Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: l7xNOCEMu+7AQsTSv6KU+eBBMHBH3hJG84JDsHXH4SI=
Subject key identifier: B0:22:62:DA:71:F2:81:36:D4:E2:35:C9:F7:5B:5C:DD:5C:76:9F:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 67C7CE3D2F5CB7C3759B81455230D4F89FED9D58
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Mon 16 Jun 2025 22:00:05 +0000
ROA not before: Mon 16 Jun 2025 22:00:05 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:c7:ce:3d:2f:5c:b7:c3:75:9b:81:45:52:30:d4:f8:9f:ed:9d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:05 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f5df5c2a0d163f5e42b0ec6954192acb847eb9d8c9bee48c9579a40a47b38d00, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7c:ec:37:f6:d9:de:bb:c3:92:25:a5:c1:04:
47:eb:6b:6e:2f:a7:9c:d5:13:e4:62:53:4a:7a:7d:
39:f2:31:0c:49:1a:2e:bc:67:e9:72:60:cc:f5:5c:
30:0c:91:78:c0:ee:9f:6d:c4:19:4c:ea:2d:50:87:
8b:9c:1b:be:cd:48:5c:9a:82:86:8e:51:90:3c:aa:
65:3d:ea:a1:8a:89:d9:c2:7d:1f:fe:58:9e:c9:ed:
d9:06:d3:ea:92:31:65:c6:c3:1c:5d:50:52:a6:b9:
a5:76:05:97:2b:a4:fb:e4:4b:57:cd:15:21:33:0b:
a0:03:c1:5b:c3:92:67:20:2f:d6:5f:43:bd:77:29:
97:77:c5:ef:4c:8f:f0:c8:ac:de:dc:6c:d3:9c:55:
6f:2f:5b:7b:e4:39:ac:41:ec:a2:b5:97:d0:73:48:
43:c2:ed:c8:71:99:e2:30:b0:b8:c4:fa:5c:e0:c4:
12:6d:a5:83:27:df:40:64:d9:88:4f:48:39:2e:8d:
4f:aa:a8:9a:36:ed:ff:99:02:ae:8b:eb:4b:f8:9b:
f2:24:00:dc:35:d3:33:ef:82:ad:5f:ed:5b:b9:e2:
e1:f4:8a:43:b1:a6:95:03:5d:a4:ef:2a:4a:9f:cd:
68:42:7e:64:1c:45:76:2b:cc:34:73:8e:8e:39:c4:
8b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:22:62:DA:71:F2:81:36:D4:E2:35:C9:F7:5B:5C:DD:5C:76:9F:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c4:1d:97:21:7c:45:93:da:64:a2:0a:be:dc:9c:89:51:45:02:
bc:61:07:a1:c9:f1:b6:81:51:4b:58:c2:fc:37:ac:66:93:0f:
58:64:80:ce:21:98:e1:17:87:d4:95:72:b4:68:ce:76:6b:1e:
54:70:13:66:b4:7f:4c:6e:b6:1a:20:40:bc:37:17:e5:12:d5:
8d:57:91:02:ad:c3:f6:0a:04:3e:11:f3:e8:b8:99:cd:cf:0b:
dd:3e:6d:ce:3e:e6:b6:5e:5d:03:21:ed:6d:2d:f7:6b:5f:37:
4f:64:cf:d1:1b:5d:1d:d6:2f:04:2f:81:6c:0d:95:5c:7a:52:
46:af:95:b6:4f:94:79:e1:07:86:7b:a8:b5:50:e5:71:79:e5:
79:4c:3d:ff:4a:f2:ff:f0:49:7c:6b:42:f2:fa:be:a4:19:cd:
fc:e1:29:28:40:ea:fe:34:8d:88:04:c8:6b:75:f0:f9:4a:3e:
52:5a:48:44:f8:ed:cb:37:27:72:b4:e0:91:d9:a0:04:1a:92:
17:2e:0a:21:9d:e0:f3:eb:1a:8a:98:94:c7:49:31:44:13:e3:
a4:34:9e:6f:72:2c:cc:ca:25:3c:f8:8f:60:ba:2d:09:70:fa:
85:32:e9:0d:74:d5:6f:35:77:c2:09:21:f2:45:ea:c8:4e:ef:
03:e1:81:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZ8fOPS9ct8N1m4FFUjDU+J/tnVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZGY1YzJhMGQxNjNmNWU0MmIwZWM2OTU0MTkyYWNiODQ3ZWI5ZDhjOWJl
ZTQ4Yzk1NzlhNDBhNDdiMzhkMDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALB87Df22d67w5IlpcEER+trbi+nnNUT5GJTSnp9OfIxDEkaLrxn6XJgzPVc
MAyReMDun23EGUzqLVCHi5wbvs1IXJqCho5RkDyqZT3qoYqJ2cJ9H/5Ynsnt2QbT
6pIxZcbDHF1QUqa5pXYFlyuk++RLV80VITMLoAPBW8OSZyAv1l9DvXcpl3fF70yP
8Mis3txs05xVby9be+Q5rEHsorWX0HNIQ8LtyHGZ4jCwuMT6XODEEm2lgyffQGTZ
iE9IOS6NT6qomjbt/5kCrovrS/ib8iQA3DXTM++CrV/tW7ni4fSKQ7GmlQNdpO8q
Sp/NaEJ+ZBxFdivMNHOOjjnEi5sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSwImLa
cfKBNtTiNcn3W1zdXHaf/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQDEHZchfEWT2mSiCr7cnIlRRQK8YQehyfG2gVFLWML8
N6xmkw9YZIDOIZjhF4fUlXK0aM52ax5UcBNmtH9MbrYaIEC8NxflEtWNV5ECrcP2
CgQ+EfPouJnNzwvdPm3OPua2Xl0DIe1tLfdrXzdPZM/RG10d1i8EL4FsDZVcelJG
r5W2T5R54QeGe6i1UOVxeeV5TD3/SvL/8El8a0Ly+r6kGc384SkoQOr+NI2IBMhr
dfD5Sj5SWkhE+O3LNydytOCR2aAEGpIXLgohneDz6xqKmJTHSTFEE+OkNJ5vcizM
yiU8+I9gui0JcPqFMukNdNVvNXfCCSHyRerITu8D4YGT
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:32:25 2025 by rpki-client