Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json)
Hash identifier: gR7MOcmPwxqEaXB7jD+DOl3z5r0+e+eY5gDK91P/TgA=
Subject key identifier: 2B:0D:24:9F:BD:B9:CA:F0:0C:76:CD:39:D3:1C:DD:01:DD:39:5A:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35CC7E2091BFA78DC1B136EDF053C6584245ABA2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
Signing time: Mon 16 Jun 2025 21:51:27 +0000
ROA not before: Mon 16 Jun 2025 21:51:27 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:cc:7e:20:91:bf:a7:8d:c1:b1:36:ed:f0:53:c6:58:42:45:ab:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:27 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=7c3351dd579bab32eacc94a420a1e8e9a828b7c856a66aa9813bc7815468b5f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f2:a1:86:96:b1:87:38:3b:d0:1b:82:b2:60:
c4:02:af:5a:13:b9:08:75:6d:a6:5c:79:25:f0:50:
8b:09:ad:2f:8f:1b:a0:18:8e:85:c5:0d:5f:e3:88:
77:1d:28:12:27:df:18:e6:c3:8b:7e:6f:63:46:8f:
b9:ff:0e:5f:bc:08:fc:77:b8:7e:7a:10:04:65:6b:
f1:28:f4:66:c7:34:5f:e9:e5:5f:b1:3a:61:a4:65:
31:0f:f5:10:9e:ed:fd:6a:0c:d0:02:2a:f5:dc:d8:
60:b9:81:b3:c9:99:39:52:c1:32:28:8e:56:52:43:
c8:7b:3a:91:8a:63:a8:0e:be:8a:d0:54:0b:43:37:
1a:1d:bd:da:0a:28:04:f5:84:e6:fc:3f:a2:f0:1f:
5b:c1:39:3d:ef:b5:75:b1:3d:81:c4:34:49:97:89:
24:91:b8:ae:04:0f:86:e9:45:f7:52:16:17:d2:e5:
40:90:20:6d:f9:76:91:fe:66:7a:39:47:b3:28:19:
9e:23:35:66:21:cd:cf:94:88:d2:73:56:5c:24:79:
0b:67:fc:87:15:81:79:67:c1:a7:4c:a3:81:d6:05:
4a:07:57:85:6e:f8:bb:74:e1:01:e4:af:c8:a6:93:
d0:25:83:40:c8:dd:9c:9e:20:f8:a3:db:29:08:ed:
c4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0D:24:9F:BD:B9:CA:F0:0C:76:CD:39:D3:1C:DD:01:DD:39:5A:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
38:91:bb:6c:14:7d:05:86:95:ad:22:54:cf:76:32:82:75:55:
2b:fb:0e:9e:63:2e:5c:c9:e5:f7:28:8e:90:b1:8c:c9:7a:2a:
21:c8:0b:56:f2:ef:2a:34:8c:38:0a:f2:09:99:94:84:fb:c5:
18:74:d8:db:39:c5:8c:14:ba:67:5d:87:39:e8:eb:46:ff:32:
a7:98:bb:17:b5:89:4c:92:30:95:f8:3e:2a:84:b6:90:e7:ec:
cb:a5:9a:7b:2d:8a:35:71:c2:c8:0f:ad:7a:4a:27:00:6f:79:
75:b9:32:6a:9e:4d:11:ac:54:f2:2b:9d:a1:7d:43:8c:61:11:
9c:37:82:39:ef:a3:3b:84:bf:c3:e0:b2:f8:87:00:8d:c5:22:
3a:56:b3:e4:94:fe:31:e2:b1:cf:77:fd:c2:35:f1:63:c4:f9:
5c:79:18:05:97:bf:39:71:27:aa:ae:00:87:f2:3e:ad:68:27:
4e:19:be:0a:2c:41:a8:9b:1c:94:dd:95:bf:0c:a0:fa:96:e9:
0d:72:50:d0:b2:5a:fa:2e:cb:db:c7:6d:da:07:3b:34:4b:55:
31:b7:0a:7b:02:ce:85:53:1e:07:fe:17:3b:65:b3:9c:16:e6:
23:c0:18:eb:77:60:5d:2f:df:58:31:a1:e2:47:76:86:78:29:
a8:b0:ad:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNcx+IJG/p43BsTbt8FPGWEJFq6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMjdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjMzM1MWRkNTc5YmFiMzJlYWNjOTRhNDIwYTFlOGU5YTgyOGI3Yzg1NmE2
NmFhOTgxM2JjNzgxNTQ2OGI1ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI3yoYaWsYc4O9AbgrJgxAKvWhO5CHVtplx5JfBQiwmtL48boBiOhcUNX+OI
dx0oEiffGObDi35vY0aPuf8OX7wI/He4fnoQBGVr8Sj0Zsc0X+nlX7E6YaRlMQ/1
EJ7t/WoM0AIq9dzYYLmBs8mZOVLBMiiOVlJDyHs6kYpjqA6+itBUC0M3Gh292goo
BPWE5vw/ovAfW8E5Pe+1dbE9gcQ0SZeJJJG4rgQPhulF91IWF9LlQJAgbfl2kf5m
ejlHsygZniM1ZiHNz5SI0nNWXCR5C2f8hxWBeWfBp0yjgdYFSgdXhW74u3ThAeSv
yKaT0CWDQMjdnJ4g+KPbKQjtxH0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQrDSSf
vbnK8Ax2zTnTHN0B3TlakTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQA4kbtsFH0FhpWtIlTPdjKCdVUr+w6eYy5cyeX3KI6Q
sYzJeiohyAtW8u8qNIw4CvIJmZSE+8UYdNjbOcWMFLpnXYc56OtG/zKnmLsXtYlM
kjCV+D4qhLaQ5+zLpZp7LYo1ccLID616SicAb3l1uTJqnk0RrFTyK52hfUOMYRGc
N4I576M7hL/D4LL4hwCNxSI6VrPklP4x4rHPd/3CNfFjxPlceRgFl785cSeqrgCH
8j6taCdOGb4KLEGomxyU3ZW/DKD6lukNclDQslr6Lsvbx23aBzs0S1Uxtwp7As6F
Ux4H/hc7ZbOcFuYjwBjrd2BdL99YMaHiR3aGeCmosK0K
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:20:06 2025 by rpki-client