Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: vjLY70lfBPW8m7oxM/UA5ntAsikpULoWr463XhmMPLg=
Subject key identifier: 13:AF:F2:90:6D:97:75:59:AC:79:63:BA:13:FD:30:DB:BD:48:19:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1AEECF4FFD2D72726A4FABE3F68EB163F3C6DAA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Mon 16 Jun 2025 22:00:42 +0000
ROA not before: Mon 16 Jun 2025 22:00:42 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:ee:cf:4f:fd:2d:72:72:6a:4f:ab:e3:f6:8e:b1:63:f3:c6:da:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:42 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=fea509791ffa8afec07a5bde6a0394eb4ceee224c277f081ba72798ee4a03ead, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:43:db:74:7b:da:fd:1e:71:be:16:21:60:7c:
a0:44:cc:a0:70:9e:ff:ca:29:59:93:a7:14:70:e2:
7a:18:7e:30:f9:42:f6:a8:80:22:2b:10:2c:14:2b:
50:2c:72:60:0d:a9:a5:54:29:a2:86:9b:28:f5:6b:
07:4b:27:97:4e:e4:3c:46:57:d3:bf:d7:b6:c5:1e:
b5:5c:5e:7e:39:c9:ef:29:52:91:96:db:59:d3:40:
cf:de:cc:66:fe:a0:e1:19:3a:9f:3f:6c:0a:91:2c:
12:a0:89:e8:ec:37:97:df:31:31:8c:a8:e7:b1:b6:
43:84:64:1d:d2:3d:80:e4:f7:ee:88:cf:72:60:3e:
a3:03:7d:a5:15:32:a3:a4:9f:c1:6e:25:7e:8e:86:
75:1f:4a:f9:ea:82:aa:e7:1e:78:da:63:a3:35:d5:
1a:cd:ea:3c:4b:40:51:9e:3d:84:62:1d:53:f6:f1:
7c:f3:9c:15:ae:fb:e8:70:29:57:17:4d:0b:34:59:
2f:a0:15:7f:10:84:d6:a1:57:3c:01:83:ba:b5:4c:
98:70:48:43:c5:a3:a9:0f:e3:92:38:52:45:49:c3:
0e:b9:dd:38:cf:60:cf:98:37:40:c1:5b:5b:4c:eb:
af:92:1b:26:ee:e1:b5:a9:99:dd:05:83:4b:73:25:
7b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:AF:F2:90:6D:97:75:59:AC:79:63:BA:13:FD:30:DB:BD:48:19:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:d4:d4:b4:95:64:10:e7:fc:0b:54:cc:7c:c3:1d:a9:3f:1d:
71:94:56:e6:54:c7:eb:14:b5:d7:44:eb:fe:3c:cc:09:bc:15:
dd:9a:c2:b2:2c:93:77:68:51:8d:6f:57:58:0a:07:37:aa:aa:
2c:a6:c6:e8:dd:01:a6:27:a8:ef:91:63:2c:71:50:7c:15:fa:
86:ae:ab:d3:e2:d3:ad:98:b0:99:f4:c8:a6:ee:0c:05:5c:8b:
0a:7d:f3:61:13:08:78:66:42:3a:3a:f6:2a:aa:ef:eb:42:99:
e1:73:6c:5a:07:36:36:4d:d1:c8:a8:07:98:4b:c3:01:6a:55:
9d:7c:47:74:95:0e:04:bf:b5:d2:83:57:7c:c5:d7:91:43:c2:
f9:79:70:31:22:1a:a6:a7:46:2d:a0:af:44:90:75:d9:ff:4e:
a1:7b:82:90:62:85:c6:97:41:56:63:95:ac:1a:c3:3a:e6:35:
db:56:ff:aa:7e:b4:a5:84:bd:f0:ac:28:bb:db:ac:60:9d:19:
c4:20:ac:61:95:50:d1:85:0b:3a:7e:63:98:89:22:75:35:03:
b1:71:a2:8c:c4:f2:e5:97:78:52:5e:77:be:4b:b0:63:f9:59:
25:52:ea:77:6c:e4:4b:2e:61:4d:a3:e6:b0:bd:2d:c7:a9:ab:
fd:cc:dd:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGu7PT/0tcnJqT6vj9o6xY/PG2qEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwNDJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlYTUwOTc5MWZmYThhZmVjMDdhNWJkZTZhMDM5NGViNGNlZWUyMjRjMjc3
ZjA4MWJhNzI3OThlZTRhMDNlYWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRD23R72v0ecb4WIWB8oETMoHCe/8opWZOnFHDiehh+MPlC9qiAIisQLBQr
UCxyYA2ppVQpooabKPVrB0snl07kPEZX07/XtsUetVxefjnJ7ylSkZbbWdNAz97M
Zv6g4Rk6nz9sCpEsEqCJ6Ow3l98xMYyo57G2Q4RkHdI9gOT37ojPcmA+owN9pRUy
o6SfwW4lfo6GdR9K+eqCquceeNpjozXVGs3qPEtAUZ49hGIdU/bxfPOcFa776HAp
VxdNCzRZL6AVfxCE1qFXPAGDurVMmHBIQ8WjqQ/jkjhSRUnDDrndOM9gz5g3QMFb
W0zrr5IbJu7htamZ3QWDS3Mle9sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQTr/KQ
bZd1Wax5Y7oT/TDbvUgZPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQCV1NS0lWQQ5/wLVMx8wx2pPx1xlFbmVMfrFLXXROv+
PMwJvBXdmsKyLJN3aFGNb1dYCgc3qqospsbo3QGmJ6jvkWMscVB8FfqGrqvT4tOt
mLCZ9Mim7gwFXIsKffNhEwh4ZkI6OvYqqu/rQpnhc2xaBzY2TdHIqAeYS8MBalWd
fEd0lQ4Ev7XSg1d8xdeRQ8L5eXAxIhqmp0YtoK9EkHXZ/06he4KQYoXGl0FWY5Ws
GsM65jXbVv+qfrSlhL3wrCi726xgnRnEIKxhlVDRhQs6fmOYiSJ1NQOxcaKMxPLl
l3hSXne+S7Bj+VklUup3bORLLmFNo+awvS3Hqav9zN07
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:18:42 2025 by rpki-client