Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json)
Hash identifier: v7AE/wstVCrERd2d50E/MT6tsoa6KZFIVRKRJ0kKh/M=
Subject key identifier: 43:56:FD:54:13:A6:7F:DB:E6:01:87:A4:0A:40:18:02:81:8C:BA:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 703CC2B040EC75A4EC027E4E7942B16C07A15109
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
Signing time: Mon 16 Jun 2025 22:00:08 +0000
ROA not before: Mon 16 Jun 2025 22:00:08 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:3c:c2:b0:40:ec:75:a4:ec:02:7e:4e:79:42:b1:6c:07:a1:51:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:08 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f987dbd8c2c6599f0c99639aa875360a33d55ed1e32dd1cc2c3e72b366fd1876, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:94:2a:e9:a1:fd:0e:6a:b4:c4:e0:d0:d7:bd:
a9:6e:78:fc:5e:bd:95:d8:60:b7:b4:c2:b9:99:9d:
57:9f:df:a9:3e:db:07:42:18:e6:45:7b:d0:75:83:
6a:37:ec:47:99:4f:db:3e:82:d9:8c:37:35:dd:9c:
c1:04:0c:74:d6:8d:fc:09:cf:66:cc:6c:7c:40:f7:
ff:ec:3d:1a:03:a8:f6:e8:34:31:12:fa:66:67:a2:
92:cf:c9:16:45:86:3c:0b:21:91:15:4b:cd:60:75:
7c:1e:ba:3a:d1:10:c2:85:00:73:94:d7:3a:69:4f:
db:a5:65:18:bf:8c:27:39:fe:c7:c7:f3:e3:92:fa:
8a:aa:79:93:ab:c3:a6:a5:d1:48:13:f1:bb:2c:72:
70:7f:4e:8f:f2:c8:e2:c6:f2:43:e4:b5:5e:d7:c3:
63:0b:94:15:02:d3:e1:c1:c1:e4:97:e0:a2:eb:9f:
ca:ee:c9:cf:8d:84:5a:f9:44:d6:6c:d7:b8:8d:0c:
26:63:ea:03:54:e2:fd:68:90:99:8d:03:7f:6d:e9:
11:4c:64:dc:6b:08:19:e1:15:e7:27:1e:4c:8f:3c:
7d:5e:ca:73:35:d4:03:cd:d6:55:00:71:2e:73:8f:
2d:59:97:3c:68:12:54:8c:cc:03:82:93:2e:d7:b1:
84:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:56:FD:54:13:A6:7F:DB:E6:01:87:A4:0A:40:18:02:81:8C:BA:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6b:a9:c3:80:ce:82:74:9c:ec:d9:f8:62:23:b6:84:82:c2:0d:
35:52:a0:f8:82:91:81:2d:f2:bf:60:55:1c:12:90:9b:91:3a:
38:e9:4b:19:86:5e:b2:41:d7:3b:d8:59:34:a9:5c:ab:90:79:
60:9e:cf:46:f6:b6:fc:eb:06:a0:27:f9:a9:ac:7a:da:90:95:
32:e4:f5:17:42:8f:27:54:f9:34:94:56:89:12:71:62:3d:64:
1b:cd:9b:c4:3f:de:12:13:4d:df:d6:34:59:4f:f5:f4:e7:72:
f2:80:1d:35:a1:9b:eb:82:bc:28:81:46:9e:d2:0c:57:2a:36:
73:b7:19:89:1b:f6:4b:ce:db:b8:d3:e3:d5:54:04:7b:58:af:
f1:ea:3b:82:81:8b:72:58:b5:9f:cb:db:e1:18:3c:08:f9:c6:
55:bf:45:1e:8b:dd:d3:ad:b8:32:86:5a:f2:51:a5:0b:13:8c:
1d:ee:f9:75:d2:48:c8:89:9d:cf:7f:0b:4b:eb:8e:43:53:79:
3b:85:81:53:6b:e2:5c:aa:00:de:1b:82:a8:1c:b8:ae:ae:87:
6d:74:a3:78:c0:18:aa:b4:92:35:05:ed:e4:0a:da:95:ea:93:
1a:8c:33:da:69:63:35:91:53:26:1d:84:f2:da:6c:b2:78:8b:
2a:86:0c:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcDzCsEDsdaTsAn5OeUKxbAehUQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5ODdkYmQ4YzJjNjU5OWYwYzk5NjM5YWE4NzUzNjBhMzNkNTVlZDFlMzJk
ZDFjYzJjM2U3MmIzNjZmZDE4NzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyUKumh/Q5qtMTg0Ne9qW54/F69ldhgt7TCuZmdV5/fqT7bB0IY5kV70HWD
ajfsR5lP2z6C2Yw3Nd2cwQQMdNaN/AnPZsxsfED3/+w9GgOo9ug0MRL6Zmeiks/J
FkWGPAshkRVLzWB1fB66OtEQwoUAc5TXOmlP26VlGL+MJzn+x8fz45L6iqp5k6vD
pqXRSBPxuyxycH9Oj/LI4sbyQ+S1XtfDYwuUFQLT4cHB5Jfgouufyu7Jz42EWvlE
1mzXuI0MJmPqA1Ti/WiQmY0Df23pEUxk3GsIGeEV5yceTI88fV7KczXUA83WVQBx
LnOPLVmXPGgSVIzMA4KTLtexhBkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRDVv1U
E6Z/2+YBh6QKQBgCgYy62jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQBrqcOAzoJ0nOzZ+GIjtoSCwg01UqD4gpGBLfK/YFUc
EpCbkTo46UsZhl6yQdc72Fk0qVyrkHlgns9G9rb86wagJ/mprHrakJUy5PUXQo8n
VPk0lFaJEnFiPWQbzZvEP94SE03f1jRZT/X053LygB01oZvrgrwogUae0gxXKjZz
txmJG/ZLztu40+PVVAR7WK/x6juCgYtyWLWfy9vhGDwI+cZVv0Uei93Trbgyhlry
UaULE4wd7vl10kjIiZ3PfwtL645DU3k7hYFTa+JcqgDeG4KoHLiurodtdKN4wBiq
tJI1Be3kCtqV6pMajDPaaWM1kVMmHYTy2myyeIsqhgyQ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:18:33 2025 by rpki-client