Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: oIVuFwNnecDUS6rWhcmSAy85vRddwBXKIL//03fMhtU=
Subject key identifier: 10:AF:1C:3C:C1:EF:8D:DE:92:96:5F:2E:50:B6:89:B3:73:C2:16:5D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 795FD58C107F2A3102E013AA44B023439166A46A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Mon 16 Jun 2025 21:51:00 +0000
ROA not before: Mon 16 Jun 2025 21:51:00 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:5f:d5:8c:10:7f:2a:31:02:e0:13:aa:44:b0:23:43:91:66:a4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:00 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=6b72654c87fb231a1107d04326d3aa3fbccd6a811457de85126e1007dc7ae4c3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8d:cf:be:ce:3a:ea:b5:0e:e5:a7:1a:2c:7d:
de:07:86:1a:b4:e4:19:14:b3:1d:ca:4e:d0:1d:6c:
c9:7a:70:77:04:55:8c:15:1e:00:45:91:b9:24:07:
88:0a:43:d5:39:63:a4:6b:17:db:f5:09:a5:81:2e:
79:3d:e7:94:0e:ee:ff:e8:aa:93:25:0c:1a:7a:ce:
57:28:6d:2c:01:5a:07:d0:e5:1c:8a:5d:de:e8:c8:
74:70:81:65:eb:95:55:5d:ad:76:1a:fe:87:ef:4e:
b2:55:c9:1f:8c:c4:7f:ad:70:94:37:87:ef:a9:d5:
db:bc:cd:7b:bc:8b:c5:30:14:be:d5:b6:a9:01:71:
3f:16:34:cc:8f:79:68:39:04:45:72:55:18:7b:a0:
e7:72:ef:50:cb:08:96:2d:13:54:51:13:71:4f:ae:
ad:f3:15:c6:61:ef:da:12:b1:b3:f9:d1:85:32:4a:
36:b9:f6:3f:ce:38:ce:05:b0:4b:03:a3:18:cb:64:
92:be:7f:ce:17:a7:56:fd:62:0f:2c:68:6f:20:a7:
f8:58:e2:8a:04:06:68:c7:97:3d:f0:b7:75:1a:d4:
86:ca:67:d8:b8:0d:1a:8a:44:ef:b3:24:0b:fe:c5:
52:ae:a8:70:f3:d8:89:3f:fa:eb:7c:97:d1:04:a9:
35:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AF:1C:3C:C1:EF:8D:DE:92:96:5F:2E:50:B6:89:B3:73:C2:16:5D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
59:16:f9:45:a6:b7:23:6f:32:44:76:ca:52:82:f6:e9:7d:54:
7a:cc:bb:da:af:7c:9c:d1:ab:44:7c:07:4e:52:fe:89:d0:5d:
b4:50:bd:d5:2f:9b:a9:e0:23:eb:10:bc:47:a7:8f:e0:3f:af:
ee:06:e9:55:99:47:5a:26:70:9a:23:5d:ea:5a:54:ac:b0:14:
3d:24:45:64:e7:8e:35:4b:d4:cb:b0:88:87:ec:bb:94:b7:1b:
d8:98:2f:ff:b1:09:fb:43:a2:a9:15:78:e3:a7:c1:24:e3:87:
12:47:e9:66:11:a5:b5:dc:23:6f:65:03:01:63:45:e5:f0:19:
b3:7b:bb:d3:b5:c5:84:97:b2:fa:03:a1:e2:a9:cc:8b:c9:0d:
77:05:ac:34:a9:0f:21:b6:13:e3:ee:40:21:cc:6b:1e:d8:3c:
55:2d:c6:fe:09:22:51:13:0d:12:c1:3f:4f:b9:0a:ac:4d:54:
3f:e2:ae:24:30:e5:68:9e:15:61:f4:1e:fa:ef:7b:f1:d6:3e:
d5:a8:f3:5a:67:0f:7a:87:19:ea:a0:c9:3c:49:be:95:24:c3:
c0:ff:5c:38:0d:a2:47:b9:05:f7:85:05:3c:7d:a8:7f:8b:75:
4c:1a:75:84:71:95:c7:0d:7a:ce:81:dc:f7:4c:42:2d:e2:72:
a5:cf:6b:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeV/VjBB/KjEC4BOqRLAjQ5FmpGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMDBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNzI2NTRjODdmYjIzMWExMTA3ZDA0MzI2ZDNhYTNmYmNjZDZhODExNDU3
ZGU4NTEyNmUxMDA3ZGM3YWU0YzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJONz77OOuq1DuWnGix93geGGrTkGRSzHcpO0B1syXpwdwRVjBUeAEWRuSQH
iApD1TljpGsX2/UJpYEueT3nlA7u/+iqkyUMGnrOVyhtLAFaB9DlHIpd3ujIdHCB
ZeuVVV2tdhr+h+9OslXJH4zEf61wlDeH76nV27zNe7yLxTAUvtW2qQFxPxY0zI95
aDkERXJVGHug53LvUMsIli0TVFETcU+urfMVxmHv2hKxs/nRhTJKNrn2P844zgWw
SwOjGMtkkr5/zhenVv1iDyxobyCn+FjiigQGaMeXPfC3dRrUhspn2LgNGopE77Mk
C/7FUq6ocPPYiT/663yX0QSpNYUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQrxw8
we+N3pKWXy5Qtomzc8IWXTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQBZFvlFprcjbzJEdspSgvbpfVR6zLvar3yc0atEfAdO
Uv6J0F20UL3VL5up4CPrELxHp4/gP6/uBulVmUdaJnCaI13qWlSssBQ9JEVk5441
S9TLsIiH7LuUtxvYmC//sQn7Q6KpFXjjp8Ek44cSR+lmEaW13CNvZQMBY0Xl8Bmz
e7vTtcWEl7L6A6HiqcyLyQ13Baw0qQ8hthPj7kAhzGse2DxVLcb+CSJREw0SwT9P
uQqsTVQ/4q4kMOVonhVh9B7673vx1j7VqPNaZw96hxnqoMk8Sb6VJMPA/1w4DaJH
uQX3hQU8fah/i3VMGnWEcZXHDXrOgdz3TEIt4nKlz2t1
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:19:37 2025 by rpki-client