Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: u8nLqCUYJf5mAirRdZ/9TRGGUj1d+9MyE/WGN7q4p/U=
Subject key identifier: D1:04:AE:25:60:FF:70:6E:62:B0:52:B7:84:5B:6C:10:06:E4:18:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5148AABD80C5F23FAFC5E247358E306FF4697B5A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Tue 20 May 2025 20:41:34 +0000
ROA not before: Tue 20 May 2025 20:41:34 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:48:aa:bd:80:c5:f2:3f:af:c5:e2:47:35:8e:30:6f:f4:69:7b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:34 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=01cd7fe4a6b5e058b514478ccb8cc80b54fcf0bee9ea27b1d42ebaef6caf4e27, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:95:58:6f:31:43:9f:00:23:1c:2e:6d:24:88:
c3:b3:af:b4:51:fd:3f:de:e9:a2:6f:60:ef:40:d1:
12:af:b1:db:66:fb:6b:fd:64:81:39:bf:cb:e0:78:
a5:62:27:48:6a:2d:73:75:a5:6c:50:30:32:73:f8:
fa:b5:1f:46:2e:c2:7b:6b:bb:cc:8f:29:3d:5b:0b:
82:60:b0:53:eb:ac:4d:09:7f:df:28:be:26:01:c7:
cb:cd:30:d0:be:1e:03:9a:66:b2:e0:87:34:75:55:
71:47:c8:99:76:92:94:44:f7:f2:ee:29:39:ef:b4:
58:bf:38:72:b0:4a:d9:bb:1d:c0:74:a3:41:56:c7:
0a:40:62:54:cd:f4:a9:53:cc:e7:47:15:6e:06:16:
3f:6a:71:d9:3c:7a:d7:c4:86:5b:2a:95:67:4b:64:
4e:51:8e:ba:97:d8:6b:e4:d2:e4:fb:f3:5a:f7:ec:
75:30:af:dc:e2:63:0c:bd:41:d6:3d:bb:b4:cd:10:
68:93:a5:75:87:f2:e2:e1:b4:3e:b8:47:2a:5d:30:
5b:15:0f:db:b2:4c:5d:c5:0c:29:9f:36:e5:ac:20:
86:ad:bb:00:b0:c1:d0:f3:9a:f1:d1:8f:6a:a9:7b:
ea:be:64:4a:4c:38:5d:16:08:d8:20:4f:9b:50:e6:
46:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:04:AE:25:60:FF:70:6E:62:B0:52:B7:84:5B:6C:10:06:E4:18:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:12:d3:e6:e8:40:fb:72:b6:e0:d6:8d:e5:62:48:73:19:e1:
79:b4:00:f5:49:c0:3d:79:bc:5e:d1:02:2e:6b:0e:28:fa:84:
16:84:05:a4:d1:7b:e6:07:20:fb:fb:87:3a:7c:6a:44:07:8f:
69:9f:61:b8:26:1a:54:b7:1e:53:a5:73:b8:1c:99:8a:36:70:
34:cb:39:e5:96:70:2e:e1:1c:f3:cd:01:85:f7:98:87:b2:4b:
19:52:01:71:73:f3:2b:93:53:21:a4:8c:f7:07:b5:ee:bf:cd:
a6:72:35:51:dd:46:57:0b:8c:d5:f1:0e:2b:7f:b2:5f:73:f3:
bf:1a:38:e6:2b:d3:9f:58:62:d3:96:55:25:6e:4b:d1:1a:ef:
b3:94:21:2c:23:b6:48:40:57:6f:42:f6:8a:93:41:eb:4e:26:
76:87:72:7c:7f:ac:0a:6a:aa:69:9b:7b:d1:b5:9e:e4:f8:86:
b2:d3:12:83:85:9a:06:dd:ae:6e:7e:09:45:52:56:0a:20:63:
65:80:b8:4a:bb:00:c5:03:d9:1d:b0:4f:9b:25:58:2a:98:6e:
ea:e2:53:7c:d3:4d:1f:d8:f9:ba:37:96:9c:1f:ab:43:cc:c6:
a5:9a:32:3d:68:c4:0c:c1:b0:2f:2a:84:1c:28:6e:53:06:f4:
2d:8c:55:89
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUUiqvYDF8j+vxeJHNY4wb/Rpe1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMzRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxY2Q3ZmU0YTZiNWUwNThiNTE0NDc4Y2NiOGNjODBiNTRmY2YwYmVlOWVh
MjdiMWQ0MmViYWVmNmNhZjRlMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPCVWG8xQ58AIxwubSSIw7OvtFH9P97pom9g70DREq+x22b7a/1kgTm/y+B4
pWInSGotc3WlbFAwMnP4+rUfRi7Ce2u7zI8pPVsLgmCwU+usTQl/3yi+JgHHy80w
0L4eA5pmsuCHNHVVcUfImXaSlET38u4pOe+0WL84crBK2bsdwHSjQVbHCkBiVM30
qVPM50cVbgYWP2px2Tx618SGWyqVZ0tkTlGOupfYa+TS5PvzWvfsdTCv3OJjDL1B
1j27tM0QaJOldYfy4uG0PrhHKl0wWxUP27JMXcUMKZ825awghq27ALDB0POa8dGP
aql76r5kSkw4XRYI2CBPm1DmRukCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTRBK4l
YP9wbmKwUreEW2wQBuQYajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQAlEtPm6ED7crbg1o3lYkhzGeF5tAD1ScA9ebxe0QIu
aw4o+oQWhAWk0XvmByD7+4c6fGpEB49pn2G4JhpUtx5TpXO4HJmKNnA0yznllnAu
4RzzzQGF95iHsksZUgFxc/Mrk1MhpIz3B7Xuv82mcjVR3UZXC4zV8Q4rf7Jfc/O/
GjjmK9OfWGLTllUlbkvRGu+zlCEsI7ZIQFdvQvaKk0HrTiZ2h3J8f6wKaqppm3vR
tZ7k+Iay0xKDhZoG3a5ufglFUlYKIGNlgLhKuwDFA9kdsE+bJVgqmG7q4lN8000f
2Pm6N5acH6tDzMalmjI9aMQMwbAvKoQcKG5TBvQtjFWJ
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:15:14 2025 by rpki-client