Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: oXH/IcLsqQxbqkjt6X/L4toRNfn7YQOpnA7qkLrDOgE=
Subject key identifier: 0D:39:33:83:C7:27:C1:4E:45:28:7A:50:1F:F9:16:CC:12:14:88:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7984C1B167FBEC284065DC9BE2A60C0B6CEF0C68
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Sat 31 May 2025 00:50:29 +0000
ROA not before: Sat 31 May 2025 00:50:29 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:84:c1:b1:67:fb:ec:28:40:65:dc:9b:e2:a6:0c:0b:6c:ef:0c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:29 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=a9f74dd26f24fce5424d929133ec6dd61578985314dac828cf2b8ee47efd37ae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:92:a6:b6:fd:14:af:df:66:6b:0d:27:f3:94:
ad:85:0b:81:f0:03:20:59:4a:6f:75:64:30:75:d1:
ba:38:58:62:34:f2:e2:4d:10:5e:cc:95:59:12:46:
75:94:58:60:3d:52:e1:fd:04:c0:8c:c0:0e:5b:51:
d0:cc:b2:58:9c:1b:9e:6e:9c:72:19:09:57:1c:eb:
31:23:16:e6:3f:eb:a4:e0:e6:6d:05:97:f9:9f:d7:
c8:40:29:c8:45:7b:c1:38:14:12:a1:97:c4:d3:83:
ac:f6:8b:69:6f:46:09:98:33:81:69:f3:57:79:2f:
15:c0:a8:c6:8d:bc:8e:70:04:05:1d:1e:b0:d5:c1:
5c:f1:0e:40:35:cb:ae:07:cf:33:91:4d:f6:c8:70:
5c:7b:2b:9d:50:b0:65:58:c1:b3:de:a0:8c:ea:e6:
17:c4:f4:69:76:0b:5f:76:a5:97:e4:5c:2d:91:ec:
da:f1:7f:31:dd:1c:5a:2b:24:bc:53:cb:81:5c:9c:
e7:9e:2d:5a:d0:c4:c2:a3:d0:e5:d9:de:d9:6b:1a:
24:6a:8a:17:6b:33:eb:21:64:82:b9:ff:ed:0d:e5:
3d:7a:65:26:7f:1c:51:67:14:8e:76:9f:2b:19:bf:
2c:78:be:7e:fa:6d:35:a8:94:02:06:ba:33:f1:2b:
c7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:39:33:83:C7:27:C1:4E:45:28:7A:50:1F:F9:16:CC:12:14:88:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a5:8a:9e:c9:f0:29:74:29:ca:cf:ca:ad:9d:a8:40:63:11:b9:
64:d4:86:a2:ac:be:e2:ad:cb:10:da:08:87:f5:99:0a:f8:7c:
cf:d7:24:53:f9:b7:3b:8a:15:1f:2e:41:93:14:75:62:15:1f:
1d:31:57:08:21:39:ac:27:d6:a8:29:46:7b:a0:e2:f6:28:fd:
d5:f7:4f:c3:ed:a0:31:86:a5:0a:a2:f0:e3:f7:2f:c3:bf:5f:
81:2c:eb:b4:ea:e4:72:95:6d:99:43:5b:b1:52:75:dc:0e:3f:
71:bd:e7:a1:b4:40:5d:c4:ca:29:d7:47:e0:a7:1a:1b:51:68:
eb:6a:18:8a:4d:f9:c7:e5:ce:ea:51:53:ad:29:b1:81:d1:c1:
79:ed:35:18:87:f6:5d:c4:c4:d4:4a:0f:5c:19:25:ef:fa:42:
e6:b6:4f:1c:c8:81:e6:f6:b8:2d:59:63:3a:89:b5:52:a1:90:
86:ae:3d:7f:aa:76:f4:dd:89:9f:45:44:c9:1a:2a:db:00:21:
85:69:a6:e4:64:88:bc:a5:28:96:db:cd:1e:01:78:95:6a:79:
54:cd:cb:4d:d6:5c:47:8b:45:d3:0d:4d:50:14:03:83:75:d2:
4c:40:b8:e5:a0:6d:84:8a:59:6d:87:7c:7e:80:26:79:66:42:
b1:71:f6:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeYTBsWf77ChAZdyb4qYMC2zvDGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjlaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5Zjc0ZGQyNmYyNGZjZTU0MjRkOTI5MTMzZWM2ZGQ2MTU3ODk4NTMxNGRh
YzgyOGNmMmI4ZWU0N2VmZDM3YWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCSprb9FK/fZmsNJ/OUrYULgfADIFlKb3VkMHXRujhYYjTy4k0QXsyVWRJG
dZRYYD1S4f0EwIzADltR0MyyWJwbnm6cchkJVxzrMSMW5j/rpODmbQWX+Z/XyEAp
yEV7wTgUEqGXxNODrPaLaW9GCZgzgWnzV3kvFcCoxo28jnAEBR0esNXBXPEOQDXL
rgfPM5FN9shwXHsrnVCwZVjBs96gjOrmF8T0aXYLX3all+RcLZHs2vF/Md0cWisk
vFPLgVyc554tWtDEwqPQ5dne2WsaJGqKF2sz6yFkgrn/7Q3lPXplJn8cUWcUjnaf
Kxm/LHi+fvptNaiUAga6M/Erx5UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNOTOD
xyfBTkUoelAf+RbMEhSIbjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQClip7J8Cl0KcrPyq2dqEBjEblk1IairL7ircsQ2giH
9ZkK+HzP1yRT+bc7ihUfLkGTFHViFR8dMVcIITmsJ9aoKUZ7oOL2KP3V90/D7aAx
hqUKovDj9y/Dv1+BLOu06uRylW2ZQ1uxUnXcDj9xveehtEBdxMop10fgpxobUWjr
ahiKTfnH5c7qUVOtKbGB0cF57TUYh/ZdxMTUSg9cGSXv+kLmtk8cyIHm9rgtWWM6
ibVSoZCGrj1/qnb03YmfRUTJGirbACGFaabkZIi8pSiW280eAXiVanlUzctN1lxH
i0XTDU1QFAODddJMQLjloG2Eillth3x+gCZ5ZkKxcfaT
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:27 2025 by rpki-client