Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: mvx/lWH5dqofRTPFEH2sjh70xdy6SPF2gpvqr+QLTi4=
Subject key identifier: A4:9D:7A:3A:D6:A6:7D:E4:01:20:8D:F9:22:D2:3D:E6:7C:22:9B:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 10CAD130BB1E205B8081D0CB4B96CB21FC0ACCCE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Mon 16 Jun 2025 22:00:03 +0000
ROA not before: Mon 16 Jun 2025 22:00:03 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:ca:d1:30:bb:1e:20:5b:80:81:d0:cb:4b:96:cb:21:fc:0a:cc:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:03 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e5c34dad6109fdc61a78cee52de8deb70e6ddda043bbb9119d05e05ae9301bfc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ad:08:ef:cb:bd:bc:cc:e1:95:68:65:0c:47:
6c:5d:1b:93:aa:66:5f:25:40:d1:22:d0:99:2b:c1:
9e:49:53:33:7a:a3:fa:b7:7b:80:35:a6:ec:f5:46:
fa:a4:89:12:78:75:c6:3a:ac:b2:df:53:f5:f2:25:
13:73:1c:3a:1b:e7:df:72:cc:e4:7b:77:c6:1c:54:
7d:d0:01:25:02:e9:4d:f9:f4:65:03:bc:64:36:87:
58:6f:54:53:3d:e8:1a:e8:47:cc:d0:75:71:2d:05:
47:4a:f2:2f:a1:8b:ee:bb:3c:17:23:66:cf:06:44:
47:cd:64:e0:0f:ae:dd:1b:07:6a:a8:ce:60:8e:3c:
ab:db:79:02:86:06:fc:e2:65:3e:dd:4e:c7:a0:f0:
52:e3:61:8d:69:e8:fc:b7:d9:a9:c5:09:d8:ac:eb:
bf:59:10:24:ce:1d:9d:f1:65:99:f3:07:ee:e9:f9:
37:ab:49:37:f8:c0:bd:5c:66:c6:fe:98:27:09:20:
ba:b1:1b:b8:fc:2e:21:88:ab:84:90:7e:5d:b8:f1:
34:0d:48:45:72:16:2d:74:0a:a8:d0:7d:b2:20:83:
ff:15:d9:40:6f:a1:dc:15:02:2e:bc:a9:36:48:58:
a2:e1:1a:46:ae:fc:57:f1:e9:a0:bd:39:cc:6c:c1:
39:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9D:7A:3A:D6:A6:7D:E4:01:20:8D:F9:22:D2:3D:E6:7C:22:9B:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3c:a6:e3:4b:dc:9d:16:0e:92:0a:02:49:26:6c:33:91:f6:36:
5a:59:81:8e:bc:3d:96:e9:9a:5f:b6:99:50:93:a6:bc:b2:3e:
2d:84:24:64:bf:98:cd:e4:c7:62:8d:c3:a8:0e:5d:24:03:40:
74:de:ee:3c:85:a5:98:20:18:3e:0c:c2:a8:1a:99:7b:63:b3:
6b:65:cd:56:ac:1d:c3:60:51:37:14:1c:90:05:68:b4:f8:6b:
6c:f5:4b:f5:9d:a8:27:cf:25:35:59:17:de:69:9d:c0:f9:91:
29:eb:87:6f:dc:a0:82:c5:c7:cf:24:18:f2:e0:e1:2a:40:52:
57:1c:c0:00:45:56:c9:4c:ce:bb:e0:54:de:b6:5a:d9:75:66:
0d:9e:42:f3:c4:31:a6:d6:21:ef:62:ed:04:b5:a9:9b:d6:75:
62:b9:42:1b:37:e8:fd:f8:68:90:34:b9:71:c0:c1:2a:47:76:
bb:7c:40:16:bf:0d:5d:5c:d7:4e:6b:c9:fc:9f:c1:98:4b:b5:
ed:f6:1f:fd:23:4a:64:ca:e7:e1:74:07:e5:d6:18:0c:ab:26:
04:26:1c:1e:75:ba:0c:c5:74:ba:ce:ee:88:6f:74:40:46:5d:
8a:7e:a6:ec:1f:16:7f:ba:63:ed:f0:37:40:aa:92:43:9d:60:
45:6a:ac:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEMrRMLseIFuAgdDLS5bLIfwKzM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwMDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1YzM0ZGFkNjEwOWZkYzYxYTc4Y2VlNTJkZThkZWI3MGU2ZGRkYTA0M2Ji
YjkxMTlkMDVlMDVhZTkzMDFiZmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmtCO/LvbzM4ZVoZQxHbF0bk6pmXyVA0SLQmSvBnklTM3qj+rd7gDWm7PVG
+qSJEnh1xjqsst9T9fIlE3McOhvn33LM5Ht3xhxUfdABJQLpTfn0ZQO8ZDaHWG9U
Uz3oGuhHzNB1cS0FR0ryL6GL7rs8FyNmzwZER81k4A+u3RsHaqjOYI48q9t5AoYG
/OJlPt1Ox6DwUuNhjWno/LfZqcUJ2Kzrv1kQJM4dnfFlmfMH7un5N6tJN/jAvVxm
xv6YJwkgurEbuPwuIYirhJB+XbjxNA1IRXIWLXQKqNB9siCD/xXZQG+h3BUCLryp
NkhYouEaRq78V/HpoL05zGzBOSMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSknXo6
1qZ95AEgjfki0j3mfCKbxzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQA8puNL3J0WDpIKAkkmbDOR9jZaWYGOvD2W6ZpftplQ
k6a8sj4thCRkv5jN5MdijcOoDl0kA0B03u48haWYIBg+DMKoGpl7Y7NrZc1WrB3D
YFE3FByQBWi0+Gts9Uv1nagnzyU1WRfeaZ3A+ZEp64dv3KCCxcfPJBjy4OEqQFJX
HMAARVbJTM674FTetlrZdWYNnkLzxDGm1iHvYu0Etamb1nViuUIbN+j9+GiQNLlx
wMEqR3a7fEAWvw1dXNdOa8n8n8GYS7Xt9h/9I0pkyufhdAfl1hgMqyYEJhwedboM
xXS6zu6Ib3RARl2KfqbsHxZ/umPt8DdAqpJDnWBFaqzB
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:20:10 2025 by rpki-client