Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: bDMIKtYViwXhpD1Cw++ZFdtZmuBEpGSciKJMD/NxNC8=
Subject key identifier: 72:05:94:4A:60:74:5C:92:5D:1A:8C:D4:7A:74:86:D6:8E:A9:E8:ED
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EB04C31909000D02E4CEFEA7AA8BC5235674B1D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Mon 16 Jun 2025 21:51:23 +0000
ROA not before: Mon 16 Jun 2025 21:51:23 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:b0:4c:31:90:90:00:d0:2e:4c:ef:ea:7a:a8:bc:52:35:67:4b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:23 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=dee03a1610225f1bc009f0dc5fce46cd1e3a03b49a97dd47f393fdecfdad70f6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ff:c2:c5:47:04:39:a5:ff:10:14:7f:6b:3c:
68:c3:8f:7e:e5:f2:b3:8c:b3:c6:41:39:48:43:77:
6f:19:60:27:c6:5a:30:6d:08:ca:6a:67:5c:34:74:
b4:93:fe:82:fb:fa:b5:c0:27:a2:9a:bc:91:1d:1f:
52:3f:9e:07:b7:37:f8:d8:d1:97:39:d4:fe:6c:83:
9e:f6:3b:92:6b:18:50:a0:08:df:b0:eb:e6:a1:45:
c8:9f:c0:df:5f:b6:d1:5b:e6:a7:0d:9f:2e:56:bb:
fa:03:4b:e4:48:10:57:02:83:e8:d0:f5:06:c6:fa:
30:04:a5:e4:8d:5d:e0:01:39:60:07:74:b9:50:47:
c5:0c:7a:10:8f:7f:0f:5b:c5:99:50:c2:c2:58:ae:
13:ee:8a:8f:b1:42:82:ac:1b:c4:6c:33:db:90:2e:
28:74:f3:af:42:0f:90:6b:86:87:7e:cc:f5:88:6e:
de:56:71:e5:b5:57:96:fd:2a:1d:1f:95:eb:cf:37:
01:ee:79:a5:08:c2:94:9a:6f:1d:7d:59:19:c7:57:
d1:f3:c9:c7:ab:bb:7c:29:94:62:0b:53:70:2a:e5:
a6:8e:34:69:4e:df:41:e0:b2:0a:c4:a8:67:87:25:
b4:fd:4b:c9:aa:05:b2:e3:c0:b4:8d:d9:8e:af:72:
66:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:05:94:4A:60:74:5C:92:5D:1A:8C:D4:7A:74:86:D6:8E:A9:E8:ED
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
06:5e:d7:95:02:45:22:76:d5:fa:9a:67:a0:cc:6c:70:fd:85:
e6:d0:e6:4c:a2:f9:6d:60:af:72:81:e8:fa:10:df:c1:96:e6:
37:0c:e3:45:e6:d0:06:f0:02:e4:25:f9:14:16:24:b8:3a:e7:
95:b3:55:5f:4b:94:c5:5e:a4:a9:be:62:c0:f6:c5:1a:25:95:
b1:64:64:c8:52:f0:5b:fc:d8:4f:c2:47:a2:af:9b:2a:e4:9e:
64:92:3f:3a:21:3a:25:1f:a4:13:89:f1:96:0a:3a:62:85:48:
4f:08:41:7e:e1:d9:ff:29:d1:72:ab:02:51:82:da:4b:60:43:
e3:9d:5a:11:35:2d:cc:29:0f:f1:11:3b:05:52:39:af:54:cf:
82:82:c4:66:5f:ac:1f:23:f6:80:45:15:51:e0:83:34:21:f7:
7c:10:6f:43:52:37:24:79:3b:81:25:42:9d:40:36:ca:0b:60:
d0:dd:34:3c:65:b9:56:03:66:28:58:f3:1c:81:97:30:d1:d2:
4e:43:76:87:39:ff:71:a5:7a:e9:af:92:ee:24:da:e1:20:1c:
76:cf:ff:e0:8b:b0:59:42:92:63:4b:85:76:88:5e:6c:81:ab:
12:3c:43:e5:cf:a5:7e:ea:3d:ba:7a:27:52:15:84:0b:23:1b:
78:15:92:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXrBMMZCQANAuTO/qeqi8UjVnSx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMjNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlZTAzYTE2MTAyMjVmMWJjMDA5ZjBkYzVmY2U0NmNkMWUzYTAzYjQ5YTk3
ZGQ0N2YzOTNmZGVjZmRhZDcwZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKb/wsVHBDml/xAUf2s8aMOPfuXys4yzxkE5SEN3bxlgJ8ZaMG0IympnXDR0
tJP+gvv6tcAnopq8kR0fUj+eB7c3+NjRlznU/myDnvY7kmsYUKAI37Dr5qFFyJ/A
31+20Vvmpw2fLla7+gNL5EgQVwKD6ND1Bsb6MASl5I1d4AE5YAd0uVBHxQx6EI9/
D1vFmVDCwliuE+6Kj7FCgqwbxGwz25AuKHTzr0IPkGuGh37M9Yhu3lZx5bVXlv0q
HR+V6883Ae55pQjClJpvHX1ZGcdX0fPJx6u7fCmUYgtTcCrlpo40aU7fQeCyCsSo
Z4cltP1LyaoFsuPAtI3Zjq9yZs8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRyBZRK
YHRckl0ajNR6dIbWjqno7TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQAGXteVAkUidtX6mmegzGxw/YXm0OZMovltYK9ygej6
EN/BluY3DONF5tAG8ALkJfkUFiS4OueVs1VfS5TFXqSpvmLA9sUaJZWxZGTIUvBb
/NhPwkeir5sq5J5kkj86ITolH6QTifGWCjpihUhPCEF+4dn/KdFyqwJRgtpLYEPj
nVoRNS3MKQ/xETsFUjmvVM+CgsRmX6wfI/aARRVR4IM0Ifd8EG9DUjckeTuBJUKd
QDbKC2DQ3TQ8ZblWA2YoWPMcgZcw0dJOQ3aHOf9xpXrpr5LuJNrhIBx2z//gi7BZ
QpJjS4V2iF5sgasSPEPlz6V+6j26eidSFYQLIxt4FZKR
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:15:29 2025 by rpki-client