Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: sgFgI+eV0A4zZ/toKpyB6tqvJejzmdI8C/HrcEzWePU=
Subject key identifier: F5:C6:3C:87:FD:83:5A:D7:B7:88:D9:02:DE:6A:31:95:EE:7E:6E:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 051D80B2265E46065AAAB9192D1A9E772188C318
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Tue 20 May 2025 20:40:05 +0000
ROA not before: Tue 20 May 2025 20:40:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:1d:80:b2:26:5e:46:06:5a:aa:b9:19:2d:1a:9e:77:21:88:c3:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=7fbf9347143c8145bd253a565b5f1da7b9117303a5ac38585f350e818fbd8461, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:de:78:07:e2:61:3e:73:4b:2a:35:a7:e6:45:
8c:89:ea:03:24:56:50:ea:77:cc:b8:31:c9:6e:d5:
09:c2:3b:f8:90:7a:bf:93:c3:28:2a:0e:c8:f5:80:
1c:7e:2a:58:f2:f4:be:04:b9:05:01:a4:60:e0:b5:
ec:bb:b8:69:b5:cb:16:4f:fa:46:c0:3c:fc:9e:56:
89:5b:86:c7:a2:3b:08:49:a8:c5:c6:3d:48:a4:c3:
a7:da:1a:45:63:f3:2f:2b:0c:f1:68:28:78:94:00:
46:90:cd:5a:89:1f:a2:b2:07:7a:fc:d5:a6:52:15:
fe:0d:35:6e:d3:75:1a:5e:f9:60:95:38:95:c4:28:
1c:42:53:c5:b2:7f:e5:92:82:a7:f0:08:8a:03:d8:
2b:f1:d2:b0:f8:22:2a:82:83:42:84:05:57:c8:b3:
d2:ea:8e:3a:a9:c5:4f:48:38:08:81:97:dd:db:e6:
d5:76:5b:8b:b6:e6:4f:97:81:f6:33:3d:28:e3:6c:
a3:bd:67:92:49:a5:7d:23:96:c4:bd:31:d2:8e:12:
94:c9:b2:fe:e6:77:64:17:ff:33:56:ca:b8:2f:e8:
37:72:e1:01:f7:12:90:e0:d6:8d:d4:3a:b7:75:c1:
74:36:74:8f:88:84:20:63:4c:3f:8b:bf:5b:9a:d1:
76:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C6:3C:87:FD:83:5A:D7:B7:88:D9:02:DE:6A:31:95:EE:7E:6E:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:14:c8:df:91:da:77:2b:ed:a8:ae:9a:bc:20:5c:bc:3c:43:
4b:10:70:0c:bd:ce:93:59:2b:8b:35:17:c3:17:9f:6c:43:9d:
c9:8e:cc:31:70:a6:45:04:9b:81:b3:26:fe:be:f0:e1:a5:11:
90:b7:9a:8b:86:be:22:d8:4b:39:7d:0d:c9:86:38:ac:3c:cd:
ab:c0:f9:5a:7e:2e:55:b6:9e:94:dc:8a:b4:41:1f:e8:9a:b6:
86:e1:a2:cd:69:b6:0a:07:8b:c6:9a:3c:45:05:b3:64:89:61:
e0:15:40:4a:f0:cf:08:de:d6:7c:1d:f2:5c:06:db:eb:1d:7f:
48:95:f1:ef:62:a2:79:fd:4f:a4:9a:16:58:a3:bc:c5:67:84:
53:88:a4:26:56:28:89:60:61:c5:c1:bb:18:3f:72:10:c2:a8:
a3:68:cc:fb:ee:67:fe:87:8a:80:4c:1e:69:1b:21:3a:67:2f:
ea:28:fb:e0:a5:48:3f:2a:75:bf:fe:04:4b:80:c0:65:aa:0b:
62:97:96:81:b1:8e:d2:c5:2d:ba:fe:83:a3:f8:0a:81:aa:3e:
76:7e:31:4b:ac:58:25:a5:9e:d6:0c:79:11:b6:ee:0a:91:53:
40:2d:5f:72:83:a2:44:40:42:d6:83:b2:3a:e6:53:e5:eb:e8:
fb:63:92:28
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBR2AsiZeRgZaqrkZLRqedyGIwxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmYmY5MzQ3MTQzYzgxNDViZDI1M2E1NjViNWYxZGE3YjkxMTczMDNhNWFj
Mzg1ODVmMzUwZTgxOGZiZDg0NjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPeeAfiYT5zSyo1p+ZFjInqAyRWUOp3zLgxyW7VCcI7+JB6v5PDKCoOyPWA
HH4qWPL0vgS5BQGkYOC17Lu4abXLFk/6RsA8/J5WiVuGx6I7CEmoxcY9SKTDp9oa
RWPzLysM8WgoeJQARpDNWokforIHevzVplIV/g01btN1Gl75YJU4lcQoHEJTxbJ/
5ZKCp/AIigPYK/HSsPgiKoKDQoQFV8iz0uqOOqnFT0g4CIGX3dvm1XZbi7bmT5eB
9jM9KONso71nkkmlfSOWxL0x0o4SlMmy/uZ3ZBf/M1bKuC/oN3LhAfcSkODWjdQ6
t3XBdDZ0j4iEIGNMP4u/W5rRdr0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT1xjyH
/YNa17eI2QLeajGV7n5uajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQAAFMjfkdp3K+2orpq8IFy8PENLEHAMvc6TWSuLNRfD
F59sQ53JjswxcKZFBJuBsyb+vvDhpRGQt5qLhr4i2Es5fQ3JhjisPM2rwPlafi5V
tp6U3Iq0QR/omraG4aLNabYKB4vGmjxFBbNkiWHgFUBK8M8I3tZ8HfJcBtvrHX9I
lfHvYqJ5/U+kmhZYo7zFZ4RTiKQmViiJYGHFwbsYP3IQwqijaMz77mf+h4qATB5p
GyE6Zy/qKPvgpUg/KnW//gRLgMBlqgtil5aBsY7SxS26/oOj+AqBqj52fjFLrFgl
pZ7WDHkRtu4KkVNALV9yg6JEQELWg7I65lPl6+j7Y5Io
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:23:53 2025 by rpki-client