Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
File: 226b8c83-9647-47e2-847b-1787f3d54040.roa (raw, json)
Hash identifier: LiM28GElF9Culf+0yoFwj0Gb+5fvuBaEtxnj7ZHa9wg=
Subject key identifier: 30:0A:05:B7:C3:3D:E1:36:C0:D7:D5:AF:D5:17:D3:27:A6:A4:9F:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E8DC2CC5A4FF098D928DE8D4F03C79F5F9EB72B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
Signing time: Fri 23 May 2025 00:51:16 +0000
ROA not before: Fri 23 May 2025 00:51:16 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.94.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:8d:c2:cc:5a:4f:f0:98:d9:28:de:8d:4f:03:c7:9f:5f:9e:b7:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:16 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=4dc66220cfd53902ce0e8739335c113d1520f97cee97fca7474899943a28f92c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1d:20:15:bc:cf:da:ba:a2:e8:6d:9b:eb:da:
09:33:c8:bb:9e:b4:0f:0e:22:08:ef:4f:54:9d:10:
12:31:34:84:9d:28:ad:be:5b:cf:fa:eb:15:d7:81:
43:b6:18:e6:ef:df:bd:d0:24:7c:cf:6f:a9:79:1c:
c4:9b:6d:aa:2a:fd:89:dc:00:bc:2f:2a:14:28:21:
05:8d:22:04:a2:20:fa:16:53:e1:41:2b:1b:27:9a:
9e:15:91:e2:06:a9:af:f1:de:08:2c:79:a6:c8:8c:
96:b0:ca:71:ef:5a:a1:ff:1f:f3:16:08:7b:bb:8f:
c0:b1:c9:c7:d7:62:e1:54:26:7b:56:96:bc:ba:8c:
1f:6a:24:c8:1e:06:08:e5:08:ce:13:3e:ce:f3:be:
b2:f2:d4:78:64:67:a3:54:a5:8b:85:7a:95:de:23:
43:70:46:37:ea:77:f8:3f:aa:0d:4d:16:0b:81:3b:
cc:2e:cb:4e:82:9c:e6:b6:37:fe:03:db:12:d7:69:
a2:92:77:43:0b:6f:c1:fa:f8:88:57:96:39:f4:bc:
c8:d8:56:9d:8d:de:c8:8a:d2:40:6d:8e:33:e3:cd:
50:cb:73:5d:45:df:1a:c2:9e:51:30:b5:e6:0a:06:
28:33:06:15:91:87:c2:fe:5c:6e:d5:c7:a6:b7:15:
67:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0A:05:B7:C3:3D:E1:36:C0:D7:D5:AF:D5:17:D3:27:A6:A4:9F:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.94.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c2:89:20:27:46:12:71:35:9f:fb:37:59:f0:d5:61:8a:24:31:
60:34:0f:65:13:81:bb:0a:84:e6:51:0a:c6:84:fc:c2:c7:52:
a4:89:62:0a:9f:e2:91:f7:a3:13:78:1d:84:ce:a9:c3:45:03:
4b:46:d2:83:e4:3e:97:67:7d:0e:ee:85:9f:21:c2:df:ff:cc:
f6:2f:ca:4d:9f:17:8a:6c:95:2e:41:c6:94:db:94:8d:9f:6e:
f8:0b:67:db:57:a8:27:a6:c5:a1:05:2f:e9:7b:5f:02:06:d4:
13:03:65:62:ef:c6:de:d2:d0:ca:03:0b:8b:d8:e1:d2:72:fb:
c0:84:ae:07:ad:4a:76:8d:c1:93:8e:7b:9b:32:6c:2d:fa:0f:
c3:f2:08:c6:87:b6:10:8b:4d:c5:4a:a7:a0:80:16:79:a7:10:
74:bb:ae:0b:0e:74:09:3f:66:42:38:9c:d9:9d:71:9d:d9:7e:
fe:5f:b0:d6:de:dc:10:e8:6a:3f:2c:20:be:27:54:a0:12:19:
43:7d:07:b7:79:fb:42:19:59:9a:64:a4:ff:b2:1e:68:e3:9a:
6e:aa:98:27:0a:b4:03:3a:dd:19:34:65:a9:cd:9d:d6:bf:7e:
14:6f:72:49:95:12:fb:a7:c2:3e:e9:5b:da:11:d9:d5:06:a0:
90:46:18:f3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbo3CzFpP8JjZKN6NTwPHn1+etyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMTZaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkYzY2MjIwY2ZkNTM5MDJjZTBlODczOTMzNWMxMTNkMTUyMGY5N2NlZTk3
ZmNhNzQ3NDg5OTk0M2EyOGY5MmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAdIBW8z9q6ouhtm+vaCTPIu560Dw4iCO9PVJ0QEjE0hJ0orb5bz/rrFdeB
Q7YY5u/fvdAkfM9vqXkcxJttqir9idwAvC8qFCghBY0iBKIg+hZT4UErGyeanhWR
4gapr/HeCCx5psiMlrDKce9aof8f8xYIe7uPwLHJx9di4VQme1aWvLqMH2okyB4G
COUIzhM+zvO+svLUeGRno1Sli4V6ld4jQ3BGN+p3+D+qDU0WC4E7zC7LToKc5rY3
/gPbEtdpopJ3Qwtvwfr4iFeWOfS8yNhWnY3eyIrSQG2OM+PNUMtzXUXfGsKeUTC1
5goGKDMGFZGHwv5cbtXHprcVZ30CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQwCgW3
wz3hNsDX1a/VF9MnpqSfZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjI2YjhjODMtOTY0Ny00N2UyLTg0N2ItMTc4N2YzZDU0MDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNeMA0G
CSqGSIb3DQEBCwUAA4IBAQDCiSAnRhJxNZ/7N1nw1WGKJDFgNA9lE4G7CoTmUQrG
hPzCx1KkiWIKn+KR96MTeB2EzqnDRQNLRtKD5D6XZ30O7oWfIcLf/8z2L8pNnxeK
bJUuQcaU25SNn274C2fbV6gnpsWhBS/pe18CBtQTA2Vi78be0tDKAwuL2OHScvvA
hK4HrUp2jcGTjnubMmwt+g/D8gjGh7YQi03FSqeggBZ5pxB0u64LDnQJP2ZCOJzZ
nXGd2X7+X7DW3twQ6Go/LCC+J1SgEhlDfQe3eftCGVmaZKT/sh5o45puqpgnCrQD
Ot0ZNGWpzZ3Wv34Ub3JJlRL7p8I+6VvaEdnVBqCQRhjz
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:12:00 2025 by rpki-client