Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: r+P7Om4di6UF3G+I0mYIjyCC76p/p8MjHo4hvGj2HJw=
Subject key identifier: 18:65:C5:2E:72:C2:03:23:DA:DC:E9:87:71:53:6F:B8:97:4B:6C:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E4ED3BE8949909C99C66E6F4EB7F5CA8AAD285F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Mon 16 Jun 2025 22:00:10 +0000
ROA not before: Mon 16 Jun 2025 22:00:10 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:4e:d3:be:89:49:90:9c:99:c6:6e:6f:4e:b7:f5:ca:8a:ad:28:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:10 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=30f4bc758be51c75d061f2776bdfa87d75575dc72b8663dc3659d9b1870520db, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:fa:b0:66:37:52:52:1b:35:f5:38:e4:63:0d:
ab:73:9f:41:98:7e:65:48:c0:67:fb:e4:c1:1f:7d:
09:d1:aa:27:d4:c6:58:76:9b:8a:1f:85:e1:d8:5a:
e0:3d:a9:3c:61:cc:94:59:0e:f8:a3:b3:5d:1d:81:
b6:0b:ad:23:62:d7:ea:69:65:13:70:9d:1d:65:33:
92:a5:d7:8f:bb:f3:81:8b:26:0d:6b:3f:64:e0:d5:
2a:46:e7:ac:fd:c2:0d:e2:5d:71:17:3a:0f:7e:7d:
26:11:35:67:34:33:63:db:a6:b7:f9:c4:c2:cb:87:
26:21:67:34:f6:8d:c0:86:93:55:6b:2a:ba:c1:cb:
92:d7:42:fb:1f:34:2f:c6:94:0e:a6:a3:73:b1:f8:
60:46:fe:df:b0:63:73:4b:91:95:78:11:b6:79:40:
96:d1:f7:27:cd:1d:91:c0:92:0b:6d:2b:2b:b5:0b:
a9:82:3f:53:4d:db:7c:b1:93:d4:57:67:b3:7d:d8:
9e:fa:ef:13:45:e1:0c:d4:68:d7:fc:f3:a4:a8:db:
c4:54:d6:44:14:ca:ac:a3:52:e6:b1:9c:31:07:f8:
80:68:f0:45:19:b3:3a:f1:82:8e:93:ac:e6:c4:3d:
e8:35:73:b8:62:ac:5b:f7:62:09:9c:9a:cc:07:39:
b1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:65:C5:2E:72:C2:03:23:DA:DC:E9:87:71:53:6F:B8:97:4B:6C:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d0:b2:cd:23:90:60:82:14:e9:54:ae:75:32:50:b9:8b:4f:e2:
2e:4e:74:00:45:24:87:ac:27:db:e4:9a:5a:5b:f0:51:92:b3:
c8:7a:16:eb:20:6f:ac:95:cb:9e:d0:99:b0:16:c3:62:d2:a5:
8a:f3:84:bf:c8:f8:ac:8a:d0:d1:93:2e:91:02:88:bd:56:f7:
86:7b:09:60:ae:98:ba:74:88:ad:ab:76:92:46:4e:8e:f7:52:
1f:61:0f:9a:6b:cb:4d:b8:95:e2:99:e1:b4:a2:27:27:53:dc:
a4:92:90:39:de:f2:bc:cc:d3:72:ee:18:8d:d5:3d:91:2c:0f:
da:ab:59:bf:e9:ea:4e:0e:38:00:61:f3:5c:a5:0b:62:ee:4e:
e1:1c:bd:6b:c1:5a:cf:d8:96:40:87:22:5d:e0:ed:87:b1:4f:
7f:03:4c:e9:28:b1:1d:5b:ae:24:1b:57:e9:0d:4f:1b:83:73:
59:08:fc:40:37:4c:c2:05:7a:11:15:78:ee:22:15:f5:ef:0e:
e5:a7:b6:e3:8d:5f:50:a7:8d:1b:2f:ff:8c:be:7b:14:90:37:
41:fd:87:7a:0f:c3:0a:ea:d7:db:60:6f:9a:9c:84:1d:e5:5d:
8a:f6:cc:42:0a:e2:68:5f:71:fa:a2:cc:22:b4:ef:96:a4:b1:
e8:53:fd:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXk7TvolJkJyZxm5vTrf1yoqtKF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZjRiYzc1OGJlNTFjNzVkMDYxZjI3NzZiZGZhODdkNzU1NzVkYzcyYjg2
NjNkYzM2NTlkOWIxODcwNTIwZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOH6sGY3UlIbNfU45GMNq3OfQZh+ZUjAZ/vkwR99CdGqJ9TGWHabih+F4dha
4D2pPGHMlFkO+KOzXR2BtgutI2LX6mllE3CdHWUzkqXXj7vzgYsmDWs/ZODVKkbn
rP3CDeJdcRc6D359JhE1ZzQzY9umt/nEwsuHJiFnNPaNwIaTVWsqusHLktdC+x80
L8aUDqajc7H4YEb+37Bjc0uRlXgRtnlAltH3J80dkcCSC20rK7ULqYI/U03bfLGT
1Fdns33YnvrvE0XhDNRo1/zzpKjbxFTWRBTKrKNS5rGcMQf4gGjwRRmzOvGCjpOs
5sQ96DVzuGKsW/diCZyazAc5sR0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYZcUu
csIDI9rc6YdxU2+4l0tsZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQDQss0jkGCCFOlUrnUyULmLT+IuTnQARSSHrCfb5Jpa
W/BRkrPIehbrIG+slcue0JmwFsNi0qWK84S/yPisitDRky6RAoi9VveGewlgrpi6
dIitq3aSRk6O91IfYQ+aa8tNuJXimeG0oicnU9ykkpA53vK8zNNy7hiN1T2RLA/a
q1m/6epODjgAYfNcpQti7k7hHL1rwVrP2JZAhyJd4O2HsU9/A0zpKLEdW64kG1fp
DU8bg3NZCPxAN0zCBXoRFXjuIhX17w7lp7bjjV9Qp40bL/+MvnsUkDdB/Yd6D8MK
6tfbYG+anIQd5V2K9sxCCuJoX3H6oswitO+WpLHoU/1a
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:37:59 2025 by rpki-client