Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: 6bL5/tWiWowkdPLWXOxnj4gxmQXlLaSFWsGBLP0Y4Qw=
Subject key identifier: 9A:F4:7D:7D:36:AB:3D:9B:37:FA:DF:34:D4:43:E9:E6:1E:33:4A:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AD005B790BB0EE73B8859E782D134C7640A99FE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Tue 20 May 2025 20:50:48 +0000
ROA not before: Tue 20 May 2025 20:50:48 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:d0:05:b7:90:bb:0e:e7:3b:88:59:e7:82:d1:34:c7:64:0a:99:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:48 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5a852d64aaec8f4bb2f5cec66b5e2047310e02de4ac0f250d682e0432c5274ab, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3c:e5:45:d6:41:23:cb:ba:3a:ff:a1:12:a1:
2e:93:a9:c3:1a:b6:f0:a2:ef:1f:8b:2e:2e:4d:74:
c9:28:a3:6d:a9:6b:bf:fc:8f:25:38:6d:57:85:79:
fa:5c:b8:99:9b:2e:5f:c6:18:a6:37:a8:ef:58:97:
06:21:e3:ce:59:e5:57:f1:d8:17:8d:6a:2c:5c:b1:
42:b5:75:a3:58:4b:bf:27:b6:cc:15:b2:cc:aa:2c:
15:a6:cf:41:9c:bc:e9:46:62:9f:8d:a6:6a:67:0b:
01:4d:15:0f:55:85:a3:d5:67:ec:66:98:c7:9e:0b:
8d:59:b6:9a:3b:15:c7:71:2e:d7:52:43:bb:72:e5:
c3:e6:c3:af:46:ea:ec:f7:87:ff:2b:e5:fa:0a:cd:
6a:80:7f:42:e4:3e:e7:ff:87:a7:84:e9:b6:71:e1:
4c:95:7d:c0:cc:1c:c2:cc:a2:05:ad:a6:01:54:ca:
a6:db:16:29:34:ee:55:35:f9:17:6e:e5:ce:99:8f:
8d:6e:08:2d:ee:6a:ea:a9:1e:db:a1:0d:bc:55:23:
3e:c5:35:53:0a:ce:2c:16:86:e3:71:ac:a0:c5:95:
da:12:6f:98:d2:82:95:04:78:89:dd:59:47:f7:bb:
0c:91:02:3a:98:ae:f6:8a:51:26:b8:4b:ce:28:d0:
5d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F4:7D:7D:36:AB:3D:9B:37:FA:DF:34:D4:43:E9:E6:1E:33:4A:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:6e:57:8e:d1:30:92:bc:62:04:0f:81:fb:fd:88:b8:ac:e4:
1c:2e:8e:5e:73:6a:cf:5c:5f:80:ee:d2:22:80:fb:2f:37:95:
72:1c:3a:2b:b8:a0:62:0e:05:0b:41:89:d2:68:78:16:a0:17:
2c:f8:81:a9:29:5b:8d:72:01:dc:dc:ae:f0:99:0f:42:24:2e:
44:a6:77:d2:01:05:38:72:76:ed:f0:cc:fe:99:7a:b6:8d:17:
5d:61:a9:4d:e1:fb:9a:90:a1:40:1f:98:c0:17:9c:45:f5:fd:
32:20:f4:07:8e:9b:04:26:5c:46:1d:50:46:69:86:2a:7c:08:
1d:97:3f:65:12:d4:d1:09:c9:c6:c7:78:29:c4:41:3e:38:aa:
bc:d2:04:62:56:bf:6d:b1:ad:6e:3f:a7:85:05:cf:c6:60:c8:
29:44:09:c1:6d:52:2c:e8:07:26:42:c9:1f:b8:8d:d0:8a:ec:
7d:b6:e6:79:d2:ac:99:14:ed:1d:59:82:37:2b:b4:50:a0:c2:
a5:1d:77:b9:36:b4:49:b0:2e:0c:8e:32:2a:d3:a1:75:e7:65:
31:dc:9e:33:bf:5a:ec:90:76:cc:ff:be:01:e2:ba:f8:97:14:
c6:df:b3:24:70:cc:c2:e0:9a:1a:40:35:28:66:1a:cb:9e:2a:
e6:6b:b6:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWtAFt5C7Duc7iFnngtE0x2QKmf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhODUyZDY0YWFlYzhmNGJiMmY1Y2VjNjZiNWUyMDQ3MzEwZTAyZGU0YWMw
ZjI1MGQ2ODJlMDQzMmM1Mjc0YWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQ85UXWQSPLujr/oRKhLpOpwxq28KLvH4suLk10ySijbalrv/yPJThtV4V5
+ly4mZsuX8YYpjeo71iXBiHjzlnlV/HYF41qLFyxQrV1o1hLvye2zBWyzKosFabP
QZy86UZin42mamcLAU0VD1WFo9Vn7GaYx54LjVm2mjsVx3Eu11JDu3Llw+bDr0bq
7PeH/yvl+grNaoB/QuQ+5/+Hp4TptnHhTJV9wMwcwsyiBa2mAVTKptsWKTTuVTX5
F27lzpmPjW4ILe5q6qke26ENvFUjPsU1UwrOLBaG43GsoMWV2hJvmNKClQR4id1Z
R/e7DJECOpiu9opRJrhLzijQXVUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSa9H19
Nqs9mzf63zTUQ+nmHjNK+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQAubleO0TCSvGIED4H7/Yi4rOQcLo5ec2rPXF+A7tIi
gPsvN5VyHDoruKBiDgULQYnSaHgWoBcs+IGpKVuNcgHc3K7wmQ9CJC5EpnfSAQU4
cnbt8Mz+mXq2jRddYalN4fuakKFAH5jAF5xF9f0yIPQHjpsEJlxGHVBGaYYqfAgd
lz9lEtTRCcnGx3gpxEE+OKq80gRiVr9tsa1uP6eFBc/GYMgpRAnBbVIs6AcmQskf
uI3Qiux9tuZ50qyZFO0dWYI3K7RQoMKlHXe5NrRJsC4MjjIq06F152Ux3J4zv1rs
kHbM/74B4rr4lxTG37MkcMzC4JoaQDUoZhrLnirma7Yj
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:34 2025 by rpki-client