Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: opOHYJoK8e2k25xZld2IcNpj8m3DbjW8ZW63m6REAzs=
Subject key identifier: 1D:6A:3D:F4:E1:DD:E6:A1:AC:5E:EB:C1:DE:3F:49:E1:86:2A:50:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18B45D7340FB80369055E4ABBFFFA87B7065F638
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Tue 20 May 2025 20:40:06 +0000
ROA not before: Tue 20 May 2025 20:40:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:b4:5d:73:40:fb:80:36:90:55:e4:ab:bf:ff:a8:7b:70:65:f6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8fee50a29775073009ce1c277fc49ee64065e326ca06cfa120013e017f8fc728, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0f:1e:f6:fa:8a:92:28:8c:9d:9c:d2:ab:b6:
52:69:0b:69:3e:a6:7f:29:6d:76:d1:4b:fb:6b:d6:
d8:08:35:5e:2e:82:ca:ce:da:e0:7c:7f:7c:2b:40:
ac:c8:31:5b:cf:57:0c:04:f0:a0:c2:e4:b3:0d:51:
52:47:20:73:eb:0c:f1:89:f1:36:22:e3:62:7a:9c:
1a:1e:56:e4:1c:5b:c6:9c:ea:f0:c5:9b:58:aa:0b:
32:42:76:8b:6a:3a:33:52:bc:a5:06:c3:fc:dd:a5:
a1:14:0d:62:bf:5b:3e:82:65:27:e9:64:43:55:42:
c4:2c:bf:9f:38:9f:7a:82:12:b2:24:26:4d:83:d7:
87:81:8b:83:54:64:d2:33:1f:28:65:cd:ee:f2:51:
e0:7a:1a:c8:b6:d6:52:23:46:be:6b:bd:5f:bb:9e:
76:2e:eb:b9:3b:cb:56:54:9c:9b:8d:f0:66:d8:81:
fd:f9:c8:b2:82:75:11:5d:eb:64:a5:7b:cc:06:49:
42:9e:cd:20:b7:b6:64:68:bb:d2:1f:0a:ac:80:4e:
51:18:a6:92:e6:63:91:af:b4:b6:58:34:ee:75:bf:
e0:99:d5:de:88:71:65:e9:13:98:db:67:1e:33:ff:
a3:b8:11:82:20:65:94:b7:2e:d7:a7:e1:54:40:11:
2c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6A:3D:F4:E1:DD:E6:A1:AC:5E:EB:C1:DE:3F:49:E1:86:2A:50:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:d2:2b:81:7a:16:78:4b:22:72:41:45:43:06:90:e2:99:26:
3a:0f:77:06:3f:30:89:47:fa:6b:62:7f:a3:8f:81:58:0a:b8:
c0:5b:4e:f6:75:0d:f2:6e:bc:2b:4f:f1:33:64:d8:54:a8:f4:
f3:e9:73:30:fb:f4:c5:d1:0c:08:b0:a8:a4:fc:bf:a0:b6:59:
56:d4:67:8d:b0:4a:01:fb:68:c9:a5:a3:71:66:6f:9f:32:34:
5d:ec:a4:9c:09:e1:fc:6c:d7:7a:38:1f:99:bf:89:f4:cd:3c:
31:b9:bd:e4:58:c0:e7:e5:92:fc:63:ad:d1:3b:1d:a8:c6:db:
c9:5b:80:53:c2:ce:1f:65:59:f9:76:24:4b:41:20:19:3c:b4:
56:9d:56:4d:68:63:05:07:99:af:a0:1f:f3:52:0c:13:10:4d:
17:8e:c7:ef:8b:b2:70:53:7e:63:78:74:9c:22:cc:7e:0e:9c:
78:88:29:d4:b9:f7:82:d5:52:0f:11:a0:b8:3f:bc:27:aa:09:
26:52:3a:14:e5:fd:83:5b:26:d0:a7:18:ae:e8:65:70:4c:7c:
63:4b:85:3d:81:6b:df:7e:1f:c0:2a:f5:6f:fd:b6:7d:a4:48:
42:b2:10:4e:f5:ec:f1:0b:91:ea:a6:a8:a6:a3:55:5d:1f:5f:
3f:8a:77:5c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGLRdc0D7gDaQVeSrv/+oe3Bl9jgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmZWU1MGEyOTc3NTA3MzAwOWNlMWMyNzdmYzQ5ZWU2NDA2NWUzMjZjYTA2
Y2ZhMTIwMDEzZTAxN2Y4ZmM3MjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYPHvb6ipIojJ2c0qu2UmkLaT6mfyltdtFL+2vW2Ag1Xi6Cys7a4Hx/fCtA
rMgxW89XDATwoMLksw1RUkcgc+sM8YnxNiLjYnqcGh5W5Bxbxpzq8MWbWKoLMkJ2
i2o6M1K8pQbD/N2loRQNYr9bPoJlJ+lkQ1VCxCy/nzifeoISsiQmTYPXh4GLg1Rk
0jMfKGXN7vJR4HoayLbWUiNGvmu9X7uedi7ruTvLVlScm43wZtiB/fnIsoJ1EV3r
ZKV7zAZJQp7NILe2ZGi70h8KrIBOURimkuZjka+0tlg07nW/4JnV3ohxZekTmNtn
HjP/o7gRgiBllLcu16fhVEARLKcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQdaj30
4d3moaxe68HeP0nhhipQcjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQCA0iuBehZ4SyJyQUVDBpDimSY6D3cGPzCJR/prYn+j
j4FYCrjAW072dQ3ybrwrT/EzZNhUqPTz6XMw+/TF0QwIsKik/L+gtllW1GeNsEoB
+2jJpaNxZm+fMjRd7KScCeH8bNd6OB+Zv4n0zTwxub3kWMDn5ZL8Y63ROx2oxtvJ
W4BTws4fZVn5diRLQSAZPLRWnVZNaGMFB5mvoB/zUgwTEE0Xjsfvi7JwU35jeHSc
Isx+Dpx4iCnUufeC1VIPEaC4P7wnqgkmUjoU5f2DWybQpxiu6GVwTHxjS4U9gWvf
fh/AKvVv/bZ9pEhCshBO9ezxC5Hqpqimo1VdH18/indc
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:41 2025 by rpki-client