Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: J310poWovHivPTiC+WKYLA3iMqL37Wu/2qcuSXA0Gh0=
Subject key identifier: 91:0F:35:4B:24:2F:51:01:71:74:39:0A:3C:C9:79:79:28:31:4E:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E2A1EA863AAC3171AEC975358F8939626737AD8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Mon 16 Jun 2025 22:00:07 +0000
ROA not before: Mon 16 Jun 2025 22:00:07 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:2a:1e:a8:63:aa:c3:17:1a:ec:97:53:58:f8:93:96:26:73:7a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:07 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d9c27951521622f6e7cfed58a5d7c1ccb25b5ca5016a44913ef9cbbd81ebac9a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d9:0e:db:e9:ca:46:36:f6:fd:f7:03:a6:c4:
82:dd:6a:ee:f1:74:34:32:61:98:52:08:0d:d4:3b:
13:9b:57:6b:f2:58:05:b6:86:e1:56:53:de:93:9c:
c4:57:92:18:40:c0:72:03:79:0a:c7:02:da:13:09:
e6:a0:eb:b0:43:df:47:ef:22:89:53:1d:ca:c1:82:
47:7e:a1:c2:90:d6:43:3f:18:46:6e:41:ff:05:fd:
86:0d:ac:e8:ba:bb:0e:e7:c1:61:2f:f9:be:16:53:
d6:a1:24:74:c9:c0:13:1e:93:17:d5:1d:cc:63:5d:
5a:4d:e8:53:fa:24:b2:e6:e8:d4:4b:18:ee:db:b6:
5f:86:ef:e7:43:b1:75:ac:d4:49:d0:a8:38:e3:09:
0f:28:3f:46:0f:42:24:47:74:b2:5e:69:d6:dc:79:
b2:ad:da:f6:d8:d1:b5:80:62:44:30:a2:34:c8:a1:
d3:82:bf:fd:7e:19:6a:a8:2d:ea:f2:bb:70:b7:89:
af:a5:49:bf:45:ae:a3:29:86:12:bb:67:7f:54:9c:
29:f5:ff:92:aa:03:e9:30:01:0f:34:15:8f:c6:fc:
04:04:0e:29:ea:21:80:e0:a4:40:d1:e1:43:0b:18:
16:0c:e0:16:7d:b3:78:32:92:42:9a:9a:ec:95:5a:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0F:35:4B:24:2F:51:01:71:74:39:0A:3C:C9:79:79:28:31:4E:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ce:a7:fd:4f:6a:73:10:52:02:f0:c1:eb:72:5b:da:dc:49:e3:
17:30:c5:2c:04:1f:ad:01:e8:30:1d:17:3f:e9:bc:10:26:ed:
cb:63:a4:f0:ed:21:5f:df:35:60:a7:c6:56:63:f5:70:9b:97:
fd:b6:42:79:26:42:11:9b:5d:d7:a1:1b:ec:aa:ec:30:f6:bc:
ac:34:42:8b:94:79:b0:7d:ec:a6:b9:a7:82:be:d9:35:8f:43:
4b:60:81:3b:09:30:8b:9c:11:79:e5:fd:2a:48:bf:d7:6b:2a:
dd:d9:ae:1b:39:3d:e5:3c:36:aa:c1:c6:2c:9c:59:28:90:ba:
fe:3b:2d:16:79:dc:24:ff:9c:97:39:32:12:c9:c7:8b:bd:a7:
a8:63:ff:4a:0e:d7:97:f5:53:42:2b:d5:b4:81:03:30:fd:d1:
c3:3d:17:f2:42:6b:fd:d8:9f:9c:88:a8:f8:32:94:bb:7d:6a:
6d:f2:26:38:4e:dc:9a:4b:92:de:70:55:16:26:b0:5d:87:1b:
e6:7c:65:e7:16:dc:d2:0e:50:08:43:c3:82:03:b7:92:30:ea:
65:00:03:56:36:74:57:04:0a:9a:84:32:4b:ec:90:32:a1:63:
aa:66:c9:e4:fd:b5:47:3d:44:72:a3:25:81:d1:32:3f:24:19:
b2:93:80:1a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULioeqGOqwxca7JdTWPiTliZzetgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMDdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5YzI3OTUxNTIxNjIyZjZlN2NmZWQ1OGE1ZDdjMWNjYjI1YjVjYTUwMTZh
NDQ5MTNlZjljYmJkODFlYmFjOWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7ZDtvpykY29v33A6bEgt1q7vF0NDJhmFIIDdQ7E5tXa/JYBbaG4VZT3pOc
xFeSGEDAcgN5CscC2hMJ5qDrsEPfR+8iiVMdysGCR36hwpDWQz8YRm5B/wX9hg2s
6Lq7DufBYS/5vhZT1qEkdMnAEx6TF9UdzGNdWk3oU/oksubo1EsY7tu2X4bv50Ox
dazUSdCoOOMJDyg/Rg9CJEd0sl5p1tx5sq3a9tjRtYBiRDCiNMih04K//X4Zaqgt
6vK7cLeJr6VJv0WuoymGErtnf1ScKfX/kqoD6TABDzQVj8b8BAQOKeohgOCkQNHh
QwsYFgzgFn2zeDKSQpqa7JVaM8sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSRDzVL
JC9RAXF0OQo8yXl5KDFO3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQDOp/1PanMQUgLwwetyW9rcSeMXMMUsBB+tAegwHRc/
6bwQJu3LY6Tw7SFf3zVgp8ZWY/Vwm5f9tkJ5JkIRm13XoRvsquww9rysNEKLlHmw
feymuaeCvtk1j0NLYIE7CTCLnBF55f0qSL/Xayrd2a4bOT3lPDaqwcYsnFkokLr+
Oy0Wedwk/5yXOTISyceLvaeoY/9KDteX9VNCK9W0gQMw/dHDPRfyQmv92J+ciKj4
MpS7fWpt8iY4TtyaS5LecFUWJrBdhxvmfGXnFtzSDlAIQ8OCA7eSMOplAANWNnRX
BAqahDJL7JAyoWOqZsnk/bVHPURyoyWB0TI/JBmyk4Aa
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:07:25 2025 by rpki-client