Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: NhxO8y6QLvS6knxf59pG3DZqic+6BUpiEp+hjhsBCyM=
Subject key identifier: EB:7D:1D:8D:A0:D8:B3:89:BD:FB:D6:3C:C5:EC:B3:5E:67:B0:2E:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C7A30F6A267DABA9FD902293A3724DE0C510988
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Mon 16 Jun 2025 21:50:56 +0000
ROA not before: Mon 16 Jun 2025 21:50:56 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:7a:30:f6:a2:67:da:ba:9f:d9:02:29:3a:37:24:de:0c:51:09:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:56 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=474fba9099dbf59f9996e383f866177b8914da2d3342881334132f1f5c76593f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ce:0b:be:f9:42:86:a9:50:20:9d:b6:6c:5d:
2b:c3:bd:9e:60:bb:1b:61:23:a4:c6:37:40:ed:ca:
de:1b:70:7e:94:eb:6c:fe:63:bb:ed:6f:25:61:50:
79:ba:14:8a:30:4f:b2:be:30:e9:2d:73:cb:ce:3c:
22:85:09:29:02:02:d7:f3:be:8c:9c:ea:0d:65:2e:
c6:96:05:49:b0:cf:d3:e0:18:6b:9e:a5:b1:46:e8:
ac:a5:57:99:fe:9a:09:44:04:b7:b9:5d:d0:37:ab:
0b:89:45:50:d0:a3:43:83:d3:d7:23:1f:3b:c8:68:
3e:14:e5:5f:14:48:c0:7d:7e:b6:75:c8:3e:e9:de:
e5:6b:58:5d:a6:c4:f4:f2:ee:9a:d3:63:aa:8f:c1:
b5:db:ba:d5:53:1b:8d:bf:42:e8:47:f9:3e:c2:b1:
a4:2f:7e:79:fd:41:6d:a6:fe:3d:be:eb:e3:fa:63:
c4:40:6e:d7:3a:c8:31:8f:68:f8:3b:9e:42:30:69:
3b:8b:76:42:1d:94:a5:79:76:68:55:a9:02:62:aa:
a9:ef:e3:0f:c0:4c:a0:eb:7e:7b:37:b8:c2:fa:97:
40:b5:0c:11:84:e0:b2:2e:ff:32:35:ae:4c:8b:ee:
9f:e1:bb:bd:fb:f9:8e:ff:05:19:c7:d0:28:7c:7f:
2e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7D:1D:8D:A0:D8:B3:89:BD:FB:D6:3C:C5:EC:B3:5E:67:B0:2E:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5c:b6:54:fa:56:26:1d:e6:89:76:a3:80:9b:24:9d:ce:c9:67:
f7:99:fd:ea:2c:12:f7:c6:af:78:35:5c:1e:74:17:2d:64:6a:
7f:5b:a6:15:9b:55:1b:17:95:06:5c:a7:4f:1d:31:cc:83:c1:
87:b0:59:c7:d1:23:18:4b:76:39:07:ea:d6:42:7d:d2:25:56:
95:84:53:4b:70:64:75:56:ea:04:12:a0:ba:d6:32:1b:52:b6:
21:31:15:bf:80:cf:d0:ed:cb:b3:64:a8:6b:67:84:e5:52:97:
8e:50:5c:ce:d1:8a:2f:b7:bc:02:b2:0f:7c:bc:61:45:5a:16:
2a:91:e5:9d:68:21:6c:ee:4a:60:6c:a9:a8:e4:f4:61:07:a3:
7a:0d:e4:ba:5e:60:c0:97:19:59:c4:ea:05:93:d7:37:97:d9:
61:cb:ab:29:fd:38:e3:38:cf:94:94:3b:b5:95:86:54:b1:6a:
a1:b3:4c:6e:b9:c9:ed:05:b8:ed:00:7f:99:84:7b:fb:00:6a:
0a:22:e0:92:09:ed:8f:be:fc:f7:3e:70:3c:d0:2d:26:b9:ab:
b3:b1:01:7d:d5:84:52:02:da:38:5c:e5:45:e0:57:74:1e:e0:
f7:47:bb:ea:14:88:27:22:42:36:2b:6a:d3:c6:2b:96:eb:f4:
83:05:ff:b4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDHow9qJn2rqf2QIpOjck3gxRCYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNTZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3NGZiYTkwOTlkYmY1OWY5OTk2ZTM4M2Y4NjYxNzdiODkxNGRhMmQzMzQy
ODgxMzM0MTMyZjFmNWM3NjU5M2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7OC775QoapUCCdtmxdK8O9nmC7G2EjpMY3QO3K3htwfpTrbP5ju+1vJWFQ
eboUijBPsr4w6S1zy848IoUJKQIC1/O+jJzqDWUuxpYFSbDP0+AYa56lsUborKVX
mf6aCUQEt7ld0DerC4lFUNCjQ4PT1yMfO8hoPhTlXxRIwH1+tnXIPune5WtYXabE
9PLumtNjqo/Btdu61VMbjb9C6Ef5PsKxpC9+ef1Bbab+Pb7r4/pjxEBu1zrIMY9o
+DueQjBpO4t2Qh2UpXl2aFWpAmKqqe/jD8BMoOt+eze4wvqXQLUMEYTgsi7/MjWu
TIvun+G7vfv5jv8FGcfQKHx/LlUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTrfR2N
oNizib371jzF7LNeZ7AuATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBctlT6ViYd5ol2o4CbJJ3OyWf3mf3qLBL3xq94NVwe
dBctZGp/W6YVm1UbF5UGXKdPHTHMg8GHsFnH0SMYS3Y5B+rWQn3SJVaVhFNLcGR1
VuoEEqC61jIbUrYhMRW/gM/Q7cuzZKhrZ4TlUpeOUFzO0Yovt7wCsg98vGFFWhYq
keWdaCFs7kpgbKmo5PRhB6N6DeS6XmDAlxlZxOoFk9c3l9lhy6sp/TjjOM+UlDu1
lYZUsWqhs0xuucntBbjtAH+ZhHv7AGoKIuCSCe2Pvvz3PnA80C0muauzsQF91YRS
Ato4XOVF4Fd0HuD3R7vqFIgnIkI2K2rTxiuW6/SDBf+0
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:42:51 2025 by rpki-client