Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: 3zARcdsABayaFhyYZAvVj/r3fdX9l70d4qE86cTfQ4A=
Subject key identifier: 02:7A:E4:81:CA:D7:44:3D:15:02:93:20:10:17:5A:5A:C2:02:B5:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E5BBFC271071E808F442E153DA8CDE2C377FA78
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Tue 20 May 2025 20:50:37 +0000
ROA not before: Tue 20 May 2025 20:50:37 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:5b:bf:c2:71:07:1e:80:8f:44:2e:15:3d:a8:cd:e2:c3:77:fa:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:37 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=96f140f3f599f3f4842f55e3e937c9fddefa39e7466e811337c84c411d0af47f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8d:0b:59:c3:1c:e9:0c:37:79:66:f8:c9:a8:
c0:0a:2a:20:52:62:87:5c:15:c0:b7:b7:f4:b8:aa:
e9:ef:58:35:c7:42:4c:18:b9:06:05:5d:9f:a8:84:
6e:c7:da:40:69:43:82:1f:12:9d:d4:3c:22:ca:f7:
76:bc:32:56:8f:a0:89:ed:fc:fd:9a:c7:52:bd:19:
c7:0f:a1:45:ab:83:32:fd:22:7e:5e:85:40:77:ea:
9d:03:26:3c:ff:3a:46:10:a6:07:14:b7:e2:c9:34:
b3:e4:57:80:d0:65:3b:79:d1:e0:c0:88:56:f2:26:
0d:8b:ab:20:6e:25:f1:21:86:3b:87:ef:04:b8:ce:
e5:b0:53:f0:e7:2e:74:65:ef:88:5a:89:36:da:9b:
84:7f:ee:83:57:b8:f6:c8:44:ac:c7:e6:c7:f5:11:
7b:96:5b:69:59:9d:b1:45:aa:2d:7e:e3:71:08:cd:
85:99:be:0b:dc:02:f5:6b:22:80:4c:94:94:cc:df:
7a:eb:49:8d:c0:d3:b6:69:59:0a:b5:f7:a9:0e:87:
54:7d:ae:26:eb:2a:fc:a7:0d:b6:b0:81:33:e6:33:
0c:ab:1f:d8:6d:d7:15:ef:22:6c:98:a7:7b:c6:b8:
6d:7a:6d:b5:81:3e:2c:d5:23:84:40:21:8d:5e:74:
15:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7A:E4:81:CA:D7:44:3D:15:02:93:20:10:17:5A:5A:C2:02:B5:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
64:cc:cf:85:6a:a6:2d:b3:47:de:34:6d:5f:3c:78:99:60:6a:
41:2e:e6:91:ae:2f:04:93:50:4b:69:85:37:73:f7:37:31:7e:
0e:71:84:65:7e:41:ee:56:79:1b:5e:42:a9:8a:c1:6d:1a:84:
c7:be:04:0a:65:a2:fd:bb:0a:83:98:de:19:a4:d7:aa:15:6f:
ca:00:94:f7:0c:10:ad:28:ef:58:89:51:21:11:0e:28:d5:e1:
51:c0:dc:8a:d9:3e:3f:e3:d8:df:72:e6:c9:39:e4:e4:f8:0e:
e1:22:6e:8d:12:0a:5a:7d:40:4f:24:a6:54:97:15:9c:38:25:
50:dc:bd:1b:04:f2:47:bb:8c:09:3f:7b:ce:78:75:17:81:93:
db:b4:d1:ca:26:7b:f0:db:f5:13:40:8e:2c:83:02:79:a8:52:
11:fb:be:91:05:fb:6d:99:90:57:7e:92:9a:79:15:24:76:9a:
51:da:ab:19:52:3a:fd:ff:fc:e4:8f:39:9e:0e:e7:7c:1e:bf:
e2:09:a9:43:c6:e7:0c:f9:90:bb:b3:cc:2f:f7:31:4e:9c:8f:
c3:33:e2:09:3f:c5:e2:33:de:e3:90:a5:d0:ac:31:c3:9f:9c:
69:ff:9c:75:81:8a:b5:0e:47:18:37:c8:aa:0d:0e:dd:e3:6a:
3f:fa:f7:7f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULlu/wnEHHoCPRC4VPajN4sN3+ngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMzdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2ZjE0MGYzZjU5OWYzZjQ4NDJmNTVlM2U5MzdjOWZkZGVmYTM5ZTc0NjZl
ODExMzM3Yzg0YzQxMWQwYWY0N2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSNC1nDHOkMN3lm+MmowAoqIFJih1wVwLe39Liq6e9YNcdCTBi5BgVdn6iE
bsfaQGlDgh8SndQ8Isr3drwyVo+gie38/ZrHUr0Zxw+hRauDMv0ifl6FQHfqnQMm
PP86RhCmBxS34sk0s+RXgNBlO3nR4MCIVvImDYurIG4l8SGGO4fvBLjO5bBT8Ocu
dGXviFqJNtqbhH/ug1e49shErMfmx/URe5ZbaVmdsUWqLX7jcQjNhZm+C9wC9Wsi
gEyUlMzfeutJjcDTtmlZCrX3qQ6HVH2uJusq/KcNtrCBM+YzDKsf2G3XFe8ibJin
e8a4bXpttYE+LNUjhEAhjV50Ff8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQCeuSB
ytdEPRUCkyAQF1pawgK1azAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQBkzM+FaqYts0feNG1fPHiZYGpBLuaRri8Ek1BLaYU3
c/c3MX4OcYRlfkHuVnkbXkKpisFtGoTHvgQKZaL9uwqDmN4ZpNeqFW/KAJT3DBCt
KO9YiVEhEQ4o1eFRwNyK2T4/49jfcubJOeTk+A7hIm6NEgpafUBPJKZUlxWcOCVQ
3L0bBPJHu4wJP3vOeHUXgZPbtNHKJnvw2/UTQI4sgwJ5qFIR+76RBfttmZBXfpKa
eRUkdppR2qsZUjr9//zkjzmeDud8Hr/iCalDxucM+ZC7s8wv9zFOnI/DM+IJP8Xi
M97jkKXQrDHDn5xp/5x1gYq1DkcYN8iqDQ7d42o/+vd/
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:25:33 2025 by rpki-client