Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: L+YDNPyE687+sCuyumE8iwzorIeQR6kjptAxQouK0GQ=
Subject key identifier: 49:70:EC:7B:D8:3F:CC:AF:20:0A:C0:82:D7:84:DE:9D:17:79:20:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21FB94DD8D474E51C6FDCC4C1861471065670F10
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Tue 20 May 2025 20:50:42 +0000
ROA not before: Tue 20 May 2025 20:50:42 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:fb:94:dd:8d:47:4e:51:c6:fd:cc:4c:18:61:47:10:65:67:0f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:42 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c995d5c889639d5d0f54dddf366f235cfd9031d44e9c5e5e0c2f9d4bd4cd03a9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:75:34:75:f5:5a:d8:2e:a6:e8:16:f6:2c:5b:
e7:cc:c2:be:a1:e1:6c:84:43:67:94:ac:d3:2e:14:
79:31:5b:26:75:49:44:a2:27:7a:8f:95:4c:d9:4e:
f1:63:c8:39:f6:da:b1:45:d1:9a:74:c2:4e:fe:2d:
ad:9e:6b:aa:f3:bf:51:bc:4f:bb:99:1d:74:19:11:
4d:dd:22:c9:d2:87:15:7d:d1:c1:dd:9e:d2:fc:7f:
43:f0:db:e5:43:39:22:a4:74:0f:c2:28:2b:f8:cc:
06:49:36:7f:b8:e8:d8:89:e6:b9:12:97:31:87:23:
b0:14:cf:14:f3:59:17:5d:aa:28:71:0d:e5:3d:81:
09:84:30:d1:75:3a:c3:d2:98:99:dd:e2:a4:74:7d:
e3:72:b1:d0:b8:22:af:bb:8b:8c:80:9d:d8:8b:aa:
ef:66:b2:c3:bb:01:46:10:e7:6e:a9:99:21:b6:42:
af:6a:c5:11:f8:d6:1d:43:55:c3:97:6c:5b:0d:be:
f8:e4:cc:d8:f0:d3:7b:41:13:b4:f6:9b:c5:1e:c9:
1a:04:49:4a:8d:6c:85:1e:0a:57:18:3c:77:f8:12:
bf:0d:da:31:26:00:f9:0d:e8:8e:6e:49:3a:dc:1b:
39:18:61:9b:83:46:52:b7:db:b1:86:51:74:cd:58:
84:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:70:EC:7B:D8:3F:CC:AF:20:0A:C0:82:D7:84:DE:9D:17:79:20:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5a:ef:90:e3:c0:a3:8c:81:6a:a9:6d:cc:77:ec:8e:e9:3a:75:
1a:87:f1:1f:13:07:33:84:b0:c1:73:f1:f5:ac:7e:57:b6:88:
d9:f2:c0:bc:02:eb:59:08:f8:d1:b6:35:a4:7e:b0:0b:09:77:
e5:c7:9c:19:68:79:ed:aa:6e:14:c1:45:51:3e:3c:46:39:24:
00:11:68:49:ec:f6:36:d8:89:a0:89:b4:43:72:99:bd:74:36:
9c:15:5f:50:33:2e:74:1b:5c:8e:63:38:91:01:ef:ef:65:e6:
d1:67:8c:f7:9c:65:17:97:3e:27:d5:50:ce:03:8d:3a:86:44:
6d:69:d6:e8:29:64:15:2f:f4:65:cd:32:e0:49:0d:ab:72:0a:
a1:64:41:63:6c:c2:ef:de:a4:9b:e2:c0:83:99:dc:98:f9:81:
a0:0d:95:22:a8:52:91:3f:0d:48:db:b5:a7:64:0b:cc:1c:15:
af:f3:e1:d9:71:18:37:9b:6b:59:cb:76:ee:77:77:c2:27:13:
d7:ad:a1:8c:d7:b2:1e:aa:4a:61:67:02:f4:70:1a:b8:5d:b3:
19:24:bf:a5:19:96:50:ed:ab:94:4e:b3:58:7c:28:a4:2f:75:
91:5c:1a:b2:0f:38:44:64:59:9c:84:ca:6b:fb:eb:d0:66:9d:
75:8c:57:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIfuU3Y1HTlHG/cxMGGFHEGVnDxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5OTVkNWM4ODk2MzlkNWQwZjU0ZGRkZjM2NmYyMzVjZmQ5MDMxZDQ0ZTlj
NWU1ZTBjMmY5ZDRiZDRjZDAzYTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAON1NHX1WtgupugW9ixb58zCvqHhbIRDZ5Ss0y4UeTFbJnVJRKIneo+VTNlO
8WPIOfbasUXRmnTCTv4trZ5rqvO/UbxPu5kddBkRTd0iydKHFX3Rwd2e0vx/Q/Db
5UM5IqR0D8IoK/jMBkk2f7jo2InmuRKXMYcjsBTPFPNZF12qKHEN5T2BCYQw0XU6
w9KYmd3ipHR943Kx0Lgir7uLjICd2Iuq72ayw7sBRhDnbqmZIbZCr2rFEfjWHUNV
w5dsWw2++OTM2PDTe0ETtPabxR7JGgRJSo1shR4KVxg8d/gSvw3aMSYA+Q3ojm5J
OtwbORhhm4NGUrfbsYZRdM1YhBkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRJcOx7
2D/MryAKwILXhN6dF3kgijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBa75DjwKOMgWqpbcx37I7pOnUah/EfEwczhLDBc/H1
rH5XtojZ8sC8AutZCPjRtjWkfrALCXflx5wZaHntqm4UwUVRPjxGOSQAEWhJ7PY2
2ImgibRDcpm9dDacFV9QMy50G1yOYziRAe/vZebRZ4z3nGUXlz4n1VDOA406hkRt
adboKWQVL/RlzTLgSQ2rcgqhZEFjbMLv3qSb4sCDmdyY+YGgDZUiqFKRPw1I27Wn
ZAvMHBWv8+HZcRg3m2tZy3bud3fCJxPXraGM17IeqkphZwL0cBq4XbMZJL+lGZZQ
7auUTrNYfCikL3WRXBqyDzhEZFmchMpr++vQZp11jFfh
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:29 2025 by rpki-client