Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json)
Hash identifier: hwuZPQ6t/5HjVfTznyctM0dKd/CsKpSUOLlON/IgCIE=
Subject key identifier: 6F:52:8D:37:A1:20:40:2C:73:BF:63:4D:7D:0C:F9:67:7A:D2:CE:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78366984281E309F13892C60AA221C275592FB26
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
Signing time: Tue 17 Jun 2025 00:51:08 +0000
ROA not before: Tue 17 Jun 2025 00:51:08 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:36:69:84:28:1e:30:9f:13:89:2c:60:aa:22:1c:27:55:92:fb:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:51:08 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=14a1e83a882d7f32076af5a47c57cfa46beb8760c1229e32473eea70cc1b05f5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ff:ba:e9:3f:5a:74:2d:47:ca:39:f6:a1:2e:
0c:a3:88:58:ca:4d:cf:53:fc:26:94:6c:4d:5a:96:
59:ea:cf:79:f9:1b:63:0d:5f:48:a1:96:e9:60:8b:
a7:3f:eb:62:77:60:3e:5e:37:ce:0a:98:c9:ae:a6:
cb:91:ff:2f:3f:2a:b8:b0:4b:29:8d:84:55:3a:b9:
5e:5d:09:79:4a:fb:e6:33:f4:36:2c:e2:a3:51:ec:
bf:ed:0c:ba:4e:cf:d7:15:2d:a6:a2:cc:f1:f3:50:
16:b0:7c:6b:b5:45:1e:40:2c:34:28:b1:02:f8:3f:
e3:6c:1f:3e:be:e7:4b:a2:b1:89:58:06:6c:2d:03:
f0:e4:b5:e5:98:ca:c2:ce:5a:78:49:e9:70:e9:2e:
19:70:4c:0b:c9:d3:f8:e5:a3:68:a6:ec:54:6b:58:
01:6d:c2:b2:9e:45:b8:8e:5a:9b:53:d3:01:19:b9:
2d:c6:6d:92:2b:50:ba:de:ee:39:91:c8:70:ca:c1:
f0:71:d3:f7:b4:2d:98:91:97:da:15:92:8d:88:af:
53:21:55:5c:6e:1b:53:b5:33:de:53:f1:44:17:ab:
20:11:95:a8:2a:bd:57:38:bf:44:e3:6e:a8:1f:2b:
cd:ad:dc:e9:1e:6f:f7:23:91:32:6b:66:5c:92:98:
48:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:52:8D:37:A1:20:40:2C:73:BF:63:4D:7D:0C:F9:67:7A:D2:CE:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.204.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:65:58:28:cf:e2:b4:d1:48:f3:4f:d4:83:11:6d:cc:81:cb:
c4:18:3f:3b:d4:1d:a4:80:88:a0:60:c2:33:45:9a:47:3a:d6:
81:8e:1f:21:6a:f9:56:2b:57:6a:24:d7:44:d2:3a:9d:e9:4f:
50:28:29:cb:ff:04:12:b1:68:9d:f9:a6:0c:8d:36:30:fb:d7:
5d:73:b1:f4:3e:94:7b:4b:4b:b5:f8:a4:18:4f:f2:13:27:c4:
91:c8:fd:2d:0a:85:ce:ce:2e:dc:25:c7:f9:a2:00:dd:4a:38:
9b:9f:51:44:4e:54:7d:83:5a:6f:5b:fb:cc:76:24:9b:ed:65:
2b:18:5e:91:ea:10:21:2c:f8:a0:ec:d9:49:44:f8:0e:47:4e:
58:a6:bf:e6:0f:e7:05:e7:6f:98:2a:81:64:3f:0c:85:72:6d:
aa:95:fd:91:2e:88:00:c8:b2:ae:1a:d8:d6:7a:d0:f2:82:b7:
9e:1e:54:41:ef:26:7d:e3:e3:0f:c4:2b:af:fc:c2:67:6d:cd:
85:1a:41:17:ba:79:a3:a6:5b:a0:71:2c:0e:04:be:24:a4:7c:
e6:79:23:ad:d9:a2:8f:42:85:db:c8:91:c0:ed:f3:b0:7b:c2:
f3:51:15:80:12:cc:9d:18:6f:98:c1:0b:7e:ad:25:62:5a:02:
ea:92:46:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeDZphCgeMJ8TiSxgqiIcJ1WS+yYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUxMDhaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0YTFlODNhODgyZDdmMzIwNzZhZjVhNDdjNTdjZmE0NmJlYjg3NjBjMTIy
OWUzMjQ3M2VlYTcwY2MxYjA1ZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj/uuk/WnQtR8o59qEuDKOIWMpNz1P8JpRsTVqWWerPefkbYw1fSKGW6WCL
pz/rYndgPl43zgqYya6my5H/Lz8quLBLKY2EVTq5Xl0JeUr75jP0Nizio1Hsv+0M
uk7P1xUtpqLM8fNQFrB8a7VFHkAsNCixAvg/42wfPr7nS6KxiVgGbC0D8OS15ZjK
ws5aeEnpcOkuGXBMC8nT+OWjaKbsVGtYAW3Csp5FuI5am1PTARm5LcZtkitQut7u
OZHIcMrB8HHT97QtmJGX2hWSjYivUyFVXG4bU7Uz3lPxRBerIBGVqCq9Vzi/RONu
qB8rza3c6R5v9yORMmtmXJKYSD0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRvUo03
oSBALHO/Y019DPlnetLObzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN
BgkqhkiG9w0BAQsFAAOCAQEAmmVYKM/itNFI80/UgxFtzIHLxBg/O9QdpICIoGDC
M0WaRzrWgY4fIWr5VitXaiTXRNI6nelPUCgpy/8EErFonfmmDI02MPvXXXOx9D6U
e0tLtfikGE/yEyfEkcj9LQqFzs4u3CXH+aIA3Uo4m59RRE5UfYNab1v7zHYkm+1l
KxhekeoQISz4oOzZSUT4DkdOWKa/5g/nBedvmCqBZD8MhXJtqpX9kS6IAMiyrhrY
1nrQ8oK3nh5UQe8mfePjD8Qrr/zCZ23NhRpBF7p5o6ZboHEsDgS+JKR85nkjrdmi
j0KF28iRwO3zsHvC81EVgBLMnRhvmMELfq0lYloC6pJGVQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:57:28 2025 by rpki-client