Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: IP5pEXV9A5xYtctMCECg7jiT0oi0Hvj+YCNNcb6jQXY=
Subject key identifier: EE:59:47:70:C6:5C:21:04:3B:90:82:DF:A8:6E:79:83:87:71:09:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A401360D1297DD9CB4422E453CAA2C59AA2274A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Fri 11 Jul 2025 21:01:04 +0000
ROA not before: Fri 11 Jul 2025 21:01:04 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:40:13:60:d1:29:7d:d9:cb:44:22:e4:53:ca:a2:c5:9a:a2:27:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:04 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ac60cc8ca59c8e6d72c62318197b74228998367cbdef1a9a2530ed644449601b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bc:6f:fd:5a:58:26:c9:1a:e0:41:3a:0e:1d:
e2:4d:11:fb:ae:ca:ba:b4:c5:ba:9e:0e:60:e0:c6:
c3:15:6b:b6:cb:84:d3:55:6d:23:97:d3:a0:a1:f1:
0a:8e:83:de:0f:f6:09:09:fe:32:3e:4c:f2:fd:20:
d9:03:8c:74:8b:29:02:3d:47:41:ef:ba:cf:b4:ea:
fd:af:b9:b8:70:a1:77:2f:5d:3f:f0:61:04:44:7b:
4e:a7:ff:ff:be:5a:f4:eb:2c:0e:61:ad:25:9b:c7:
f9:9d:26:99:27:94:bb:f8:5f:da:8d:26:4d:f4:3f:
66:97:00:f5:1d:39:d3:2b:b9:da:4a:48:e2:4b:39:
f9:b4:88:2f:8a:25:b3:93:eb:c0:81:45:fa:51:73:
11:c2:04:72:56:51:e7:46:0c:e1:6e:57:d9:bb:d1:
9d:62:fa:04:ff:61:6c:74:44:e8:9e:a2:9a:d1:30:
9f:98:59:89:6c:ab:78:6f:d7:12:18:78:d5:27:41:
2b:fd:b7:b4:f6:c3:94:74:d8:f8:26:5e:ce:24:f4:
54:5e:4a:c9:18:8e:17:99:a1:d7:04:22:f8:e5:2f:
e2:22:df:d4:4d:21:29:95:45:8b:9b:8b:d4:37:64:
0d:50:c1:dd:ec:ee:c1:8b:3b:eb:83:8f:5b:b9:29:
58:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:59:47:70:C6:5C:21:04:3B:90:82:DF:A8:6E:79:83:87:71:09:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
55:a1:1f:a2:c4:bc:30:c6:9b:10:cf:84:60:59:51:3f:bd:ff:
7a:98:32:6f:2c:0b:a2:bf:fd:c0:de:d4:a1:bc:5c:1d:20:05:
d9:d3:60:f1:03:17:18:ed:41:83:22:cb:b4:bd:65:b1:26:cf:
ab:27:8b:02:d3:66:24:35:08:c8:62:c2:65:d9:79:09:71:01:
04:07:38:64:69:18:e2:28:6a:63:2b:ef:22:e7:40:4e:4f:ee:
00:65:7c:91:ea:04:a7:da:8f:f2:48:82:f4:6a:bf:60:21:07:
a3:4e:fb:c4:e0:79:f8:34:67:e4:d4:b2:db:bd:bf:53:c9:85:
32:9a:51:32:0d:49:91:f1:8b:e7:65:90:19:40:54:46:65:7c:
4c:9a:9f:f2:70:7e:73:a8:8e:fc:f9:a6:e7:6c:34:2b:ee:98:
7f:81:b7:f2:92:1c:46:ea:c1:ea:17:10:a2:79:8b:33:42:25:
12:06:35:01:10:be:36:8f:1a:c2:d7:ab:da:ee:d0:b1:27:0c:
86:8d:73:2c:5c:bd:21:0a:ed:b7:cf:81:12:96:69:73:ae:3d:
22:21:ec:36:a8:e3:f0:dc:67:30:ca:33:66:e3:12:3e:78:48:
33:79:ef:de:35:42:4b:b5:ae:00:1e:96:02:de:7f:ac:f5:81:
7e:26:43:33
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUekATYNEpfdnLRCLkU8qixZqiJ0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjNjBjYzhjYTU5YzhlNmQ3MmM2MjMxODE5N2I3NDIyODk5ODM2N2NiZGVm
MWE5YTI1MzBlZDY0NDQ0OTYwMWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKG8b/1aWCbJGuBBOg4d4k0R+67KurTFup4OYODGwxVrtsuE01VtI5fToKHx
Co6D3g/2CQn+Mj5M8v0g2QOMdIspAj1HQe+6z7Tq/a+5uHChdy9dP/BhBER7Tqf/
/75a9OssDmGtJZvH+Z0mmSeUu/hf2o0mTfQ/ZpcA9R050yu52kpI4ks5+bSIL4ol
s5PrwIFF+lFzEcIEclZR50YM4W5X2bvRnWL6BP9hbHRE6J6imtEwn5hZiWyreG/X
Ehh41SdBK/23tPbDlHTY+CZeziT0VF5KyRiOF5mh1wQi+OUv4iLf1E0hKZVFi5uL
1DdkDVDB3ezuwYs764OPW7kpWI8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTuWUdw
xlwhBDuQgt+obnmDh3EJPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQBVoR+ixLwwxpsQz4RgWVE/vf96mDJvLAuiv/3A3tSh
vFwdIAXZ02DxAxcY7UGDIsu0vWWxJs+rJ4sC02YkNQjIYsJl2XkJcQEEBzhkaRji
KGpjK+8i50BOT+4AZXyR6gSn2o/ySIL0ar9gIQejTvvE4Hn4NGfk1LLbvb9TyYUy
mlEyDUmR8YvnZZAZQFRGZXxMmp/ycH5zqI78+abnbDQr7ph/gbfykhxG6sHqFxCi
eYszQiUSBjUBEL42jxrC16va7tCxJwyGjXMsXL0hCu23z4ESlmlzrj0iIew2qOPw
3GcwyjNm4xI+eEgzee/eNUJLta4AHpYC3n+s9YF+JkMz
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:31:34 2025 by rpki-client