Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: hH11V4O+zAt1w4aon0097vVB5HbAGQDkXpDYYInSedQ=
Subject key identifier: AB:B5:D6:49:8B:0F:08:BF:12:12:03:85:1E:42:3E:8F:0A:59:BC:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34B322B7F965216C88EC9DD3AEB6E244FADEBC3E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Fri 23 May 2025 00:51:10 +0000
ROA not before: Fri 23 May 2025 00:51:10 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:b3:22:b7:f9:65:21:6c:88:ec:9d:d3:ae:b6:e2:44:fa:de:bc:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:10 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=235a14309c0896612660ab8df122893a0f71290d5a8cb825c169d454e9559751, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f4:83:fc:7f:3b:c9:84:b4:63:34:91:54:a7:
73:95:c7:bd:82:5a:1d:75:50:cf:a9:3e:de:e9:65:
03:e3:19:9a:12:d0:aa:c6:fa:44:d1:84:99:78:a5:
28:76:48:9b:00:6b:78:09:a7:44:f5:d7:ec:e0:aa:
03:78:25:b2:bc:6c:bf:3d:3d:2d:5b:f6:7e:7d:ae:
be:75:37:a8:ca:e6:95:6d:cb:d5:e8:80:06:10:2d:
49:ac:e7:9f:5d:29:ea:1e:65:87:8f:db:94:2e:ac:
fa:0f:9f:e6:50:8d:0f:75:ec:e4:8e:80:52:b5:c2:
e9:46:5b:41:45:a9:10:b1:60:c7:48:5c:7a:e0:06:
27:cc:3f:7c:3e:2c:7e:a3:eb:dd:a6:d4:6b:56:bb:
ef:49:b4:3b:2f:f7:77:ee:fc:b2:28:3b:dc:28:c2:
5e:b5:25:2c:67:36:8d:2f:c0:cb:de:b5:50:a3:af:
25:47:32:e3:33:e1:66:a0:07:94:a1:f4:90:2e:1a:
4e:0a:b6:78:ec:70:4e:64:1f:ab:cc:b3:35:4b:3d:
a7:bd:6d:8d:c2:48:b6:ba:c5:f6:06:9a:5b:e7:3b:
53:d2:4b:bd:94:42:77:7f:c4:4a:5f:c7:56:e2:38:
50:45:8c:06:fc:99:a0:dc:43:4e:e2:7e:15:2d:03:
d3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B5:D6:49:8B:0F:08:BF:12:12:03:85:1E:42:3E:8F:0A:59:BC:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:e9:34:68:89:92:1f:50:16:fd:fb:48:2d:d2:35:94:ee:81:
4e:1a:ee:7a:d7:ff:1f:f5:f7:34:5d:b4:0a:fa:0a:b6:98:3f:
ad:0c:36:09:01:69:47:f7:58:35:7d:fa:f1:73:44:c8:00:39:
9c:b7:a8:d2:de:ba:5a:4b:74:63:f9:8a:b0:48:9b:da:e9:94:
88:88:fa:57:b0:7d:53:5d:05:fe:13:48:98:ac:91:73:fd:a2:
36:f3:43:3c:06:f1:75:6e:82:89:9c:54:bc:84:99:6d:96:23:
5c:b0:f3:5a:40:9d:1f:63:b0:f3:30:db:a7:81:3a:a8:fd:4b:
9f:24:9a:ea:06:45:be:9d:25:52:13:00:0c:17:42:46:c9:6d:
08:09:ab:ed:ac:64:30:25:da:5e:dd:aa:7f:1e:11:9d:3b:17:
95:41:67:80:ec:78:20:4b:6b:b1:72:05:c6:8f:f0:c9:8f:e5:
f5:28:da:70:ac:f3:72:fa:2a:cf:66:de:bd:70:97:6d:74:e0:
d0:1a:ff:49:7a:af:59:43:02:d3:46:54:ef:fa:aa:31:0c:d7:
4c:d0:e9:61:0a:c0:d3:5f:3a:23:07:47:e3:4a:02:6a:a0:1e:
bc:c0:3d:d2:85:72:bc:80:7c:21:b6:95:ad:67:f2:83:cd:0f:
26:b8:f1:45
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNLMit/llIWyI7J3TrrbiRPrevD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMTBaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzNWExNDMwOWMwODk2NjEyNjYwYWI4ZGYxMjI4OTNhMGY3MTI5MGQ1YThj
YjgyNWMxNjlkNDU0ZTk1NTk3NTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO70g/x/O8mEtGM0kVSnc5XHvYJaHXVQz6k+3ullA+MZmhLQqsb6RNGEmXil
KHZImwBreAmnRPXX7OCqA3glsrxsvz09LVv2fn2uvnU3qMrmlW3L1eiABhAtSazn
n10p6h5lh4/blC6s+g+f5lCND3Xs5I6AUrXC6UZbQUWpELFgx0hceuAGJ8w/fD4s
fqPr3abUa1a770m0Oy/3d+78sig73CjCXrUlLGc2jS/Ay961UKOvJUcy4zPhZqAH
lKH0kC4aTgq2eOxwTmQfq8yzNUs9p71tjcJItrrF9gaaW+c7U9JLvZRCd3/ESl/H
VuI4UEWMBvyZoNxDTuJ+FS0D050CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSrtdZJ
iw8IvxISA4UeQj6PClm8TzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQAL6TRoiZIfUBb9+0gt0jWU7oFOGu561/8f9fc0XbQK
+gq2mD+tDDYJAWlH91g1ffrxc0TIADmct6jS3rpaS3Rj+YqwSJva6ZSIiPpXsH1T
XQX+E0iYrJFz/aI280M8BvF1boKJnFS8hJltliNcsPNaQJ0fY7DzMNungTqo/Uuf
JJrqBkW+nSVSEwAMF0JGyW0ICavtrGQwJdpe3ap/HhGdOxeVQWeA7HggS2uxcgXG
j/DJj+X1KNpwrPNy+irPZt69cJdtdODQGv9Jeq9ZQwLTRlTv+qoxDNdM0OlhCsDT
XzojB0fjSgJqoB68wD3ShXK8gHwhtpWtZ/KDzQ8muPFF
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:18:14 2025 by rpki-client