Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: qpVTDZoKlS0ZJhMT5W3PtbFXDUeJPCC2Ia9lwpEG+o8=
Subject key identifier: 59:E7:0A:94:5C:A5:9D:18:46:29:50:71:EB:CE:DA:F0:ED:05:11:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C64916968E59433B55D5CBF8146251111E15C4C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Tue 20 May 2025 20:40:12 +0000
ROA not before: Tue 20 May 2025 20:40:12 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:64:91:69:68:e5:94:33:b5:5d:5c:bf:81:46:25:11:11:e1:5c:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:12 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=fd0f4d438c8714ebfff3c8b7e79f10567077760a3203eef1a5b476fe230121ae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7a:82:cc:52:ca:2e:7e:5d:39:13:fb:2a:b6:
97:c0:8b:1f:fd:5a:51:11:2d:d7:b1:c3:29:ef:aa:
69:94:1f:13:1c:39:12:cf:73:97:e4:66:46:6e:12:
6c:b1:74:f1:a2:d5:74:71:f3:97:b9:f3:f2:b9:35:
ab:5e:75:e3:69:bf:f5:40:2f:50:84:71:0a:fa:63:
06:c4:0a:b1:22:66:c1:18:fc:e6:fd:0f:78:94:80:
16:88:3d:5f:bd:93:b6:5d:8a:47:c3:6e:0f:af:f1:
b7:bb:99:84:fb:f9:2b:68:4f:98:9e:3f:ee:fd:dd:
de:8d:0e:34:a2:dc:dc:14:c0:38:28:7f:de:8a:5f:
eb:39:92:91:9b:a8:6b:be:4c:c9:1e:cc:47:82:d0:
68:d7:67:62:c0:0a:3e:df:7b:f5:b7:57:15:8f:78:
93:f9:20:e0:97:da:29:43:0f:4c:70:b5:26:0e:7d:
24:1e:35:0b:60:bc:30:0b:1c:8f:5d:35:16:a6:38:
17:6c:ae:ab:69:a7:cc:5e:13:91:02:96:cc:5f:74:
b2:d5:e8:71:99:17:f5:97:9f:06:74:88:4f:24:12:
7e:9f:83:cd:fa:98:55:9b:0b:c4:99:a8:9d:82:29:
1f:8f:a5:de:e6:9e:c7:4b:5a:60:85:2f:39:a4:6a:
fb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E7:0A:94:5C:A5:9D:18:46:29:50:71:EB:CE:DA:F0:ED:05:11:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:4f:43:bc:64:2d:04:cb:20:67:85:08:04:05:4c:64:a0:56:
53:43:72:0c:8d:30:a2:20:62:69:7f:66:61:55:1e:8d:f0:da:
29:1d:c5:ce:48:a5:8f:7c:d6:5b:63:16:ef:9e:0c:bf:a8:2f:
2d:ed:d5:18:1d:64:ae:a8:2b:ff:d9:5d:e2:11:31:5d:a4:5c:
7b:62:7d:25:ff:52:64:70:9f:12:f8:46:ce:9b:7f:fe:44:d2:
c8:70:d2:f0:6d:c3:91:fc:49:13:b5:03:0e:00:8b:f8:d9:b9:
40:cc:0a:da:23:c0:66:6f:59:ef:be:03:ce:e6:08:07:84:a8:
ae:c2:ea:55:55:73:3c:0a:a8:8b:db:60:51:90:12:ad:31:42:
b0:a8:7a:a6:dd:eb:f2:af:32:9f:a3:8b:85:11:56:b4:53:e5:
60:d7:f1:1f:a9:57:bd:51:d6:7c:13:0b:c6:06:ff:10:cd:85:
24:47:9c:30:ed:16:71:fe:54:ae:d8:c6:d9:8c:ae:4d:65:d7:
70:86:82:9b:bb:28:35:bc:e7:a9:1c:dd:be:99:bf:14:04:2f:
b3:04:ca:96:3d:2b:d6:90:97:a9:73:70:ec:67:67:59:c2:a3:
31:d4:42:df:77:05:44:a1:1a:1d:5f:98:20:b1:c8:6d:70:8c:
85:ba:3b:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTGSRaWjllDO1XVy/gUYlERHhXEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMGY0ZDQzOGM4NzE0ZWJmZmYzYzhiN2U3OWYxMDU2NzA3Nzc2MGEzMjAz
ZWVmMWE1YjQ3NmZlMjMwMTIxYWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKR6gsxSyi5+XTkT+yq2l8CLH/1aUREt17HDKe+qaZQfExw5Es9zl+RmRm4S
bLF08aLVdHHzl7nz8rk1q15142m/9UAvUIRxCvpjBsQKsSJmwRj85v0PeJSAFog9
X72Ttl2KR8NuD6/xt7uZhPv5K2hPmJ4/7v3d3o0ONKLc3BTAOCh/3opf6zmSkZuo
a75MyR7MR4LQaNdnYsAKPt979bdXFY94k/kg4JfaKUMPTHC1Jg59JB41C2C8MAsc
j101FqY4F2yuq2mnzF4TkQKWzF90stXocZkX9ZefBnSITyQSfp+DzfqYVZsLxJmo
nYIpH4+l3uaex0taYIUvOaRq+xUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZ5wqU
XKWdGEYpUHHrztrw7QURtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQCbT0O8ZC0EyyBnhQgEBUxkoFZTQ3IMjTCiIGJpf2Zh
VR6N8NopHcXOSKWPfNZbYxbvngy/qC8t7dUYHWSuqCv/2V3iETFdpFx7Yn0l/1Jk
cJ8S+EbOm3/+RNLIcNLwbcOR/EkTtQMOAIv42blAzAraI8Bmb1nvvgPO5ggHhKiu
wupVVXM8CqiL22BRkBKtMUKwqHqm3evyrzKfo4uFEVa0U+Vg1/EfqVe9UdZ8EwvG
Bv8QzYUkR5ww7RZx/lSu2MbZjK5NZddwhoKbuyg1vOepHN2+mb8UBC+zBMqWPSvW
kJepc3DsZ2dZwqMx1ELfdwVEoRodX5ggschtcIyFujs6
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:17 2025 by rpki-client