Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
File: 69988e45-d4fb-4896-be53-951c20d12c48.roa (raw, json)
Hash identifier: G1mx5syoUal6Mzq3PbrlYsygjW410I2B+UQM00jfghk=
Subject key identifier: 5F:E7:94:6E:23:6F:D4:15:17:F4:2A:EE:9E:AD:2B:79:81:E1:3A:79
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 441CF761C58399E79536AC174869751688823EAE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
Signing time: Tue 20 May 2025 20:41:27 +0000
ROA not before: Tue 20 May 2025 20:41:27 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:1c:f7:61:c5:83:99:e7:95:36:ac:17:48:69:75:16:88:82:3e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:27 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=75297738296ad7440ac181757e7b54430d43bae90885ff4f967cbfc3e494474b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c6:e0:53:5a:7d:86:e3:ea:82:fc:82:09:9b:
96:9a:36:ae:b3:60:e1:97:af:e5:37:71:41:e4:4c:
ed:e0:bc:2c:ae:1f:38:45:8b:b7:ba:cc:e0:d3:68:
f2:d4:09:d9:33:c1:a7:61:9c:0f:11:60:21:8b:74:
d8:a1:1f:2d:fc:4f:99:61:2e:50:e0:ad:31:c6:46:
ab:ab:ac:f2:b3:22:0e:7d:c0:66:7f:66:11:1f:38:
c7:3f:de:7a:67:93:65:cb:42:62:1d:41:29:bb:a9:
a0:64:9c:eb:bd:dc:b6:c3:2f:11:22:34:a0:4f:ec:
38:ee:43:27:11:25:fb:76:6e:4f:95:9c:c9:05:32:
aa:0e:b0:5c:82:1a:04:fd:5d:61:79:54:22:d8:29:
e4:3c:66:99:52:48:4e:22:ba:24:d6:7b:14:ee:c1:
b3:ba:d4:78:67:95:5c:f2:0d:e5:1e:8d:47:c5:ad:
af:54:99:8b:a9:2e:db:32:84:c5:a6:03:92:21:77:
ff:95:71:cc:fe:dd:69:bd:6c:5a:55:cf:c9:8f:08:
2f:bc:0a:6f:ed:4c:a6:41:fb:aa:e5:3b:22:6c:50:
69:57:b9:6d:e0:34:b8:da:37:d1:ca:a9:45:bf:f4:
8d:7c:ca:f4:0d:26:7a:e1:38:9a:8c:51:bb:d4:2c:
e5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E7:94:6E:23:6F:D4:15:17:F4:2A:EE:9E:AD:2B:79:81:E1:3A:79
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:11:03:5c:44:b3:3f:eb:16:a8:c6:bd:a1:8c:54:bc:f1:fa:
d7:e3:b6:00:bf:1e:f0:c2:e4:d7:4f:b5:a0:db:c6:91:25:be:
f5:60:51:4f:c7:aa:94:17:ec:b1:02:c9:17:a9:ec:40:d2:05:
99:45:eb:00:22:be:03:e3:3b:d9:90:da:40:ff:f9:ae:7c:39:
c3:62:93:da:ea:c1:3a:31:46:cf:21:ae:8d:1b:7a:81:a5:63:
01:d8:28:4e:fe:44:a7:a7:97:47:7c:b6:30:5b:08:cf:cb:e5:
79:37:fd:76:26:97:2e:0a:e2:dd:ef:ee:df:a7:a8:19:43:b2:
41:26:b3:27:71:fe:1b:de:47:94:70:c6:6b:65:07:f8:33:0d:
49:d4:76:e7:e4:22:a5:74:10:6a:90:c2:8e:2a:e3:31:2b:b9:
b3:78:aa:1f:be:6b:4a:6f:bc:34:a9:2f:d4:cf:6a:74:14:25:
3e:7d:ec:ed:33:46:c7:13:5e:ae:d4:bd:6e:d3:c1:16:ef:05:
3b:74:a4:8b:98:40:bd:5b:fd:29:00:8f:3e:21:14:86:39:6f:
84:23:35:33:70:e4:ef:41:a7:a2:8b:5e:9f:06:4d:ca:15:26:
fc:22:8e:25:c5:dd:02:b1:69:57:1c:0d:64:6a:fb:85:d4:28:
cb:a0:39:38
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIURBz3YcWDmeeVNqwXSGl1FoiCPq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1Mjk3NzM4Mjk2YWQ3NDQwYWMxODE3NTdlN2I1NDQzMGQ0M2JhZTkwODg1
ZmY0Zjk2N2NiZmMzZTQ5NDQ3NGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/G4FNafYbj6oL8ggmblpo2rrNg4Zev5TdxQeRM7eC8LK4fOEWLt7rM4NNo
8tQJ2TPBp2GcDxFgIYt02KEfLfxPmWEuUOCtMcZGq6us8rMiDn3AZn9mER84xz/e
emeTZctCYh1BKbupoGSc673ctsMvESI0oE/sOO5DJxEl+3ZuT5WcyQUyqg6wXIIa
BP1dYXlUItgp5DxmmVJITiK6JNZ7FO7Bs7rUeGeVXPIN5R6NR8Wtr1SZi6ku2zKE
xaYDkiF3/5VxzP7dab1sWlXPyY8IL7wKb+1MpkH7quU7ImxQaVe5beA0uNo30cqp
Rb/0jXzK9A0meuE4moxRu9Qs5e8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRf55Ru
I2/UFRf0Ku6erSt5geE6eTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk5ODhlNDUtZDRmYi00ODk2LWJlNTMtOTUxYzIwZDEyYzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAEoRA1xEsz/rFqjGvaGMVLzx+tfjtgC/HvDC5NdP
taDbxpElvvVgUU/HqpQX7LECyRep7EDSBZlF6wAivgPjO9mQ2kD/+a58OcNik9rq
wToxRs8hro0beoGlYwHYKE7+RKenl0d8tjBbCM/L5Xk3/XYmly4K4t3v7t+nqBlD
skEmsydx/hveR5RwxmtlB/gzDUnUdufkIqV0EGqQwo4q4zErubN4qh++a0pvvDSp
L9TPanQUJT597O0zRscTXq7UvW7TwRbvBTt0pIuYQL1b/SkAjz4hFIY5b4QjNTNw
5O9Bp6KLXp8GTcoVJvwijiXF3QKxaVccDWRq+4XUKMugOTg=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:23 2025 by rpki-client