Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json)
Hash identifier: UM+zVdp7LM1wneBZ9RbBoWzOnQxNt/ssAaSGRDb3jos=
Subject key identifier: 27:05:62:AB:44:00:67:13:21:C4:A2:07:6B:DC:F0:88:AE:04:8E:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5437409BE1AF233FE6A5780353E526CCBC031929
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
Signing time: Tue 17 Jun 2025 00:50:53 +0000
ROA not before: Tue 17 Jun 2025 00:50:53 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:37:40:9b:e1:af:23:3f:e6:a5:78:03:53:e5:26:cc:bc:03:19:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:53 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=fdae1ba5006e71cc09df369c051a18226fb190e9a467fd19cb28be9433ee93f6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b2:2e:21:78:b0:71:ff:bc:18:cc:c1:eb:2e:
bc:73:33:68:3e:08:f2:bf:66:d6:02:35:ff:c3:89:
8a:61:4b:03:24:c3:9e:12:8b:01:92:8b:c3:55:72:
69:52:d5:48:65:eb:2d:85:ce:4a:d4:7e:dd:ff:c7:
30:f5:e5:21:48:a5:63:19:b3:13:a4:ea:8f:c9:da:
11:41:f7:9a:dd:5e:33:f4:6f:d8:4e:11:bc:2b:a5:
c3:44:a4:98:86:59:c6:c6:9e:1f:32:24:4c:59:6a:
8e:83:27:9f:d1:a0:1c:a0:2e:23:43:16:f1:2d:f4:
b8:7d:38:44:ba:43:f7:f8:a7:2f:59:43:ab:fa:00:
a0:99:65:37:48:f8:28:38:1e:f9:f8:57:5d:b3:2e:
a5:c3:29:17:77:0a:f8:6c:49:e9:b1:28:b5:f2:f2:
c5:e8:01:f0:d4:bf:79:ae:da:b5:ba:ad:4f:83:f3:
69:30:0c:e8:45:e1:ae:ce:5c:66:f2:f2:eb:80:a0:
04:fd:57:c7:d8:7e:d6:33:c4:cf:62:0e:c5:5c:42:
36:f7:d7:9a:f8:68:50:92:2b:68:0e:ed:5d:e2:2a:
75:8f:00:c6:d9:bf:b1:1f:5c:b6:7a:1f:52:c1:44:
cc:a8:ec:2d:e7:d2:e6:2c:ae:30:9d:d5:60:d4:43:
48:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:05:62:AB:44:00:67:13:21:C4:A2:07:6B:DC:F0:88:AE:04:8E:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/48
Signature Algorithm: sha256WithRSAEncryption
18:fe:e9:27:a9:a1:23:d7:a8:f7:38:84:c5:e9:e3:60:23:84:
bf:27:5f:b6:c7:5f:1f:72:64:53:47:7f:e4:29:49:d6:e4:ec:
08:be:62:79:4b:10:d4:9e:1e:eb:d4:8c:0c:09:fe:66:64:67:
a3:ad:2a:f8:f6:9b:df:b5:9b:d1:b8:33:a4:dc:c0:41:29:c0:
90:94:3a:b8:3e:13:6b:83:7c:18:bc:4f:b1:08:57:ac:1e:54:
5d:f1:50:b6:6b:59:a8:8a:b9:fb:27:77:20:e9:ee:6c:0f:81:
4c:a6:cf:f6:5e:50:0a:0f:7f:07:a3:54:62:b0:0f:fc:c3:fa:
3d:fe:c9:8a:fb:b5:82:ca:79:9a:bb:dc:2f:83:c5:15:a2:13:
d6:63:5e:63:0e:52:ca:2d:42:3e:0e:1b:84:c8:0f:30:57:b6:
4c:b8:ad:1a:87:ef:18:51:63:95:0d:1c:f4:48:e9:84:82:ad:
d5:40:0e:85:01:93:3f:9f:17:6b:94:c3:17:7d:55:0b:d2:95:
9d:87:aa:62:3d:e4:5d:ec:f4:09:03:dc:63:c2:d8:2c:78:55:
c6:ec:7b:7b:79:68:d5:fc:29:de:9a:57:bb:e3:42:e4:96:65:
4d:2a:48:8b:f3:a3:6f:23:b1:06:95:92:69:ae:96:3c:a0:1f:
cc:fa:29:ca
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVDdAm+GvIz/mpXgDU+UmzLwDGSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwNTNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkYWUxYmE1MDA2ZTcxY2MwOWRmMzY5YzA1MWExODIyNmZiMTkwZTlhNDY3
ZmQxOWNiMjhiZTk0MzNlZTkzZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSyLiF4sHH/vBjMwesuvHMzaD4I8r9m1gI1/8OJimFLAyTDnhKLAZKLw1Vy
aVLVSGXrLYXOStR+3f/HMPXlIUilYxmzE6Tqj8naEUH3mt1eM/Rv2E4RvCulw0Sk
mIZZxsaeHzIkTFlqjoMnn9GgHKAuI0MW8S30uH04RLpD9/inL1lDq/oAoJllN0j4
KDge+fhXXbMupcMpF3cK+GxJ6bEotfLyxegB8NS/ea7atbqtT4PzaTAM6EXhrs5c
ZvLy64CgBP1Xx9h+1jPEz2IOxVxCNvfXmvhoUJIraA7tXeIqdY8Axtm/sR9ctnof
UsFEzKjsLefS5iyuMJ3VYNRDSL8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQnBWKr
RABnEyHEogdr3PCIrgSOPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
ADANBgkqhkiG9w0BAQsFAAOCAQEAGP7pJ6mhI9eo9ziExenjYCOEvydftsdfH3Jk
U0d/5ClJ1uTsCL5ieUsQ1J4e69SMDAn+ZmRno60q+Pab37Wb0bgzpNzAQSnAkJQ6
uD4Ta4N8GLxPsQhXrB5UXfFQtmtZqIq5+yd3IOnubA+BTKbP9l5QCg9/B6NUYrAP
/MP6Pf7Jivu1gsp5mrvcL4PFFaIT1mNeYw5Syi1CPg4bhMgPMFe2TLitGofvGFFj
lQ0c9EjphIKt1UAOhQGTP58Xa5TDF31VC9KVnYeqYj3kXez0CQPcY8LYLHhVxux7
e3lo1fwp3ppXu+NC5JZlTSpIi/OjbyOxBpWSaa6WPKAfzPopyg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:24:21 2025 by rpki-client