Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: hpohy60MORchH4m46J8/liloySiPfXSk1PfPFCwLTn0=
Subject key identifier: CC:4E:21:8B:5B:BB:55:24:C2:13:59:AD:4F:E3:7B:9D:60:0E:A4:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1530583D3840D3E99CE8B45E0909B003C8719CA9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Wed 25 Jun 2025 00:50:16 +0000
ROA not before: Wed 25 Jun 2025 00:50:16 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:30:58:3d:38:40:d3:e9:9c:e8:b4:5e:09:09:b0:03:c8:71:9c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:16 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=6d192ad3cda76888359668bf59052230a0477a95af9aa8e852b535ac720ca6e1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2f:88:00:17:de:b1:8d:ac:2e:0f:a5:63:ec:
a8:de:30:86:21:c1:b5:23:7e:12:83:92:21:f4:43:
25:e3:3c:9d:5a:d1:81:1e:bf:53:6f:ae:75:52:ee:
0f:a6:4d:0d:ed:63:a0:66:93:6e:aa:c6:26:aa:20:
79:8b:f5:bf:88:3f:47:8e:41:71:fa:7c:8d:e5:c8:
d2:2b:e0:30:24:b5:ec:68:52:f2:54:c0:cf:9e:92:
7a:01:ec:b1:1b:c1:45:bd:b2:8f:92:3d:25:23:fc:
30:37:a7:88:f9:14:00:9d:c6:a4:25:e2:60:aa:39:
69:1d:99:14:c0:17:b6:d7:06:bd:78:8e:d4:0e:bb:
d9:c2:43:2e:12:cb:95:2d:58:00:15:0c:45:58:4d:
9f:4c:21:16:c2:bb:2d:a9:a4:d8:05:79:8b:dc:ff:
01:7d:b9:7e:36:5b:7d:ad:b2:69:9a:1f:84:5d:91:
75:e9:8f:75:3d:07:a3:cd:26:bb:a4:94:7d:cb:30:
b1:26:6b:a1:8b:4d:17:ec:fb:7b:95:06:9f:d4:a2:
02:59:82:b1:cc:aa:84:fe:61:84:cd:03:e0:28:a0:
bc:52:2b:4f:9a:22:c8:da:ca:ac:8c:28:4f:46:3e:
2b:cc:ae:a0:a5:5c:ba:50:7b:7c:77:91:b2:5f:d1:
ef:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:4E:21:8B:5B:BB:55:24:C2:13:59:AD:4F:E3:7B:9D:60:0E:A4:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:82:45:3f:c5:3a:7b:5d:a4:98:ad:63:34:ff:b8:55:48:42:
85:af:2b:fb:48:61:b1:c3:dd:20:12:45:9f:a9:7b:69:fe:3f:
65:da:94:51:65:17:9c:20:b7:e1:2f:39:66:91:1d:e9:47:9d:
41:e9:99:c8:28:6f:6e:07:c0:1b:c8:1a:45:ee:0d:ab:c8:d5:
1c:9a:a8:06:a7:d5:8c:2b:11:d8:e3:17:67:6e:58:4f:8c:2e:
73:90:d4:3a:70:de:86:01:5c:bc:65:46:a9:0d:56:dc:48:ea:
69:94:b2:95:64:b3:d3:96:8a:50:9e:71:be:a8:57:96:91:e6:
4a:ef:77:a0:b6:23:63:25:90:a6:0e:1f:bd:75:fa:5b:2c:75:
8d:a2:e7:a1:9a:14:96:f2:1e:9f:f2:9a:75:f2:43:af:a8:1f:
58:5a:db:29:0e:22:7a:b0:72:59:fa:d1:e4:19:f8:40:85:48:
98:9d:f2:5d:e5:ee:f4:9c:ed:a8:bc:e2:87:a7:26:d8:40:81:
b0:7c:99:31:49:92:08:94:90:89:e8:1d:0a:cd:50:a8:21:87:
7e:a3:a9:9a:ae:a0:bb:d2:25:8f:1c:e8:d2:a3:e0:63:43:ef:
57:96:87:81:9b:c5:44:84:e6:69:8c:0f:18:15:de:bc:5b:20:
f8:e7:0c:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFTBYPThA0+mc6LReCQmwA8hxnKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMTZaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkMTkyYWQzY2RhNzY4ODgzNTk2NjhiZjU5MDUyMjMwYTA0NzdhOTVhZjlh
YThlODUyYjUzNWFjNzIwY2E2ZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAviAAX3rGNrC4PpWPsqN4whiHBtSN+EoOSIfRDJeM8nVrRgR6/U2+udVLu
D6ZNDe1joGaTbqrGJqogeYv1v4g/R45Bcfp8jeXI0ivgMCS17GhS8lTAz56SegHs
sRvBRb2yj5I9JSP8MDeniPkUAJ3GpCXiYKo5aR2ZFMAXttcGvXiO1A672cJDLhLL
lS1YABUMRVhNn0whFsK7Lamk2AV5i9z/AX25fjZbfa2yaZofhF2RdemPdT0Ho80m
u6SUfcswsSZroYtNF+z7e5UGn9SiAlmCscyqhP5hhM0D4CigvFIrT5oiyNrKrIwo
T0Y+K8yuoKVculB7fHeRsl/R77cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMTiGL
W7tVJMITWa1P43udYA6kdTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQB8gkU/xTp7XaSYrWM0/7hVSEKFryv7SGGxw90gEkWf
qXtp/j9l2pRRZRecILfhLzlmkR3pR51B6ZnIKG9uB8AbyBpF7g2ryNUcmqgGp9WM
KxHY4xdnblhPjC5zkNQ6cN6GAVy8ZUapDVbcSOpplLKVZLPTlopQnnG+qFeWkeZK
73egtiNjJZCmDh+9dfpbLHWNouehmhSW8h6f8pp18kOvqB9YWtspDiJ6sHJZ+tHk
GfhAhUiYnfJd5e70nO2ovOKHpybYQIGwfJkxSZIIlJCJ6B0KzVCoIYd+o6marqC7
0iWPHOjSo+BjQ+9XloeBm8VEhOZpjA8YFd68WyD45wxV
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:41:57 2025 by rpki-client