Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
File: 70bc7703-020e-4153-b340-cced3a436951.roa (raw, json)
Hash identifier: LJ4+A6fir9nIdcEqihU5pGrOUxJLhW6uZB0Vwx8RRSc=
Subject key identifier: 2C:47:55:92:05:A3:B0:80:E7:94:D4:18:2F:30:01:D9:55:8C:0C:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4304394CA47AB779032C69C8D30C92A73117534F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
Signing time: Tue 17 Jun 2025 00:50:38 +0000
ROA not before: Tue 17 Jun 2025 00:50:38 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:04:39:4c:a4:7a:b7:79:03:2c:69:c8:d3:0c:92:a7:31:17:53:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:38 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=a7c89030a5d22af3c437f4e40bbe8ed62ce3be8afcc16fff8fca8437e5c2936a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:27:99:5e:3f:db:51:3b:62:52:a5:82:59:b6:
66:9b:e2:78:57:27:9a:f9:bf:98:cd:6b:24:b7:ad:
e3:93:c6:82:56:99:63:51:b0:40:4a:24:c0:7f:b1:
d1:45:c4:71:79:02:4e:96:fc:d9:61:af:99:25:2c:
09:a3:58:73:b9:3a:a6:4f:ae:80:6c:39:4d:d2:56:
b5:8e:e5:e1:2a:ea:8e:b0:e2:21:6c:22:f6:16:6c:
6f:ac:04:4d:6a:34:31:42:36:d1:fe:cb:51:e8:28:
26:a1:26:b6:4b:85:74:f7:dd:19:19:91:53:0b:c9:
45:02:a8:a5:45:a7:23:b1:b7:ea:e9:58:3c:bf:71:
b7:3b:a7:2b:17:f2:5f:04:92:ca:4e:88:0b:3a:f3:
1b:6b:5e:0e:00:9d:ff:0d:76:43:f0:20:25:cc:6c:
ce:1a:aa:65:73:2a:4f:84:ce:06:81:6a:f8:8c:ac:
75:3f:33:65:99:01:58:27:28:e2:7b:5e:df:68:6b:
bf:42:50:fd:59:c8:ec:d2:67:de:7e:7c:90:82:0d:
c7:c8:1f:3b:4f:5e:4d:eb:0c:c8:3d:14:be:81:52:
d0:0e:d9:3d:90:7f:c4:c2:1a:08:19:76:26:17:91:
e3:2a:b2:e3:ad:0c:fa:b2:87:ff:fb:5e:de:26:90:
cd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:47:55:92:05:A3:B0:80:E7:94:D4:18:2F:30:01:D9:55:8C:0C:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:ab:04:f0:71:29:9c:83:13:8d:aa:11:17:fc:96:91:af:32:
37:51:49:ed:fd:8d:80:75:76:6b:e7:66:55:f4:de:c9:ac:06:
cd:10:b7:1c:02:b7:85:27:92:e3:df:ed:08:cc:47:61:41:58:
b2:b1:69:dd:d5:db:a4:f8:1d:1f:d4:9c:11:f3:9f:89:b1:c8:
10:64:5b:d8:7e:59:c1:02:32:5f:bd:73:c8:08:b5:6d:ed:2b:
5d:4b:e7:85:67:de:dd:e3:17:53:c5:cc:b2:5d:f5:b2:fd:c2:
1f:0c:8b:bd:85:79:cc:75:09:7e:48:fd:54:a0:03:7c:1a:ee:
9c:d3:c7:61:0d:63:c9:ac:f4:78:97:96:87:b6:88:3a:ab:71:
3b:bd:6a:fe:ff:ae:8f:0e:7b:16:0b:cf:c0:4e:f0:b8:30:af:
49:99:62:34:9e:1e:f7:58:5a:6c:f1:c3:ef:5c:1d:d1:a7:4c:
a3:2b:40:c5:81:08:c9:2f:2f:56:84:12:25:a0:41:b0:fc:e7:
9d:8c:c5:78:6c:41:a7:36:84:ea:38:01:7d:8c:1e:c8:9e:2a:
14:6c:6c:86:54:f3:bb:77:99:81:90:2e:50:cc:ea:e0:49:30:
bd:ee:8d:d7:0a:25:c3:1f:d3:bc:71:d1:83:f2:08:ae:f8:d9:
bd:f6:fd:8e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQwQ5TKR6t3kDLGnI0wySpzEXU08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzhaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3Yzg5MDMwYTVkMjJhZjNjNDM3ZjRlNDBiYmU4ZWQ2MmNlM2JlOGFmY2Mx
NmZmZjhmY2E4NDM3ZTVjMjkzNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIQnmV4/21E7YlKlglm2ZpvieFcnmvm/mM1rJLet45PGglaZY1GwQEokwH+x
0UXEcXkCTpb82WGvmSUsCaNYc7k6pk+ugGw5TdJWtY7l4SrqjrDiIWwi9hZsb6wE
TWo0MUI20f7LUegoJqEmtkuFdPfdGRmRUwvJRQKopUWnI7G36ulYPL9xtzunKxfy
XwSSyk6ICzrzG2teDgCd/w12Q/AgJcxszhqqZXMqT4TOBoFq+IysdT8zZZkBWCco
4nte32hrv0JQ/VnI7NJn3n58kIINx8gfO09eTesMyD0UvoFS0A7ZPZB/xMIaCBl2
JheR4yqy460M+rKH//te3iaQzW8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQsR1WS
BaOwgOeU1BgvMAHZVYwMATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzBiYzc3MDMtMDIwZS00MTUzLWIzNDAtY2NlZDNhNDM2OTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBHqwTwcSmcgxONqhEX/JaRrzI3UUnt/Y2AdXZr52ZV
9N7JrAbNELccAreFJ5Lj3+0IzEdhQViysWnd1duk+B0f1JwR85+JscgQZFvYflnB
AjJfvXPICLVt7StdS+eFZ97d4xdTxcyyXfWy/cIfDIu9hXnMdQl+SP1UoAN8Gu6c
08dhDWPJrPR4l5aHtog6q3E7vWr+/66PDnsWC8/ATvC4MK9JmWI0nh73WFps8cPv
XB3Rp0yjK0DFgQjJLy9WhBIloEGw/OedjMV4bEGnNoTqOAF9jB7InioUbGyGVPO7
d5mBkC5QzOrgSTC97o3XCiXDH9O8cdGD8giu+Nm99v2O
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:12:32 2025 by rpki-client