Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
File: fd04a54b-459a-491a-a013-59d0ed55825f.roa (raw, json)
Hash identifier: 6qpQrEgy/qVPxj9QnGeeJc9LfiU+T1e4ecC/bjCIH94=
Subject key identifier: 39:8B:A0:8F:55:84:A2:49:43:41:E8:36:C6:AB:63:6D:25:61:E1:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 048FD158F77ED6C71089C44FD038527BF9ACAB4C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
Signing time: Tue 20 May 2025 20:40:08 +0000
ROA not before: Tue 20 May 2025 20:40:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:8f:d1:58:f7:7e:d6:c7:10:89:c4:4f:d0:38:52:7b:f9:ac:ab:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=339eb268cd7efd0f55240605a0067788953d23306a9485312aa44454240a63cb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:49:d1:79:8b:4c:81:1a:18:4f:38:95:83:3e:
1f:90:cc:9a:37:f5:01:f1:69:87:90:65:1e:56:2e:
f9:1f:48:df:fb:73:9b:a3:4b:33:be:44:44:e9:d0:
ad:95:49:11:fb:0e:da:3d:63:dd:45:6e:db:68:ea:
04:08:1b:e1:9a:e8:80:e9:3a:4e:ad:37:7a:25:fa:
88:3f:49:a7:55:d9:c4:ff:9b:ec:eb:44:fd:61:77:
f5:45:77:06:71:49:99:32:31:a2:ed:34:1e:1b:1d:
35:98:86:ef:07:63:82:ae:1f:6a:78:5b:0e:06:c0:
ec:6a:b5:34:b3:92:92:cd:f0:5f:4f:1a:91:ce:61:
01:00:6a:7a:be:34:c7:5d:dd:75:84:77:ae:1d:10:
0a:bf:57:81:9e:12:eb:f2:d6:fb:6f:b4:d2:6d:8f:
e1:89:2a:da:d8:1c:47:4b:46:fc:f1:a5:49:1a:df:
33:a9:bc:d8:f1:f8:f6:48:97:16:f0:1d:f5:d2:43:
0a:21:dc:64:0d:ea:51:a2:8b:c5:84:a9:2b:b1:d3:
52:b7:bd:c2:33:f1:c4:c7:9d:fe:9f:01:1a:30:be:
87:7f:e3:fe:5a:86:72:79:9d:6f:33:bd:2a:9c:c7:
5c:c8:9b:97:11:80:b6:b4:d3:66:f1:3b:b9:85:78:
23:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8B:A0:8F:55:84:A2:49:43:41:E8:36:C6:AB:63:6D:25:61:E1:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:c9:50:6b:30:c0:1a:b2:91:4b:52:89:6a:75:9f:d3:5f:a7:
88:ed:dd:87:05:dd:e2:41:50:5e:ad:23:ef:be:46:fc:e0:ef:
f2:5f:af:df:98:d8:4d:57:01:72:5c:b6:9a:69:9b:12:ff:ad:
5a:f7:21:d6:d7:d1:c0:98:69:d2:88:17:b9:3e:15:2b:b1:4a:
52:2f:84:04:be:8b:37:c9:da:62:34:71:44:28:83:e0:f7:1c:
b3:a3:c9:56:ee:c5:09:bb:18:dc:30:69:63:84:87:a5:57:07:
ca:d6:fc:d2:b7:92:37:84:00:d4:ea:86:1d:a2:37:63:ba:6c:
53:ff:e6:d1:f4:2d:1f:86:90:10:9e:4e:88:e2:2e:90:08:23:
16:f7:78:59:de:0b:ca:db:4a:ee:58:53:f8:b6:7b:89:ce:16:
bf:7a:cd:97:71:57:75:bd:38:48:ff:62:46:c8:8a:d9:d4:b8:
34:e4:59:ba:4e:42:8e:49:bd:6c:29:1f:f4:73:dc:c1:4d:c1:
94:4a:2f:a5:03:8a:1d:97:95:5b:59:24:5f:37:71:56:19:1e:
22:d2:63:97:57:d2:a0:85:10:f7:bb:8b:9c:e2:57:0e:a3:39:
cc:c1:41:79:9f:23:52:bb:a1:d3:c0:e9:67:8e:98:11:91:de:
c5:bf:d8:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBI/RWPd+1scQicRP0DhSe/msq0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzOWViMjY4Y2Q3ZWZkMGY1NTI0MDYwNWEwMDY3Nzg4OTUzZDIzMzA2YTk0
ODUzMTJhYTQ0NDU0MjQwYTYzY2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNJ0XmLTIEaGE84lYM+H5DMmjf1AfFph5BlHlYu+R9I3/tzm6NLM75EROnQ
rZVJEfsO2j1j3UVu22jqBAgb4ZrogOk6Tq03eiX6iD9Jp1XZxP+b7OtE/WF39UV3
BnFJmTIxou00HhsdNZiG7wdjgq4fanhbDgbA7Gq1NLOSks3wX08akc5hAQBqer40
x13ddYR3rh0QCr9XgZ4S6/LW+2+00m2P4Ykq2tgcR0tG/PGlSRrfM6m82PH49kiX
FvAd9dJDCiHcZA3qUaKLxYSpK7HTUre9wjPxxMed/p8BGjC+h3/j/lqGcnmdbzO9
KpzHXMiblxGAtrTTZvE7uYV4I3sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5i6CP
VYSiSUNB6DbGq2NtJWHhbzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmQwNGE1NGItNDU5YS00OTFhLWEwMTMtNTlkMGVkNTU4MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQAwyVBrMMAaspFLUolqdZ/TX6eI7d2HBd3iQVBerSPv
vkb84O/yX6/fmNhNVwFyXLaaaZsS/61a9yHW19HAmGnSiBe5PhUrsUpSL4QEvos3
ydpiNHFEKIPg9xyzo8lW7sUJuxjcMGljhIelVwfK1vzSt5I3hADU6oYdojdjumxT
/+bR9C0fhpAQnk6I4i6QCCMW93hZ3gvK20ruWFP4tnuJzha/es2XcVd1vThI/2JG
yIrZ1Lg05Fm6TkKOSb1sKR/0c9zBTcGUSi+lA4odl5VbWSRfN3FWGR4i0mOXV9Kg
hRD3u4uc4lcOoznMwUF5nyNSu6HTwOlnjpgRkd7Fv9jF
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:38 2025 by rpki-client