
d4:75:6c:b7:3c:d0:09:61:31:ab:75:a0:6d:20:a5:3f:bb:f9:
ad:25:15:03:f9:6d:d8:59:09:69:56:0b:9c:03:d4:77:d1:3e:
28:5e:35:2c:3b:7f:5f:64:0b:0f:79:eb:81:cf:ff:df:e3:b0:
4c:9e:72:0e:da:70:5f:0e:39:7a:c5:8f:eb:5f:5a:d2:a7:74:
a3:7a:ee:85:59:08:f1:9b:f4:7b:3c:41:95:96:41:2c:bf:92:
a7:6c:3e:7c:bf:66:1b:ab:64:40:94:6a:da:49:02:09:ae:8b:
53:68:8c:94:59:cd:2b:16:a4:94:2c:34:81:26:a3:83:33:87:
35:02:40:59:75:ee:e0:e6:41:04:65:ba:0c:90:2d:84:98:bb:
19:6c:d8:96:06:10:37:f7:42:45:9c:45:78:72:4f:eb:14:9d:
b0:77:d5:83:9d:72:23:6c:a3:e6:06:ef:02:b2:36:75:22:c5:
63:bc:04:e8:a5:2b:b3:fa:7b:e9:ed:b0:5d:a0:d6:f7:0d:13:
fb:a5:be:80
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSMSkWr8JRwcjjJoaxV19RW8jzH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMDVaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwZTdhMTQxYmU3M2Y5ZGVlMzBhYWIyNTY5ZTBkODNkOWVmODQxODExOTY2
YjczMjZlNjg2NmJiYTAyNjIwYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq4XEyPGK49vZ08TRkbu8cxzEZUKVs69s+oKtv6E9Ly6VzEXdFo1gLltOYA
WB2zVEgfvEickyAc0nJIiXjqL47TI3To2eCNcAON3MLgQGoRVV5ygq+O7cVtMfsR
LVKVsRHUYyoTn4HBtLuDZo7aNLlV7i8iLw3wTvl7Y0TLHWevjkXRDgGZaPMmk0n5
B1uXsGb5YfVxSwviy7kN2Fbg6MfLNxbm6x75u+SAQ2IulvL2BTGA3+BQ0aBJ/Egz
SKz5AUx7DNrJJN5l35NlPkx0VC9pI24KTyP+goxoaAu5RcwYYyLVo1s2cokDMFYx
tEmLVGK2+fp06wTPSraYJszYXu8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS9hIBh
beepzD+n0PmTpuiuvSkOzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQBho7D520n17XRz4GMhuy54A4YJlyVWLrK2UuE2ZeuA
hHD9zolU6q/+eR/SwGJRUj0AlQK2bJ7UdWy3PNAJYTGrdaBtIKU/u/mtJRUD+W3Y
WQlpVgucA9R30T4oXjUsO39fZAsPeeuBz//f47BMnnIO2nBfDjl6xY/rX1rSp3Sj
eu6FWQjxm/R7PEGVlkEsv5KnbD58v2Ybq2RAlGraSQIJrotTaIyUWc0rFqSULDSB
JqODM4c1AkBZde7g5kEEZboMkC2EmLsZbNiWBhA390JFnEV4ck/rFJ2wd9WDnXIj
bKPmBu8CsjZ1IsVjvATopSuz+nvp7bBdoNb3DRP7pb6A
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:44 2025 by rpki-client