Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: ePwB8qNam/qPMj9kCzOqx/ZggzjvKy1bKQNIalENFLg=
Subject key identifier: F3:0B:8C:6F:30:36:AF:35:64:20:CF:04:63:69:45:BE:77:B3:38:4C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6053ECAEC6B68FFA3C9752451C16A90462068362
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Wed 25 Jun 2025 00:50:29 +0000
ROA not before: Wed 25 Jun 2025 00:50:29 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:53:ec:ae:c6:b6:8f:fa:3c:97:52:45:1c:16:a9:04:62:06:83:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:29 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=0b9abfe7301c139dc4ac0b0c33c75b6ea61b23c699825747d6f10bdff86035de, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:25:9f:75:23:50:11:73:d9:21:2f:b0:63:ec:
c5:41:ce:56:cc:d5:21:31:11:ba:9d:72:8e:77:ca:
78:a9:b7:b1:fa:12:2f:e6:b4:03:06:d9:cf:f7:0d:
a0:23:e1:90:02:c4:00:61:e3:92:ee:bb:b4:6e:b3:
d8:88:5d:78:d2:38:7e:fa:f7:74:de:ba:bf:ff:0f:
59:19:2f:9e:e0:86:a7:59:5d:e0:4b:8f:19:d2:2e:
d6:cd:23:e9:af:58:ac:3b:9a:56:d0:5a:87:89:22:
a1:66:12:7a:f3:44:5b:69:c5:72:7e:40:5c:d0:2a:
42:9a:41:c3:4b:29:6a:83:8c:2b:b8:d1:ce:43:12:
68:a1:5e:0a:e6:73:3a:90:43:58:e9:f5:00:d5:b1:
30:ff:44:7d:c1:8f:a9:f0:42:7f:d0:36:a4:61:7e:
13:6b:df:ce:d1:ee:59:0e:c7:b2:65:06:b9:3e:41:
97:bc:57:67:eb:e7:eb:6d:ad:6f:44:00:78:c0:e0:
1a:8b:09:fc:4c:d6:02:39:0f:9a:1b:8c:7d:34:49:
43:02:ab:00:fb:fa:97:39:1d:3d:64:0c:a0:7b:b2:
e9:ad:47:f3:ad:64:b7:45:5b:21:f4:dd:f4:36:99:
7e:c0:9e:62:a0:cd:af:87:3b:5a:f0:87:bc:9b:55:
4d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0B:8C:6F:30:36:AF:35:64:20:CF:04:63:69:45:BE:77:B3:38:4C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
48:bb:a6:7b:c1:b0:f7:e2:89:fc:0b:eb:c3:db:e1:47:11:8a:
3c:11:66:62:c7:ee:90:ac:09:d8:01:cc:b5:09:a2:15:5e:07:
cd:af:9c:11:c3:52:81:b7:30:b4:a4:69:46:10:31:b0:e3:57:
c1:5d:09:15:54:8d:f7:2b:ef:55:c1:9f:4b:9f:c1:e2:32:84:
08:e6:26:7e:31:14:f2:9d:3e:66:c3:3c:ce:f6:99:89:eb:a2:
33:89:67:81:fc:7f:90:d3:78:eb:b1:0c:ec:4d:dd:8f:a8:1f:
d1:68:c3:59:6c:c0:f2:1f:9f:35:a8:59:e7:2b:51:d5:89:e8:
cf:01:00:03:f5:2a:48:f4:30:f6:32:dc:44:7f:70:d2:ed:6b:
08:e7:6a:f4:06:4d:e6:d3:24:08:b6:be:fd:fe:b7:c5:c3:d6:
d2:bf:2a:45:b3:d8:bc:82:8a:06:88:29:63:9d:d5:34:f1:c1:
b2:28:7e:4d:72:ca:0a:40:ae:15:85:c4:9c:97:44:d0:7b:8d:
ab:ef:24:b2:d8:b0:e5:e7:f8:65:c5:4c:04:f1:5b:ac:3f:d9:
a5:b5:0c:55:a9:13:a1:60:9e:7e:a3:d5:ec:78:37:eb:90:3d:
60:0c:7e:32:c3:2a:5e:e1:a6:20:ae:85:2a:fa:18:ce:55:d9:
87:68:30:fc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYFPsrsa2j/o8l1JFHBapBGIGg2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjlaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiOWFiZmU3MzAxYzEzOWRjNGFjMGIwYzMzYzc1YjZlYTYxYjIzYzY5OTgy
NTc0N2Q2ZjEwYmRmZjg2MDM1ZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQln3UjUBFz2SEvsGPsxUHOVszVITERup1yjnfKeKm3sfoSL+a0AwbZz/cN
oCPhkALEAGHjku67tG6z2IhdeNI4fvr3dN66v/8PWRkvnuCGp1ld4EuPGdIu1s0j
6a9YrDuaVtBah4kioWYSevNEW2nFcn5AXNAqQppBw0spaoOMK7jRzkMSaKFeCuZz
OpBDWOn1ANWxMP9EfcGPqfBCf9A2pGF+E2vfztHuWQ7HsmUGuT5Bl7xXZ+vn622t
b0QAeMDgGosJ/EzWAjkPmhuMfTRJQwKrAPv6lzkdPWQMoHuy6a1H861kt0VbIfTd
9DaZfsCeYqDNr4c7WvCHvJtVTZ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTzC4xv
MDavNWQgzwRjaUW+d7M4TDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQBIu6Z7wbD34on8C+vD2+FHEYo8EWZix+6QrAnYAcy1
CaIVXgfNr5wRw1KBtzC0pGlGEDGw41fBXQkVVI33K+9VwZ9Ln8HiMoQI5iZ+MRTy
nT5mwzzO9pmJ66IziWeB/H+Q03jrsQzsTd2PqB/RaMNZbMDyH581qFnnK1HViejP
AQAD9SpI9DD2MtxEf3DS7WsI52r0Bk3m0yQItr79/rfFw9bSvypFs9i8gooGiClj
ndU08cGyKH5NcsoKQK4VhcScl0TQe42r7ySy2LDl5/hlxUwE8VusP9mltQxVqROh
YJ5+o9XseDfrkD1gDH4ywype4aYgroUq+hjOVdmHaDD8
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:41:58 2025 by rpki-client