Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json)
Hash identifier: wr3p5RqAwxwo28BBO7snQ1RgJGSlZe+9KdT0zt/S10E=
Subject key identifier: 6E:A5:41:A6:4E:B0:96:45:AA:D0:BA:D0:49:F1:42:09:A3:D0:81:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3CAB53329D09E6702635E10C9E9FE59E78C6EFFF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
Signing time: Fri 23 May 2025 00:51:00 +0000
ROA not before: Fri 23 May 2025 00:51:00 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:ab:53:32:9d:09:e6:70:26:35:e1:0c:9e:9f:e5:9e:78:c6:ef:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:00 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=03802dbee41d453e07bae4d276fdf955d8a259db4ce73bc0f7242913e50baa39, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c5:72:be:62:c3:ff:4e:40:1f:33:30:3c:c7:
64:24:b8:09:cc:be:9f:26:36:2f:04:1f:78:49:d0:
85:9a:d1:27:ce:01:c7:3d:62:01:ce:97:ff:86:e6:
f8:57:65:b4:a1:aa:2c:78:8b:c4:d8:15:15:bb:ad:
d4:94:9b:70:de:31:7a:a4:13:ec:bd:c6:e3:fc:20:
f8:a3:92:bb:f6:c3:2c:c5:cd:89:c8:36:0f:d5:45:
49:3f:37:71:db:88:20:d2:8a:bb:d7:b3:2c:9a:0d:
82:cc:1e:00:0a:f8:49:23:7f:00:29:45:92:5c:bd:
9c:a4:55:59:b9:ac:56:02:5b:89:70:53:2f:a4:6e:
f9:41:96:6a:c6:c0:90:4d:8b:41:bf:86:03:a4:da:
82:e4:2f:f8:ac:a5:35:41:af:48:ac:d3:aa:b8:fa:
ad:35:3e:c7:f6:3f:4f:3f:84:32:65:fc:e0:0a:ce:
1f:58:bf:d4:1b:45:17:44:85:39:5d:e4:ef:16:4a:
8a:83:0a:63:c4:c9:8e:97:cf:93:8a:f7:c3:7d:5f:
b7:d1:43:ec:ce:45:bc:dc:55:73:e1:a6:c2:c3:b8:
c6:fa:ae:0c:1e:1c:98:16:6b:ed:a8:44:8b:da:a0:
c0:67:5e:71:81:e2:88:48:10:f5:19:74:97:d6:c7:
40:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A5:41:A6:4E:B0:96:45:AA:D0:BA:D0:49:F1:42:09:A3:D0:81:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.240.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:7f:14:c0:cf:ff:61:d7:19:94:ec:dc:85:06:42:ef:44:d6:
6b:84:67:c8:bd:f2:fe:8f:8c:f3:31:e0:03:da:34:1a:ad:c1:
52:3f:e4:f6:4d:96:56:57:51:13:c5:08:30:80:95:33:bc:98:
8b:16:37:b8:9a:a9:4f:4d:55:ef:a1:ff:28:94:1e:6e:a3:12:
41:71:9b:54:1c:be:3c:33:4c:ae:c4:11:d3:e1:e9:07:8d:87:
49:54:ab:e7:ae:07:fc:1f:19:d6:01:34:51:22:bc:25:94:86:
59:ad:71:3f:2d:5c:6b:b3:1a:ac:64:99:ea:5a:92:44:ec:00:
ef:a6:73:0f:97:75:d0:02:f1:31:57:59:51:ef:68:71:3a:65:
be:0e:6e:28:57:5b:d1:08:e1:25:2d:2d:5b:23:79:ba:31:29:
85:70:47:56:45:ba:3f:63:c7:c0:44:49:a5:75:2c:2c:88:2a:
3a:71:a8:49:50:8d:ac:19:08:95:06:a2:3b:c8:8e:17:95:f4:
77:2b:4e:bb:34:c2:e3:2d:0f:75:16:98:3c:83:ba:9a:e0:83:
b3:2d:8f:2f:06:f0:5c:f6:e5:07:fe:eb:21:c2:c5:5f:9e:65:
8f:f0:d5:6d:0a:02:f5:93:6d:c2:b8:6f:02:e1:df:32:df:a1:
c6:ee:7f:5b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPKtTMp0J5nAmNeEMnp/lnnjG7/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMDBaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzODAyZGJlZTQxZDQ1M2UwN2JhZTRkMjc2ZmRmOTU1ZDhhMjU5ZGI0Y2U3
M2JjMGY3MjQyOTEzZTUwYmFhMzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrFcr5iw/9OQB8zMDzHZCS4Ccy+nyY2LwQfeEnQhZrRJ84Bxz1iAc6X/4bm
+FdltKGqLHiLxNgVFbut1JSbcN4xeqQT7L3G4/wg+KOSu/bDLMXNicg2D9VFST83
cduIINKKu9ezLJoNgsweAAr4SSN/AClFkly9nKRVWbmsVgJbiXBTL6Ru+UGWasbA
kE2LQb+GA6TaguQv+KylNUGvSKzTqrj6rTU+x/Y/Tz+EMmX84ArOH1i/1BtFF0SF
OV3k7xZKioMKY8TJjpfPk4r3w31ft9FD7M5FvNxVc+GmwsO4xvquDB4cmBZr7ahE
i9qgwGdecYHiiEgQ9Rl0l9bHQKMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRupUGm
TrCWRarQutBJ8UIJo9CBbzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN
BgkqhkiG9w0BAQsFAAOCAQEAw38UwM//YdcZlOzchQZC70TWa4RnyL3y/o+M8zHg
A9o0Gq3BUj/k9k2WVldRE8UIMICVM7yYixY3uJqpT01V76H/KJQebqMSQXGbVBy+
PDNMrsQR0+HpB42HSVSr564H/B8Z1gE0USK8JZSGWa1xPy1ca7MarGSZ6lqSROwA
76ZzD5d10ALxMVdZUe9ocTplvg5uKFdb0QjhJS0tWyN5ujEphXBHVkW6P2PHwERJ
pXUsLIgqOnGoSVCNrBkIlQaiO8iOF5X0dytOuzTC4y0PdRaYPIO6muCDsy2PLwbw
XPblB/7rIcLFX55lj/DVbQoC9ZNtwrhvAuHfMt+hxu5/Ww==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:06 2025 by rpki-client