Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: Oa+XH9N5zq+FDgBQBZORAlORRWFT1ZYSMbiMJAzmYXk=
Subject key identifier: 68:92:7C:6E:9F:B1:C4:13:F3:6A:61:9A:49:50:8D:C6:1F:9A:3B:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6D76057BD745E9A0C6CDFCA6651DF0FA9B146A51
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Tue 20 May 2025 20:40:51 +0000
ROA not before: Tue 20 May 2025 20:40:51 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:76:05:7b:d7:45:e9:a0:c6:cd:fc:a6:65:1d:f0:fa:9b:14:6a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:51 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b69927ab1aa951dd7f240001fa7cea7c4d7b7ead3046b72a1e2ef4fef41a4380, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:52:4f:3c:4f:7d:13:84:31:6c:96:7d:93:7b:
d4:4d:ae:5a:e9:74:8e:a4:77:ce:06:20:ad:8f:03:
bb:dc:c0:05:94:fc:e9:e7:81:28:d9:41:a9:8b:27:
4b:41:51:91:ca:b0:5d:17:3b:2d:ba:19:63:1a:90:
d4:a2:9c:7f:f2:a3:8c:d6:44:45:37:da:38:99:47:
d9:3e:f9:16:15:49:70:43:63:c1:da:49:9b:dc:91:
51:ee:6f:17:29:c9:4d:3e:98:29:ca:0b:39:68:61:
93:cf:d0:2f:d8:54:d9:97:75:8c:29:0e:12:27:f5:
49:ce:1c:3c:16:10:21:e1:38:6d:15:34:f9:26:65:
32:fc:bf:34:5f:e1:c0:03:73:09:4b:5f:ff:e5:f8:
26:30:b3:3b:5f:34:0d:e3:57:f3:59:62:ae:ba:42:
c0:41:56:b5:e0:33:1a:a2:09:d2:f5:13:8d:d6:87:
3c:9e:e2:9e:39:90:5f:51:a4:48:2f:e8:66:12:b0:
a9:7c:90:67:a9:0b:b2:2b:d7:de:ad:3e:04:ee:54:
f8:6b:ce:37:b5:fe:bb:87:7c:b6:32:a6:06:32:a0:
de:f9:b8:92:28:aa:06:13:c0:42:b7:00:f7:07:a9:
01:4a:ab:3d:e6:0e:53:ff:0f:93:02:be:fc:15:78:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:92:7C:6E:9F:B1:C4:13:F3:6A:61:9A:49:50:8D:C6:1F:9A:3B:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:c5:88:41:81:85:51:5a:3b:36:f1:25:0c:c5:46:0c:7c:ba:
3d:ca:05:ce:45:f0:4b:f7:e2:d9:f6:13:9a:25:f1:08:9f:53:
e0:4d:22:72:8e:4d:0a:71:7c:1a:e0:f6:cf:9a:ec:a9:2d:f1:
e0:42:45:00:4d:3c:51:6b:6f:f3:b6:93:46:ca:c5:4b:9f:1c:
83:06:9a:ec:0f:e2:4b:41:23:e7:75:5c:cd:ed:4f:bd:53:2c:
fc:98:f5:d1:d0:92:b0:5a:81:1f:82:48:ab:a0:cc:2e:93:60:
e6:bc:a5:98:67:62:95:04:12:ee:02:d3:ef:f4:5e:05:c1:dd:
36:2c:0b:85:f0:40:34:7e:fb:18:c7:fe:fb:fe:9a:df:af:a3:
d9:bc:18:6f:ab:18:38:23:dd:8c:97:56:6f:b2:be:38:01:3a:
39:3e:b9:f5:2f:ac:b2:85:a7:12:a6:ed:b4:54:fa:f1:76:9a:
fc:6c:78:fa:9e:9e:d8:e8:11:0a:53:5a:0f:55:02:a1:6e:af:
9d:23:cf:9d:19:2d:7d:99:28:56:d5:5c:40:2a:e7:7c:6f:56:
d3:aa:d4:90:55:26:d8:c0:69:f7:9a:a1:6a:7c:6a:0b:48:9c:
ea:90:e0:fb:0b:da:ec:c1:c2:00:e8:8a:9c:6b:1c:cb:cd:e7:
bb:f3:99:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbXYFe9dF6aDGzfymZR3w+psUalEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNTFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2OTkyN2FiMWFhOTUxZGQ3ZjI0MDAwMWZhN2NlYTdjNGQ3YjdlYWQzMDQ2
YjcyYTFlMmVmNGZlZjQxYTQzODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNSTzxPfROEMWyWfZN71E2uWul0jqR3zgYgrY8Du9zABZT86eeBKNlBqYsn
S0FRkcqwXRc7LboZYxqQ1KKcf/KjjNZERTfaOJlH2T75FhVJcENjwdpJm9yRUe5v
FynJTT6YKcoLOWhhk8/QL9hU2Zd1jCkOEif1Sc4cPBYQIeE4bRU0+SZlMvy/NF/h
wANzCUtf/+X4JjCzO180DeNX81lirrpCwEFWteAzGqIJ0vUTjdaHPJ7injmQX1Gk
SC/oZhKwqXyQZ6kLsivX3q0+BO5U+GvON7X+u4d8tjKmBjKg3vm4kiiqBhPAQrcA
9wepAUqrPeYOU/8PkwK+/BV4n+ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRoknxu
n7HEE/NqYZpJUI3GH5o7eDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQASxYhBgYVRWjs28SUMxUYMfLo9ygXORfBL9+LZ9hOa
JfEIn1PgTSJyjk0KcXwa4PbPmuypLfHgQkUATTxRa2/ztpNGysVLnxyDBprsD+JL
QSPndVzN7U+9Uyz8mPXR0JKwWoEfgkiroMwuk2DmvKWYZ2KVBBLuAtPv9F4Fwd02
LAuF8EA0fvsYx/77/prfr6PZvBhvqxg4I92Ml1Zvsr44ATo5Prn1L6yyhacSpu20
VPrxdpr8bHj6np7Y6BEKU1oPVQKhbq+dI8+dGS19mShW1VxAKud8b1bTqtSQVSbY
wGn3mqFqfGoLSJzqkOD7C9rswcIA6IqcaxzLzee785mC
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:56:59 2025 by rpki-client