Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
File: 60c12693-1526-46ae-aa45-d5276a0c0f79.roa (raw, json)
Hash identifier: DrkU2RTKy8YXTYZMUf2tq0lF8FuU3koedKYmuDusEMI=
Subject key identifier: 12:83:36:B6:BD:5F:EC:6D:CE:B3:0F:C5:B8:EB:9D:CC:D8:09:3C:ED
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A4E9A9D0C6E9A614F4CFD632899DBD82036B260
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
Signing time: Fri 23 May 2025 00:51:12 +0000
ROA not before: Fri 23 May 2025 00:51:12 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.86.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:4e:9a:9d:0c:6e:9a:61:4f:4c:fd:63:28:99:db:d8:20:36:b2:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:12 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=1b6736d2c620c299ba90064b6addf4461c3beff5d6a0a90894ab94b90f5e323f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:72:ea:e1:07:e8:86:75:c7:e8:48:bc:8c:82:
af:7e:24:5b:23:9a:fb:b8:4b:68:7c:d3:b2:4d:85:
b5:85:af:ee:42:ee:f2:a5:6a:23:60:13:56:bb:bd:
68:af:3e:2d:67:46:93:4f:bb:fc:28:b9:93:c1:8d:
f6:07:5e:66:13:73:ab:90:6b:f2:d5:59:e4:53:78:
aa:f4:16:0f:33:cd:9c:1c:9f:ad:5e:38:ea:62:98:
2a:95:2a:02:d9:f9:4a:d1:ac:8d:a5:ed:8f:54:05:
99:d3:43:03:9f:05:2a:c3:ce:bf:53:69:c5:37:dd:
c1:27:49:29:cf:6c:ad:9f:2a:0e:35:e7:97:49:93:
21:2b:6e:e7:e2:ba:22:42:44:c9:fb:26:99:8b:e6:
3c:af:84:5c:12:74:74:2f:d9:d0:0b:af:24:f8:b9:
b5:be:e8:cb:a3:b2:f7:d0:29:88:b9:a9:d9:7f:53:
27:9a:a3:99:6d:44:54:c6:65:d3:41:f6:9e:be:e2:
1e:7c:9d:4c:4d:1b:cd:05:28:34:19:42:72:ea:c6:
6d:db:ce:66:65:72:51:da:6a:d8:79:a5:e8:50:c0:
95:9b:ca:ee:57:7e:85:f6:86:e4:2f:85:2c:06:22:
1d:22:5b:2a:0c:74:32:70:12:9c:d6:4d:ce:88:16:
6b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:83:36:B6:BD:5F:EC:6D:CE:B3:0F:C5:B8:EB:9D:CC:D8:09:3C:ED
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.86.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cf:65:d4:55:da:9d:61:1e:70:fb:c2:af:46:7d:46:b8:1f:00:
83:32:85:7f:9a:ab:bf:17:5e:f3:88:ed:2d:66:32:60:6d:c8:
5f:6c:bb:eb:54:c3:9e:25:4f:9b:54:29:c4:1c:f0:46:43:6c:
b9:66:42:e5:01:19:47:fb:e1:2c:34:d0:fa:37:5c:cb:56:75:
0f:a9:62:6d:f1:f3:3f:70:fe:6c:e1:5a:65:fe:2d:9e:36:66:
cd:13:f8:50:cb:91:80:3d:1e:02:c2:fc:69:95:48:98:a8:9b:
18:31:c5:8c:66:32:be:9b:b7:d8:20:b3:e4:6f:c6:72:c1:46:
42:f8:3b:44:a9:d1:7e:88:ca:36:27:79:47:20:7e:e5:bc:fc:
00:fc:ed:37:a6:ac:d1:f7:c3:4c:5f:37:1d:fb:73:ac:63:55:
57:78:4a:56:40:20:6b:f9:72:de:7e:cf:b6:64:eb:ff:38:53:
ee:49:ae:0b:a3:f6:37:45:6f:77:f0:fc:2f:06:2f:2b:cf:0e:
74:12:62:19:38:74:82:14:13:2e:f3:3d:8b:e9:1a:2c:be:f6:
48:5e:65:dd:84:38:a0:f3:31:93:ad:9c:d8:50:da:fb:0b:e2:
ad:d8:99:fe:5c:4f:84:55:ee:4c:1c:a1:d5:0b:cd:3f:6f:b5:
a0:09:65:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGk6anQxummFPTP1jKJnb2CA2smAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMTJaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNjczNmQyYzYyMGMyOTliYTkwMDY0YjZhZGRmNDQ2MWMzYmVmZjVkNmEw
YTkwODk0YWI5NGI5MGY1ZTMyM2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdy6uEH6IZ1x+hIvIyCr34kWyOa+7hLaHzTsk2FtYWv7kLu8qVqI2ATVru9
aK8+LWdGk0+7/Ci5k8GN9gdeZhNzq5Br8tVZ5FN4qvQWDzPNnByfrV446mKYKpUq
Atn5StGsjaXtj1QFmdNDA58FKsPOv1NpxTfdwSdJKc9srZ8qDjXnl0mTIStu5+K6
IkJEyfsmmYvmPK+EXBJ0dC/Z0AuvJPi5tb7oy6Oy99ApiLmp2X9TJ5qjmW1EVMZl
00H2nr7iHnydTE0bzQUoNBlCcurGbdvOZmVyUdpq2Hml6FDAlZvK7ld+hfaG5C+F
LAYiHSJbKgx0MnASnNZNzogWa3UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQSgza2
vV/sbc6zD8W4653M2Ak87TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjMTI2OTMtMTUyNi00NmFlLWFhNDUtZDUyNzZhMGMwZjc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G
CSqGSIb3DQEBCwUAA4IBAQDPZdRV2p1hHnD7wq9GfUa4HwCDMoV/mqu/F17ziO0t
ZjJgbchfbLvrVMOeJU+bVCnEHPBGQ2y5ZkLlARlH++EsNND6N1zLVnUPqWJt8fM/
cP5s4Vpl/i2eNmbNE/hQy5GAPR4CwvxplUiYqJsYMcWMZjK+m7fYILPkb8ZywUZC
+DtEqdF+iMo2J3lHIH7lvPwA/O03pqzR98NMXzcd+3OsY1VXeEpWQCBr+XLefs+2
ZOv/OFPuSa4Lo/Y3RW938PwvBi8rzw50EmIZOHSCFBMu8z2L6RosvvZIXmXdhDig
8zGTrZzYUNr7C+Kt2Jn+XE+EVe5MHKHVC80/b7WgCWWF
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:08:38 2025 by rpki-client