Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: +gS7ERT/qIXgt7v89lGIwIqRkiulaVnLg1U+5w53aEM=
Subject key identifier: 81:FF:5A:AC:5E:31:7F:92:DE:D4:E2:00:20:70:58:72:B0:A3:06:A4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51976FC34A530B38D7F9BAA209A6CE96D3E5AF3F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Fri 23 May 2025 00:50:16 +0000
ROA not before: Fri 23 May 2025 00:50:16 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:97:6f:c3:4a:53:0b:38:d7:f9:ba:a2:09:a6:ce:96:d3:e5:af:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:16 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=b93b996b025844512cc5c4aa16e5330557c4baacb672d915afc68b84efca19ae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bc:82:46:6a:61:e8:ee:18:49:1a:d5:43:d8:
00:c0:1b:8c:a8:72:84:1b:94:ab:91:98:0c:7f:b2:
e0:32:9c:e0:43:14:c2:b0:48:fa:23:b1:11:50:a1:
21:49:e7:07:de:da:8d:61:4e:5c:b9:aa:d2:4b:9a:
86:15:f3:0d:92:82:5f:1d:4d:fa:af:74:80:72:f3:
3b:ea:c1:a3:0b:f1:21:cd:9f:4a:6f:3a:1a:3a:52:
52:3b:f3:ed:53:5e:45:4e:1c:9b:60:94:d1:4c:9b:
4c:99:34:06:60:9f:db:27:31:32:32:3a:af:e2:fe:
d4:30:12:f9:54:e8:d2:45:15:b7:7f:ab:45:7d:82:
8e:0d:9f:03:f4:3e:e9:b9:da:e1:dd:b6:7c:8b:6d:
b1:5f:27:00:bc:e3:a5:cb:cc:5d:05:ec:38:fb:2c:
40:dd:a4:a8:fb:d5:2e:01:58:b8:16:d3:fc:9d:5d:
62:a3:86:e0:1a:a7:f2:f0:55:60:15:85:fa:b3:1f:
f6:29:c0:d0:e2:5b:fd:69:a9:0f:14:6e:0f:48:dc:
87:58:93:99:68:ae:a7:fb:55:5d:3c:78:fc:f3:e0:
45:50:f8:48:71:c9:13:3d:cc:9d:85:17:56:f4:a5:
0f:47:da:50:e3:fc:95:57:d4:3d:e7:46:a5:c9:51:
66:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FF:5A:AC:5E:31:7F:92:DE:D4:E2:00:20:70:58:72:B0:A3:06:A4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:dc:89:67:d0:a2:44:08:41:17:27:dd:81:b3:2f:ef:7c:2c:
7a:1e:09:5e:21:33:c9:07:fe:a2:00:0d:6f:b7:8f:da:75:16:
02:c1:c5:fe:d8:ff:12:d0:2a:93:bb:55:5d:dd:0e:51:e2:a2:
f8:c4:b2:b7:09:bb:e5:ea:ba:0e:cb:4c:a7:0e:a3:58:0f:0c:
30:68:ca:33:56:ee:0c:ef:e7:22:c1:d2:41:ee:9e:7b:72:10:
af:56:94:3d:c7:be:3c:f6:82:61:13:c5:a8:af:84:c4:7e:9d:
13:05:8a:46:0e:35:07:cb:df:ae:3a:2d:d2:6b:74:53:94:38:
e4:4e:07:d4:cd:b3:ca:01:48:2b:c1:b8:d3:bd:16:ec:f9:e1:
ed:5c:ea:55:38:c6:f3:93:b8:9f:f1:80:77:bf:85:c7:71:47:
22:86:4e:b9:1d:d0:33:1e:7c:63:a6:54:b6:bd:29:78:0c:ca:
41:f5:87:5a:db:5b:fe:f3:73:da:36:ea:1c:17:be:59:2e:93:
9c:43:02:8a:5f:28:7b:5a:0b:d8:d0:b7:20:5e:1e:b4:a0:e3:
2c:22:7e:eb:ea:66:61:06:c9:5e:30:87:a2:a1:fc:0e:91:d5:
f5:1f:bb:f9:9d:5b:e6:01:2f:f1:59:b8:b8:01:98:ff:74:e1:
05:2e:73:5c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUZdvw0pTCzjX+bqiCabOltPlrz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTZaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5M2I5OTZiMDI1ODQ0NTEyY2M1YzRhYTE2ZTUzMzA1NTdjNGJhYWNiNjcy
ZDkxNWFmYzY4Yjg0ZWZjYTE5YWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJy8gkZqYejuGEka1UPYAMAbjKhyhBuUq5GYDH+y4DKc4EMUwrBI+iOxEVCh
IUnnB97ajWFOXLmq0kuahhXzDZKCXx1N+q90gHLzO+rBowvxIc2fSm86GjpSUjvz
7VNeRU4cm2CU0UybTJk0BmCf2ycxMjI6r+L+1DAS+VTo0kUVt3+rRX2Cjg2fA/Q+
6bna4d22fIttsV8nALzjpcvMXQXsOPssQN2kqPvVLgFYuBbT/J1dYqOG4Bqn8vBV
YBWF+rMf9inA0OJb/WmpDxRuD0jch1iTmWiup/tVXTx4/PPgRVD4SHHJEz3MnYUX
VvSlD0faUOP8lVfUPedGpclRZjcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSB/1qs
XjF/kt7U4gAgcFhysKMGpDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAjNyJZ9CiRAhBFyfdgbMv73wseh4JXiEzyQf+ogAN
b7eP2nUWAsHF/tj/EtAqk7tVXd0OUeKi+MSytwm75eq6DstMpw6jWA8MMGjKM1bu
DO/nIsHSQe6ee3IQr1aUPce+PPaCYRPFqK+ExH6dEwWKRg41B8vfrjot0mt0U5Q4
5E4H1M2zygFIK8G4070W7Pnh7VzqVTjG85O4n/GAd7+Fx3FHIoZOuR3QMx58Y6ZU
tr0peAzKQfWHWttb/vNz2jbqHBe+WS6TnEMCil8oe1oL2NC3IF4etKDjLCJ+6+pm
YQbJXjCHoqH8DpHV9R+7+Z1b5gEv8Vm4uAGY/3ThBS5zXA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:29:59 2025 by rpki-client