Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json)
Hash identifier: gNN0x3mCwsmQr75FpehNU43OLFegLn01w7hQj4KXh6M=
Subject key identifier: 57:98:6A:A6:BE:57:13:79:97:60:7B:26:51:7D:66:E0:E2:80:E7:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0517D33E1D1DE11E22957BC2280129258CA9A7AD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
Signing time: Fri 23 May 2025 00:50:10 +0000
ROA not before: Fri 23 May 2025 00:50:10 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:17:d3:3e:1d:1d:e1:1e:22:95:7b:c2:28:01:29:25:8c:a9:a7:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:10 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=7df4bcc9717380460953b0081b54001ccbdc61b5acc91d939431944768a25d22, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:35:f7:01:89:3e:74:90:59:7a:af:91:d2:f8:
7e:36:cc:0e:46:05:4b:61:cc:2e:f9:c4:44:e9:85:
5a:14:8d:4d:98:10:29:6d:95:ab:c4:94:e6:0f:62:
5a:18:64:8d:08:40:5c:e6:88:02:45:45:9d:df:6b:
3f:77:cc:53:c9:5a:05:93:c0:00:86:ee:e1:85:34:
09:35:68:da:01:cd:f0:76:7c:66:54:29:1b:42:55:
1d:49:ee:93:d0:75:ce:98:e9:d6:72:5c:20:fd:92:
c4:85:1b:dc:97:40:8a:00:17:58:42:be:b8:3b:aa:
45:cb:05:3f:6d:a0:4c:f2:12:46:f8:7c:22:49:76:
31:7c:be:d7:00:7a:ea:8f:2d:92:29:b2:e2:81:6b:
aa:9f:ee:c3:f3:b9:0f:df:33:88:7e:1c:8c:57:49:
34:55:23:81:14:8c:53:b9:27:07:59:bd:ab:20:fb:
f1:98:75:cd:b1:ab:44:ad:2c:5c:34:fd:8a:d2:b2:
6b:ec:67:05:88:68:d2:74:d7:3e:a3:ee:ae:b5:fc:
77:2a:d9:df:c4:f1:78:35:47:8c:88:2f:ff:ab:99:
6a:d0:8d:fd:f8:bb:24:60:6a:09:93:5e:6d:82:50:
a0:58:8e:1f:19:e3:89:bf:a7:5e:9d:9c:7d:e8:14:
6c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:98:6A:A6:BE:57:13:79:97:60:7B:26:51:7D:66:E0:E2:80:E7:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
c0:13:ed:15:7f:6b:96:a0:b6:56:55:64:fa:e9:97:fa:18:2e:
6f:ae:5b:cb:58:63:30:a5:78:3d:0e:e2:3f:90:1a:16:4d:25:
a0:d1:58:7b:b6:43:02:d0:db:ab:33:9e:20:fd:00:69:6b:81:
59:d6:87:bf:8a:55:75:82:cd:ff:0c:fc:30:84:90:71:7f:da:
5e:49:ee:53:48:1d:b8:db:d1:52:91:aa:61:2b:08:55:ea:71:
61:f9:34:20:17:51:b1:65:3a:2f:78:75:d1:6c:55:42:67:0a:
ea:2d:28:34:d1:e8:b6:6a:a0:4b:6b:84:d1:f1:56:54:c2:2c:
96:ad:2f:99:78:5f:47:17:64:36:f4:fc:6d:dc:90:fd:7b:ba:
0a:58:cd:36:da:04:a2:e6:e5:a1:74:c3:2c:c8:bd:44:02:c3:
f5:7b:9c:9d:ba:97:a8:24:84:55:22:11:7e:d4:2b:18:a4:ae:
7d:90:bc:de:84:59:d2:a4:b4:05:3c:85:7f:41:99:e6:53:de:
27:c3:ed:24:fb:2f:85:5f:91:68:e6:87:3c:12:66:d2:09:e1:
19:75:c5:50:59:81:ab:89:47:13:e6:64:e1:02:9f:87:bd:c1:
bc:6d:37:80:be:63:74:66:3e:f7:9f:e9:d0:86:b1:e2:d9:2f:
b9:05:b8:8e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBRfTPh0d4R4ilXvCKAEpJYypp60wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMTBaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZjRiY2M5NzE3MzgwNDYwOTUzYjAwODFiNTQwMDFjY2JkYzYxYjVhY2M5
MWQ5Mzk0MzE5NDQ3NjhhMjVkMjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQ19wGJPnSQWXqvkdL4fjbMDkYFS2HMLvnEROmFWhSNTZgQKW2Vq8SU5g9i
WhhkjQhAXOaIAkVFnd9rP3fMU8laBZPAAIbu4YU0CTVo2gHN8HZ8ZlQpG0JVHUnu
k9B1zpjp1nJcIP2SxIUb3JdAigAXWEK+uDuqRcsFP22gTPISRvh8Ikl2MXy+1wB6
6o8tkimy4oFrqp/uw/O5D98ziH4cjFdJNFUjgRSMU7knB1m9qyD78Zh1zbGrRK0s
XDT9itKya+xnBYho0nTXPqPurrX8dyrZ38TxeDVHjIgv/6uZatCN/fi7JGBqCZNe
bYJQoFiOHxnjib+nXp2cfegUbLcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRXmGqm
vlcTeZdgeyZRfWbg4oDnPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEAwBPtFX9rlqC2VlVk+umX+hgub65by1hjMKV4PQ7i
P5AaFk0loNFYe7ZDAtDbqzOeIP0AaWuBWdaHv4pVdYLN/wz8MISQcX/aXknuU0gd
uNvRUpGqYSsIVepxYfk0IBdRsWU6L3h10WxVQmcK6i0oNNHotmqgS2uE0fFWVMIs
lq0vmXhfRxdkNvT8bdyQ/Xu6CljNNtoEoubloXTDLMi9RALD9XucnbqXqCSEVSIR
ftQrGKSufZC83oRZ0qS0BTyFf0GZ5lPeJ8PtJPsvhV+RaOaHPBJm0gnhGXXFUFmB
q4lHE+Zk4QKfh73BvG03gL5jdGY+95/p0Iax4tkvuQW4jg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:08:37 2025 by rpki-client