Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json)
Hash identifier: uA7p8cHkzo19UrVb4z5TkZZ97ETqy+FLOiiXL5MYnt0=
Subject key identifier: A6:48:76:80:73:55:EB:FF:1E:9F:BD:E4:E7:96:FC:3C:17:C2:E6:37
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44E65AFED86BE0DF3C8C613E4A14BF995E0310FF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
Signing time: Tue 20 May 2025 20:50:49 +0000
ROA not before: Tue 20 May 2025 20:50:49 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:e6:5a:fe:d8:6b:e0:df:3c:8c:61:3e:4a:14:bf:99:5e:03:10:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:49 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=99566ccd82cfb01c2d2272b529887614665fe5d54af233f515758c4a06ebb4b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f6:17:06:b1:a2:55:9a:6b:6e:30:93:a8:0f:
e5:93:7f:40:44:78:ac:95:f1:a5:10:11:d6:13:6c:
38:d2:fa:c1:d8:d6:2c:f1:64:e0:1e:5d:71:db:5f:
41:d0:4e:31:41:2c:e2:a4:dd:fd:d1:5c:95:34:90:
3b:07:9e:26:39:79:b1:59:af:7f:2f:88:7a:c1:e2:
b1:fd:27:f9:2e:3a:17:2f:48:91:3c:fd:9b:5a:96:
36:1f:79:5e:bf:87:2d:87:eb:14:d7:4d:ce:46:38:
69:b4:8f:e3:78:27:02:8d:88:41:69:69:8c:45:5e:
2a:a3:72:42:ab:db:ca:1b:78:e0:70:78:7a:35:ef:
2c:47:77:d0:e5:9c:ef:a2:d7:b1:5d:52:66:e1:80:
d1:5e:a0:07:4f:f4:e4:45:06:ef:91:30:33:a5:73:
f8:ec:6f:6e:d6:df:d0:2a:18:fd:7f:f3:d0:66:c0:
bd:ac:27:73:25:b2:6b:c8:48:ad:ae:5f:7c:0b:2c:
e3:f4:bf:44:8e:68:89:de:e1:b6:28:3a:ff:d5:28:
33:a5:83:14:4e:08:6c:55:0d:0e:0b:83:72:86:9d:
0c:fb:af:e9:d8:40:6c:90:5e:41:15:48:89:8f:8c:
18:30:c8:95:87:3f:19:af:d2:64:c2:22:9f:e2:7f:
88:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:48:76:80:73:55:EB:FF:1E:9F:BD:E4:E7:96:FC:3C:17:C2:E6:37
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6a:c1:ac:86:7a:bf:54:62:bb:17:b8:80:f9:35:cc:f2:6f:ea:
2a:29:bc:38:6d:8a:9c:85:4d:0d:1e:02:a3:bb:9c:2d:9c:51:
c5:d3:69:67:38:40:e0:d4:f6:02:7f:e9:80:db:23:90:d6:1f:
5c:30:eb:0b:ef:6e:4f:f2:28:ba:61:a0:66:8e:e2:fc:27:e6:
3b:f5:53:b1:cc:17:3b:e2:f3:ed:5f:34:db:bb:36:e1:87:1c:
7c:db:8b:a0:b6:49:03:af:33:fa:43:7d:35:2a:f3:0e:a0:10:
1a:a3:d8:10:bf:f3:a2:b7:c7:b3:60:0f:88:0b:d7:5f:ec:e9:
ca:6f:9a:88:bc:4f:cf:33:b1:03:1a:1f:65:a8:0d:eb:a2:55:
24:49:27:92:12:87:25:ff:b8:45:f7:be:c1:92:35:9d:3b:f9:
99:a2:00:1e:74:db:3c:e6:9f:3a:a5:18:34:4a:4f:c4:b2:a3:
f3:e4:13:d6:b4:54:4e:18:ca:25:df:86:94:d2:85:1e:b3:1a:
a4:93:e0:1f:19:23:a6:fb:7b:87:d7:dd:de:f4:27:27:cf:bc:
b2:e3:0e:ae:bb:29:7c:eb:5d:81:da:27:8e:77:d1:69:69:93:
43:1a:1f:6a:14:99:02:04:22:24:b5:f8:d4:a3:0b:1e:a3:10:
e9:82:cc:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUROZa/thr4N88jGE+ShS/mV4DEP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NTY2Y2NkODJjZmIwMWMyZDIyNzJiNTI5ODg3NjE0NjY1ZmU1ZDU0YWYy
MzNmNTE1NzU4YzRhMDZlYmI0YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMb2FwaxolWaa24wk6gP5ZN/QER4rJXxpRAR1hNsONL6wdjWLPFk4B5dcdtf
QdBOMUEs4qTd/dFclTSQOweeJjl5sVmvfy+IesHisf0n+S46Fy9IkTz9m1qWNh95
Xr+HLYfrFNdNzkY4abSP43gnAo2IQWlpjEVeKqNyQqvbyht44HB4ejXvLEd30OWc
76LXsV1SZuGA0V6gB0/05EUG75EwM6Vz+Oxvbtbf0CoY/X/z0GbAvawncyWya8hI
ra5ffAss4/S/RI5oid7htig6/9UoM6WDFE4IbFUNDguDcoadDPuv6dhAbJBeQRVI
iY+MGDDIlYc/Ga/SZMIin+J/iPsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSmSHaA
c1Xr/x6fveTnlvw8F8LmNzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQBqwayGer9UYrsXuID5Nczyb+oqKbw4bYqchU0NHgKj
u5wtnFHF02lnOEDg1PYCf+mA2yOQ1h9cMOsL725P8ii6YaBmjuL8J+Y79VOxzBc7
4vPtXzTbuzbhhxx824ugtkkDrzP6Q301KvMOoBAao9gQv/Oit8ezYA+IC9df7OnK
b5qIvE/PM7EDGh9lqA3rolUkSSeSEocl/7hF977BkjWdO/mZogAedNs85p86pRg0
Sk/EsqPz5BPWtFROGMol34aU0oUesxqkk+AfGSOm+3uH193e9Ccnz7yy4w6uuyl8
612B2ieOd9FpaZNDGh9qFJkCBCIktfjUowseoxDpgszB
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:59:44 2025 by rpki-client