Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
File: 397b5a86-52b0-4a8c-87de-e6da77812b46.roa (raw, json)
Hash identifier: gKihgCZkVGVGexYZcVB8xNTJG5OU27HMaKP4BBk4ZLY=
Subject key identifier: ED:93:72:4D:2C:1D:5D:AC:0D:DC:FF:CE:DE:35:A9:D3:86:6A:87:B2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0CB4191351035AB31FA2A8C30686FDFE7571B755
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
Signing time: Tue 20 May 2025 20:50:44 +0000
ROA not before: Tue 20 May 2025 20:50:44 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:b4:19:13:51:03:5a:b3:1f:a2:a8:c3:06:86:fd:fe:75:71:b7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:44 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=fbafde779da7339d0bde1675bcda75be07c72b82e08b4b6d2889695aeca6c2b0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:21:b3:c8:13:ac:4c:a3:45:9c:28:11:c4:50:
bd:da:65:c3:cd:83:88:3f:a8:9c:30:61:b2:0f:a2:
80:c0:8f:7f:2d:0f:6f:38:57:49:25:34:23:b5:53:
34:69:32:42:7a:df:8c:79:a0:b2:a8:2a:a9:3f:c1:
e5:e5:e3:55:b8:7b:06:54:2c:03:2c:af:b9:c7:4d:
37:03:ec:24:33:a3:30:f4:b1:56:cd:d5:78:26:91:
ed:8b:8b:40:04:f6:50:0b:b2:64:0f:48:6f:b7:5b:
37:0d:97:5b:0b:c5:39:cf:8e:4f:4c:74:14:d7:a0:
ca:06:88:e8:e3:97:4c:e3:f6:a4:3b:49:d8:ab:92:
4b:99:67:65:56:21:b1:95:ad:9b:97:95:c2:32:b8:
a7:62:f8:12:29:aa:c3:91:cf:88:00:23:69:b1:00:
cd:6f:a3:37:71:55:d8:0b:cc:dc:0e:15:52:32:eb:
e8:58:4c:9f:e0:a6:1d:ee:08:89:7e:28:5a:a1:69:
e2:78:db:bd:4c:b0:52:b7:d0:24:fb:11:cc:fc:de:
3a:2f:ae:26:6a:d0:6a:9d:39:5f:42:68:17:d0:f1:
b5:3b:cb:2b:3a:8e:00:d4:e7:b0:d4:23:35:0e:80:
d6:59:11:87:cf:8e:fe:38:08:62:c9:62:06:e3:27:
9c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:93:72:4D:2C:1D:5D:AC:0D:DC:FF:CE:DE:35:A9:D3:86:6A:87:B2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0e:3b:42:ed:47:e7:cc:4a:95:2e:c3:66:90:51:c2:d8:48:f9:
d1:ee:fe:c4:86:3d:c5:31:2e:30:24:65:4e:72:9b:c5:20:e5:
e6:7d:31:60:de:66:17:f5:8c:53:ba:df:b1:b3:89:69:5f:77:
eb:bd:b5:93:31:a9:5b:01:7f:23:51:29:cb:83:51:6e:7a:b5:
69:2f:52:68:a6:63:47:b4:5c:6f:40:a9:c3:d0:dc:05:70:10:
8e:46:54:55:96:45:8b:98:de:95:76:09:8c:61:5e:a2:b9:87:
72:ee:ed:2b:aa:b9:49:2e:49:f6:f7:ba:e3:bc:b6:a3:8d:ba:
bb:9e:98:6a:7c:cd:2e:65:52:6b:96:0a:da:f8:b9:50:9b:17:
44:8e:1d:5d:3e:2e:b9:97:f8:e1:17:64:15:57:4f:18:9c:7f:
6e:a7:6c:ed:c4:d9:d5:04:03:db:23:34:a2:aa:ad:3b:56:70:
81:3f:53:84:a7:98:9c:f4:26:f2:4a:88:85:93:f9:08:9a:32:
87:2e:71:32:48:cf:00:d9:34:87:30:1d:13:a1:cd:29:3f:fc:
a8:73:57:6b:ed:ee:22:7b:4c:13:32:52:aa:88:76:4a:d5:23:
66:ea:99:9a:3a:7d:52:d7:8a:5d:ed:d5:ea:19:3e:79:39:b3:
0b:f9:6a:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDLQZE1EDWrMfoqjDBob9/nVxt1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiYWZkZTc3OWRhNzMzOWQwYmRlMTY3NWJjZGE3NWJlMDdjNzJiODJlMDhi
NGI2ZDI4ODk2OTVhZWNhNmMyYjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwhs8gTrEyjRZwoEcRQvdplw82DiD+onDBhsg+igMCPfy0PbzhXSSU0I7VT
NGkyQnrfjHmgsqgqqT/B5eXjVbh7BlQsAyyvucdNNwPsJDOjMPSxVs3VeCaR7YuL
QAT2UAuyZA9Ib7dbNw2XWwvFOc+OT0x0FNegygaI6OOXTOP2pDtJ2KuSS5lnZVYh
sZWtm5eVwjK4p2L4Eimqw5HPiAAjabEAzW+jN3FV2AvM3A4VUjLr6FhMn+CmHe4I
iX4oWqFp4njbvUywUrfQJPsRzPzeOi+uJmrQap05X0JoF9DxtTvLKzqOANTnsNQj
NQ6A1lkRh8+O/jgIYsliBuMnnEcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTtk3JN
LB1drA3c/87eNanThmqHsjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzk3YjVhODYtNTJiMC00YThjLTg3ZGUtZTZkYTc3ODEyYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQAOO0LtR+fMSpUuw2aQUcLYSPnR7v7Ehj3FMS4wJGVO
cpvFIOXmfTFg3mYX9YxTut+xs4lpX3frvbWTMalbAX8jUSnLg1FuerVpL1JopmNH
tFxvQKnD0NwFcBCORlRVlkWLmN6VdgmMYV6iuYdy7u0rqrlJLkn297rjvLajjbq7
nphqfM0uZVJrlgra+LlQmxdEjh1dPi65l/jhF2QVV08YnH9up2ztxNnVBAPbIzSi
qq07VnCBP1OEp5ic9CbySoiFk/kImjKHLnEySM8A2TSHMB0Toc0pP/yoc1dr7e4i
e0wTMlKqiHZK1SNm6pmaOn1S14pd7dXqGT55ObML+WqF
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:45 2025 by rpki-client