Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
File: 54f9687d-a273-4060-846b-ce640aca7c79.roa (raw, json)
Hash identifier: lrJTYMBu5W9KCoOrzgX/brZVovSyBCYyxAhtm7meO10=
Subject key identifier: 9B:DA:17:CF:E9:3E:BB:F7:A9:CC:76:D3:36:5C:55:98:D9:79:49:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 228F3356584DC9978157A81D134015F20939A2CD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
Signing time: Fri 23 May 2025 00:51:07 +0000
ROA not before: Fri 23 May 2025 00:51:07 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:8f:33:56:58:4d:c9:97:81:57:a8:1d:13:40:15:f2:09:39:a2:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:07 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=90f0a6725e67ea65eca2568d39ebdbb77a89ed2f402d626df3cda7a08e8e134e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:98:33:b3:12:6f:04:c6:b1:42:47:33:4e:8e:
97:60:62:d1:33:96:d3:25:51:64:e4:23:32:c4:07:
4e:5b:10:e8:cd:c9:07:83:ca:7a:6d:f7:0c:53:32:
08:47:0f:94:be:9b:3d:d5:ef:3b:c5:70:49:34:f4:
fc:5b:21:72:ce:7b:c8:b3:d1:c4:44:2b:40:cd:05:
12:a1:84:3f:f7:91:dc:cd:b4:ed:d5:79:25:95:c8:
0e:ba:3c:fa:fa:62:d1:de:22:89:1a:6f:06:4b:c7:
b4:57:a0:80:29:5a:7e:13:1c:6b:86:fa:1e:e6:24:
1e:c1:ec:45:a8:96:c8:1c:6a:10:60:e9:c9:c1:f7:
55:84:0c:d7:bc:dd:b5:d3:63:df:a4:65:3c:f6:69:
42:0e:43:b1:f3:0c:a9:bf:29:5c:4a:09:cc:d9:52:
b1:f2:1d:3a:d1:d7:a4:18:b7:12:40:92:5b:c1:f5:
f2:8b:cd:17:b0:49:14:f4:35:89:ea:26:69:d2:10:
e1:87:c4:80:a0:06:90:b1:85:2b:dc:a8:63:bd:76:
be:40:6f:fc:a9:96:e1:23:61:cf:1d:66:88:69:13:
41:45:70:fe:1d:02:b2:cd:a0:50:75:d2:bf:ab:9c:
b0:f5:c9:d8:67:d3:c7:c3:a9:87:93:84:83:06:e0:
a0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DA:17:CF:E9:3E:BB:F7:A9:CC:76:D3:36:5C:55:98:D9:79:49:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
4f:09:f0:98:5f:52:26:61:27:05:4f:7d:0a:c8:07:cc:92:ff:
b8:83:ac:0b:55:c0:87:01:77:95:d3:03:c4:ba:42:1a:df:d9:
ec:7d:ac:ef:7b:cf:98:1a:7a:fc:f2:66:b8:ce:06:0c:f4:0f:
6f:ac:2f:29:0d:3c:24:2f:58:69:f9:8b:c8:7d:33:39:58:66:
f9:de:7c:9b:ac:52:52:6f:ac:fc:ca:fc:ea:c2:c3:e7:9b:09:
f6:72:b4:01:ee:f3:e2:7d:7c:67:de:1b:a3:d0:16:74:d2:69:
ed:bf:fd:6c:63:e8:59:fe:3a:c5:45:ea:b8:c7:ef:12:d6:33:
40:c3:40:4e:22:36:75:c0:af:39:83:1b:4e:63:56:36:77:b2:
2f:15:c0:60:ce:f6:a3:2a:72:47:02:ed:e3:55:83:1d:06:85:
d8:9a:96:2c:80:03:30:b8:b3:ed:77:cc:34:0e:83:b1:3f:c1:
51:17:4b:21:50:08:a3:b7:9d:fa:85:3f:4f:f8:48:8d:41:7a:
18:56:d7:c3:c1:50:2f:e4:f1:77:a7:c4:c5:c8:74:5c:54:0b:
c6:23:2a:5a:4e:ed:ae:8c:ab:b5:52:4c:63:4f:2a:2e:6c:b1:
a1:27:9c:32:50:3e:9e:9a:18:fc:cc:16:53:9c:90:82:c7:5e:
96:84:ce:87
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIo8zVlhNyZeBV6gdE0AV8gk5os0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMDdaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwZjBhNjcyNWU2N2VhNjVlY2EyNTY4ZDM5ZWJkYmI3N2E4OWVkMmY0MDJk
NjI2ZGYzY2RhN2EwOGU4ZTEzNGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWYM7MSbwTGsUJHM06Ol2Bi0TOW0yVRZOQjMsQHTlsQ6M3JB4PKem33DFMy
CEcPlL6bPdXvO8VwSTT0/Fshcs57yLPRxEQrQM0FEqGEP/eR3M207dV5JZXIDro8
+vpi0d4iiRpvBkvHtFeggClafhMca4b6HuYkHsHsRaiWyBxqEGDpycH3VYQM17zd
tdNj36RlPPZpQg5DsfMMqb8pXEoJzNlSsfIdOtHXpBi3EkCSW8H18ovNF7BJFPQ1
ieomadIQ4YfEgKAGkLGFK9yoY712vkBv/KmW4SNhzx1miGkTQUVw/h0Css2gUHXS
v6ucsPXJ2GfTx8Oph5OEgwbgoPcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSb2hfP
6T6796nMdtM2XFWY2XlJYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTRmOTY4N2QtYTI3My00MDYwLTg0NmItY2U2NDBhY2E3Yzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQBPCfCYX1ImYScFT30KyAfMkv+4g6wLVcCHAXeV0wPE
ukIa39nsfazve8+YGnr88ma4zgYM9A9vrC8pDTwkL1hp+YvIfTM5WGb53nybrFJS
b6z8yvzqwsPnmwn2crQB7vPifXxn3huj0BZ00mntv/1sY+hZ/jrFReq4x+8S1jNA
w0BOIjZ1wK85gxtOY1Y2d7IvFcBgzvajKnJHAu3jVYMdBoXYmpYsgAMwuLPtd8w0
DoOxP8FRF0shUAijt536hT9P+EiNQXoYVtfDwVAv5PF3p8TFyHRcVAvGIypaTu2u
jKu1UkxjTyoubLGhJ5wyUD6emhj8zBZTnJCCx16WhM6H
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:55:55 2025 by rpki-client