Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: 61BglATOUEINT3FKy1NrUesxWciN/am136c2JQZ5fu4=
Subject key identifier: F1:DA:29:1E:A8:D2:8B:66:E2:8B:C6:0D:1B:55:AA:08:B9:D1:58:28
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3621A5C7E3A796130DE17E655825BB841069DF6D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Mon 16 Jun 2025 22:00:04 +0000
ROA not before: Mon 16 Jun 2025 22:00:04 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:21:a5:c7:e3:a7:96:13:0d:e1:7e:65:58:25:bb:84:10:69:df:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:04 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=fc35718253872897eb6961154d6196bbbbd0ac56a1b5d32c4a7bd79e6f8f0237, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:30:26:1a:1e:ae:63:a1:b6:63:59:e4:a7:04:
0f:17:f9:22:16:77:28:20:f6:83:fd:c6:d7:1d:82:
8e:6b:26:ad:d4:82:dc:59:41:5c:56:ff:73:4e:fc:
63:47:39:1d:1e:0c:21:80:f2:11:00:5f:12:c8:43:
6c:b9:d3:c3:ff:3b:90:a4:86:aa:ab:12:8e:04:3c:
ca:d6:db:67:61:30:9b:6f:2b:a9:1e:cb:ca:99:4e:
fc:46:53:f7:1b:0b:57:54:0d:36:57:bb:61:e7:e9:
e2:0e:15:21:d4:63:8c:8a:85:83:f2:78:3e:96:63:
6e:08:22:e1:2a:b7:bb:1f:b0:1b:71:9f:34:9f:cd:
fe:54:a1:da:fb:42:05:8b:f3:ba:a6:62:46:3c:65:
95:0e:7b:5b:7d:a6:77:7f:91:f4:9a:b9:3c:c5:5d:
ca:b3:8d:5e:9c:c3:22:0b:5c:d5:0e:13:a6:9f:53:
38:77:3b:4c:38:b4:70:cd:55:1b:5d:ae:4b:24:3d:
8e:b0:ea:4c:09:c4:79:64:8e:f9:0d:b2:53:96:d9:
4a:a9:66:f9:6f:f5:7a:9c:33:3f:d3:54:ec:30:da:
27:0d:c0:4f:32:b1:fe:73:b8:bd:a0:83:91:ec:d5:
6a:ef:90:d2:e6:0f:b0:cf:8a:a9:05:b5:5f:28:33:
66:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DA:29:1E:A8:D2:8B:66:E2:8B:C6:0D:1B:55:AA:08:B9:D1:58:28
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
75:a0:aa:dd:cd:dc:04:4e:fb:bf:9e:e1:06:be:b7:10:64:3d:
a1:92:ef:c8:d3:98:46:96:e9:9a:fa:f1:5b:92:c5:97:32:e6:
b3:ef:04:1a:fa:4c:5a:b0:27:71:d9:b1:21:25:27:aa:5a:73:
51:67:50:e1:6c:13:6e:58:85:45:53:71:d4:12:99:ed:64:4f:
b5:cb:d5:f8:24:87:a4:49:6b:f9:35:05:5a:dd:39:a3:4e:dc:
6e:b2:f7:83:9e:1a:fa:13:77:0e:73:2e:50:d4:a4:6c:15:8d:
ca:dc:48:1f:ae:b2:61:95:75:b6:cc:5a:8e:c2:86:e1:d2:84:
fe:f5:26:73:9b:87:d0:48:80:de:fe:c7:8b:3a:9d:8b:3e:51:
56:2b:84:26:89:00:1b:6b:06:6f:36:d1:3e:a5:a0:ee:5c:73:
c3:d1:30:95:0d:4f:51:63:ed:76:db:d0:a8:c5:24:89:2b:de:
19:fb:81:c4:90:dd:37:c1:53:45:16:48:64:de:98:1a:0e:91:
45:2a:e8:bf:a6:cc:1d:03:7f:3d:af:a8:b1:1d:24:3d:8e:3b:
03:93:d7:6d:fd:0a:4e:11:46:63:bc:fb:8a:c9:3e:52:1f:c9:
59:89:e4:fc:8e:7d:d0:d3:af:b6:f2:18:1d:99:21:a9:c4:26:
bc:39:e0:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNiGlx+OnlhMN4X5lWCW7hBBp320wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMzU3MTgyNTM4NzI4OTdlYjY5NjExNTRkNjE5NmJiYmJkMGFjNTZhMWI1
ZDMyYzRhN2JkNzllNmY4ZjAyMzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUwJhoermOhtmNZ5KcEDxf5IhZ3KCD2g/3G1x2CjmsmrdSC3FlBXFb/c078
Y0c5HR4MIYDyEQBfEshDbLnTw/87kKSGqqsSjgQ8ytbbZ2Ewm28rqR7LyplO/EZT
9xsLV1QNNle7Yefp4g4VIdRjjIqFg/J4PpZjbggi4Sq3ux+wG3GfNJ/N/lSh2vtC
BYvzuqZiRjxllQ57W32md3+R9Jq5PMVdyrONXpzDIgtc1Q4Tpp9TOHc7TDi0cM1V
G12uSyQ9jrDqTAnEeWSO+Q2yU5bZSqlm+W/1epwzP9NU7DDaJw3ATzKx/nO4vaCD
kezVau+Q0uYPsM+KqQW1XygzZj8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTx2ike
qNKLZuKLxg0bVaoIudFYKDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQB1oKrdzdwETvu/nuEGvrcQZD2hku/I05hGluma+vFb
ksWXMuaz7wQa+kxasCdx2bEhJSeqWnNRZ1DhbBNuWIVFU3HUEpntZE+1y9X4JIek
SWv5NQVa3TmjTtxusveDnhr6E3cOcy5Q1KRsFY3K3EgfrrJhlXW2zFqOwobh0oT+
9SZzm4fQSIDe/seLOp2LPlFWK4QmiQAbawZvNtE+paDuXHPD0TCVDU9RY+1229Co
xSSJK94Z+4HEkN03wVNFFkhk3pgaDpFFKui/pswdA389r6ixHSQ9jjsDk9dt/QpO
EUZjvPuKyT5SH8lZieT8jn3Q06+28hgdmSGpxCa8OeDZ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:43:09 2025 by rpki-client