Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: B4WhjhIei+lw64eLD5T6kR46pouhAiLQeBbBJqY0UVc=
Subject key identifier: 0F:A2:48:00:CA:27:B6:14:5E:73:7D:73:40:77:80:A0:22:EB:EE:43
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F66EC0A8F0241FE7244DC1A2E1A33F09B57E5DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Tue 20 May 2025 20:50:08 +0000
ROA not before: Tue 20 May 2025 20:50:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:66:ec:0a:8f:02:41:fe:72:44:dc:1a:2e:1a:33:f0:9b:57:e5:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=7db586967f8d83516ab9fa211bf4f1699be7c3528012081533bd4dacb7c2c199, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8c:7f:b4:13:bd:c5:5f:11:ae:1f:cb:19:8b:
f5:d5:23:8d:73:87:ec:65:95:82:d2:c5:03:86:3d:
f8:ff:5a:dd:f2:69:b4:41:2f:0c:f7:26:93:23:10:
f7:90:72:df:cb:fa:74:5d:9b:1c:02:7a:e8:36:e2:
1f:e1:36:d4:08:da:8d:48:67:fc:d4:c3:ea:e7:3a:
fc:10:96:67:21:8c:99:cc:38:5d:69:a8:78:78:39:
f9:da:30:75:bb:b8:b6:15:0e:a5:1e:b3:84:7b:27:
84:f9:c3:f4:68:a6:ff:e0:e0:d4:2a:ac:f3:0f:45:
59:33:cd:c4:b2:04:11:a6:35:95:44:b6:2e:17:7b:
02:83:22:c2:05:a4:08:ab:69:0e:ed:64:25:2f:e0:
b6:e6:85:f7:a7:a0:74:f7:47:0b:2d:c9:6f:87:80:
fa:2f:e0:24:59:de:f6:8e:6e:bf:bd:b9:cd:e6:1b:
12:07:d3:80:25:24:b9:34:0d:2b:20:cc:d6:65:45:
b7:5d:b1:d5:88:f1:6c:f2:92:43:d3:9e:8d:3c:60:
03:8f:42:81:7b:67:70:6c:64:d0:6d:ea:03:22:f3:
7e:0b:9f:0e:e1:64:60:70:67:f1:64:42:77:85:70:
79:a8:bc:17:90:f0:27:76:ed:09:a1:b6:da:cc:db:
90:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A2:48:00:CA:27:B6:14:5E:73:7D:73:40:77:80:A0:22:EB:EE:43
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:c6:d0:05:0f:c1:51:e0:fd:37:1b:b7:33:a8:7d:54:06:4d:
68:17:53:86:9d:f8:48:97:40:1f:c7:b0:7e:60:1b:94:77:ab:
48:9a:ce:16:69:72:bb:0f:96:6e:67:80:48:ee:df:ae:1b:d0:
6d:69:22:cd:c6:41:80:0a:d2:26:fd:a6:c6:8f:0b:b6:a5:47:
a4:f4:4c:4e:c7:01:65:33:4a:8a:5a:18:69:c3:e8:73:b4:4c:
6c:9b:13:81:e7:e6:72:8c:98:12:3b:a6:8d:32:fc:28:2c:b2:
ed:19:15:56:a9:49:79:b4:ba:81:73:0b:c3:8c:7b:6e:6a:e7:
26:74:88:a0:fd:18:be:eb:13:a7:fb:01:20:b2:17:b7:27:cb:
27:e6:b3:ab:fc:ed:26:da:ac:60:07:ef:90:e7:07:76:91:fc:
19:a9:3c:97:04:18:6f:d1:74:1a:36:af:75:45:1c:81:a0:81:
8d:d2:1b:ce:2a:ff:8b:f4:06:cb:bc:88:b5:65:d7:d3:74:a4:
0f:78:4f:18:83:9f:82:b8:1e:b4:c6:77:a1:03:f0:1c:83:bb:
ce:71:e2:bb:f1:75:37:50:e4:03:6a:3b:6d:db:ca:8a:a3:f6:
2a:dd:61:9d:6b:c6:e3:c0:4c:1f:0f:db:bd:00:a4:28:b4:b6:
c6:aa:5f:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP2bsCo8CQf5yRNwaLhoz8JtX5d0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkYjU4Njk2N2Y4ZDgzNTE2YWI5ZmEyMTFiZjRmMTY5OWJlN2MzNTI4MDEy
MDgxNTMzYmQ0ZGFjYjdjMmMxOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2Mf7QTvcVfEa4fyxmL9dUjjXOH7GWVgtLFA4Y9+P9a3fJptEEvDPcmkyMQ
95By38v6dF2bHAJ66DbiH+E21AjajUhn/NTD6uc6/BCWZyGMmcw4XWmoeHg5+dow
dbu4thUOpR6zhHsnhPnD9Gim/+Dg1Cqs8w9FWTPNxLIEEaY1lUS2Lhd7AoMiwgWk
CKtpDu1kJS/gtuaF96egdPdHCy3Jb4eA+i/gJFne9o5uv725zeYbEgfTgCUkuTQN
KyDM1mVFt12x1YjxbPKSQ9OejTxgA49CgXtncGxk0G3qAyLzfgufDuFkYHBn8WRC
d4Vweai8F5DwJ3btCaG22szbkN0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQPokgA
yie2FF5zfXNAd4CgIuvuQzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQCUxtAFD8FR4P03G7czqH1UBk1oF1OGnfhIl0Afx7B+
YBuUd6tIms4WaXK7D5ZuZ4BI7t+uG9BtaSLNxkGACtIm/abGjwu2pUek9ExOxwFl
M0qKWhhpw+hztExsmxOB5+ZyjJgSO6aNMvwoLLLtGRVWqUl5tLqBcwvDjHtuaucm
dIig/Ri+6xOn+wEgshe3J8sn5rOr/O0m2qxgB++Q5wd2kfwZqTyXBBhv0XQaNq91
RRyBoIGN0hvOKv+L9AbLvIi1ZdfTdKQPeE8Yg5+CuB60xnehA/Acg7vOceK78XU3
UOQDajtt28qKo/Yq3WGda8bjwEwfD9u9AKQotLbGql+n
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:09:29 2025 by rpki-client