Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json)
Hash identifier: xl4gMZijeRQlj0crZwGyckB0qaFpVsGHpcGx+Oshqjo=
Subject key identifier: 95:41:10:D6:3B:F4:1C:4A:05:D9:9D:BE:3A:2D:93:20:8E:6B:BC:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 707A4E167E09FE36290F8B3F2FA59CD04120803D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
Signing time: Tue 20 May 2025 20:40:17 +0000
ROA not before: Tue 20 May 2025 20:40:17 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:7a:4e:16:7e:09:fe:36:29:0f:8b:3f:2f:a5:9c:d0:41:20:80:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:17 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b2d4efa218ee80aeb831cac5b4efb2daec67035c57c4d51860953ac1979fa96c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6a:9d:ee:b4:e9:98:96:1c:2c:06:ef:fd:e5:
18:0f:b8:48:24:df:2b:22:9a:65:64:9f:2b:c5:81:
9e:b8:33:65:90:c1:2a:a9:b8:43:fb:36:55:ec:7d:
0b:16:45:4c:c6:d5:05:73:f8:e9:f9:96:62:35:f9:
b7:dc:0e:05:55:d3:1f:61:40:5d:80:9b:b7:7f:01:
b3:63:9c:4d:fb:ef:13:f2:55:04:5e:30:fb:c1:5f:
54:51:91:e4:0a:1f:75:e3:98:ba:14:cc:27:ed:d1:
f4:3f:5e:4a:16:83:fa:27:a3:7f:ca:64:31:8d:09:
3f:8d:de:ee:55:4a:ab:73:bd:d5:bc:12:44:c2:a4:
5d:67:d4:d5:94:11:2b:b1:40:08:4e:e2:ca:41:bf:
ba:3a:73:b5:45:4d:eb:cc:f9:93:ef:e8:37:09:00:
d6:f1:46:6c:13:0a:20:d4:ef:06:73:57:8c:2c:b5:
ea:ad:50:b3:6e:88:36:67:b0:49:a1:50:f0:a7:1b:
99:9a:98:ff:6c:84:88:17:e5:1a:91:ac:fa:8b:b8:
99:49:c6:e3:96:87:dc:93:9b:ea:ec:f4:77:58:65:
7e:4c:0c:72:99:77:2e:73:69:4e:ee:50:11:3e:c3:
d9:59:ee:2a:5a:94:ea:c6:4c:89:84:45:84:8e:fd:
d1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:41:10:D6:3B:F4:1C:4A:05:D9:9D:BE:3A:2D:93:20:8E:6B:BC:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
08:b5:f8:82:ae:80:6f:16:82:7b:34:4d:f6:97:40:38:81:be:
92:15:79:b7:b1:f3:8d:0c:0c:0f:d8:99:ae:5d:65:99:55:e6:
89:78:6d:b7:af:37:ae:89:8e:51:04:d2:56:76:47:f5:b0:6e:
1d:e1:48:1f:b9:a0:b4:af:c6:06:d4:39:a8:89:9e:d8:42:38:
02:4b:ab:ce:69:3c:4b:fe:51:48:1f:3f:34:8f:27:c1:7c:80:
94:12:04:31:d1:cc:3f:fa:11:da:42:00:64:3b:8c:6a:df:28:
48:6d:99:9c:bc:f1:d2:9a:5f:6e:88:31:98:a2:0c:5d:13:75:
97:c6:7f:30:4f:b5:dd:dc:54:b9:58:c0:a9:21:6e:c6:90:7f:
98:6d:bd:b4:7c:83:ea:20:7c:2a:09:b8:ab:ea:48:38:72:ca:
6a:e8:f2:16:bd:3d:d9:44:6b:20:76:df:89:e1:34:7d:43:5d:
ff:05:e1:5a:ab:5a:db:34:f1:94:b9:71:18:e7:00:73:b6:a4:
c3:27:de:2a:9e:7c:9b:bb:35:0b:54:af:2f:46:ad:d5:71:6a:
d6:37:c1:4b:67:7c:cf:76:d5:fa:8f:75:ff:39:49:46:98:6d:
10:ab:b7:c7:50:bb:98:0a:6d:3d:2f:90:7b:6e:0d:e3:0e:d2:
f1:e6:f4:7c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcHpOFn4J/jYpD4s/L6Wc0EEggD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyZDRlZmEyMThlZTgwYWViODMxY2FjNWI0ZWZiMmRhZWM2NzAzNWM1N2M0
ZDUxODYwOTUzYWMxOTc5ZmE5NmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1qne606ZiWHCwG7/3lGA+4SCTfKyKaZWSfK8WBnrgzZZDBKqm4Q/s2Vex9
CxZFTMbVBXP46fmWYjX5t9wOBVXTH2FAXYCbt38Bs2OcTfvvE/JVBF4w+8FfVFGR
5AofdeOYuhTMJ+3R9D9eShaD+iejf8pkMY0JP43e7lVKq3O91bwSRMKkXWfU1ZQR
K7FACE7iykG/ujpztUVN68z5k+/oNwkA1vFGbBMKINTvBnNXjCy16q1Qs26INmew
SaFQ8KcbmZqY/2yEiBflGpGs+ou4mUnG45aH3JOb6uz0d1hlfkwMcpl3LnNpTu5Q
ET7D2VnuKlqU6sZMiYRFhI790S8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSVQRDW
O/QcSgXZnb46LZMgjmu8/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQAItfiCroBvFoJ7NE32l0A4gb6SFXm3sfONDAwP2Jmu
XWWZVeaJeG23rzeuiY5RBNJWdkf1sG4d4UgfuaC0r8YG1DmoiZ7YQjgCS6vOaTxL
/lFIHz80jyfBfICUEgQx0cw/+hHaQgBkO4xq3yhIbZmcvPHSml9uiDGYogxdE3WX
xn8wT7Xd3FS5WMCpIW7GkH+Ybb20fIPqIHwqCbir6kg4cspq6PIWvT3ZRGsgdt+J
4TR9Q13/BeFaq1rbNPGUuXEY5wBztqTDJ94qnnybuzULVK8vRq3VcWrWN8FLZ3zP
dtX6j3X/OUlGmG0Qq7fHULuYCm09L5B7bg3jDtLx5vR8
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:39 2025 by rpki-client