Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: BAlnvQdJrQhX76PMG3yo1x7moB6hsVHnsiCZ0/ksWxc=
Subject key identifier: 68:3A:8D:E1:79:4F:F9:3D:8C:68:87:62:F6:A3:0D:39:DD:C7:29:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55C7981FBF243E8D486539D09A2D944C4DB75F64
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Sat 31 May 2025 00:50:23 +0000
ROA not before: Sat 31 May 2025 00:50:23 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:c7:98:1f:bf:24:3e:8d:48:65:39:d0:9a:2d:94:4c:4d:b7:5f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:23 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=03288dfd2182aae55753e5624942e3e840ce270257c313d005decaaa103037f6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b9:7f:51:60:28:c0:8e:67:8d:a5:80:be:38:
dc:94:47:fa:33:40:82:87:7a:72:a8:16:63:1d:65:
69:af:e0:c5:93:16:9b:c8:5b:89:01:c7:1f:1f:80:
b3:9d:35:30:49:70:a3:64:5d:09:11:89:53:be:e2:
96:98:c5:57:40:13:85:3a:33:e5:a1:0d:07:e9:9e:
41:ac:91:1a:f2:f4:11:43:8b:16:24:43:17:6a:db:
3f:cb:fa:a3:18:21:40:fe:75:d4:28:ac:2d:75:f7:
db:14:a7:96:6f:c4:93:6f:c9:5f:4c:36:70:42:b2:
ae:4f:ac:61:67:3f:f1:35:a9:d6:37:94:6e:5e:ae:
df:55:23:1d:29:42:02:81:26:01:75:83:b0:aa:1a:
8d:59:97:3b:fa:1d:6f:43:7d:3a:4f:38:0e:f9:00:
bc:88:67:fa:92:68:1b:1a:5d:4e:34:6f:06:0f:58:
47:70:a9:59:84:4f:a7:4d:7e:ec:84:09:5d:fb:aa:
00:ea:92:3a:fb:57:1e:52:32:fe:72:ad:db:32:a6:
d4:6c:f6:e2:3a:d2:ed:e7:5f:87:de:a4:32:d9:69:
87:dd:5f:18:29:f8:bc:3e:93:15:e7:02:7c:51:72:
e5:81:76:bd:c6:15:ea:84:b9:ef:4c:a5:ec:88:95:
77:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3A:8D:E1:79:4F:F9:3D:8C:68:87:62:F6:A3:0D:39:DD:C7:29:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
61:aa:a7:3e:e2:06:5a:22:1a:ab:44:47:a3:92:31:69:54:96:
e2:bf:e3:03:bb:e8:1f:f4:f6:81:f4:ca:a9:61:cc:83:18:a4:
24:ac:6f:f3:1e:c9:3d:98:62:13:be:d5:b4:ad:5d:53:1d:34:
f4:84:55:6e:65:ba:df:77:23:c5:77:04:20:19:31:ae:d1:a4:
3f:49:9d:49:78:78:7c:2d:e6:d7:23:68:e0:8d:68:bb:f1:95:
a8:b2:39:63:9b:d1:3c:d2:bd:a2:54:00:6b:00:b2:18:2d:f8:
5a:af:c6:5c:0e:89:0b:50:39:60:51:a4:c1:5c:5f:1e:7f:d6:
e6:1d:28:03:3c:81:02:52:2d:7f:74:6a:1b:0f:1c:83:49:d3:
4a:08:25:a2:e4:2c:a5:ba:77:fb:2c:93:09:4d:49:2c:19:74:
20:c0:a4:d6:b0:40:ca:42:76:d8:4c:8c:61:13:1f:81:07:81:
b7:cc:33:5d:12:e9:3f:e4:e9:5f:1e:49:51:70:e7:91:ee:bf:
43:0a:84:06:34:20:65:ae:bf:eb:12:3b:5b:af:0a:db:43:8d:
d9:c5:d4:49:86:17:e8:9c:fa:47:b4:58:61:21:02:89:a2:93:
1c:b3:68:07:4e:dc:2a:3d:52:86:4a:bd:b0:11:e0:41:47:21:
ad:09:a9:8e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVceYH78kPo1IZTnQmi2UTE23X2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjNaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMjg4ZGZkMjE4MmFhZTU1NzUzZTU2MjQ5NDJlM2U4NDBjZTI3MDI1N2Mz
MTNkMDA1ZGVjYWFhMTAzMDM3ZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK65f1FgKMCOZ42lgL443JRH+jNAgod6cqgWYx1laa/gxZMWm8hbiQHHHx+A
s501MElwo2RdCRGJU77ilpjFV0AThToz5aENB+meQayRGvL0EUOLFiRDF2rbP8v6
oxghQP511CisLXX32xSnlm/Ek2/JX0w2cEKyrk+sYWc/8TWp1jeUbl6u31UjHSlC
AoEmAXWDsKoajVmXO/odb0N9Ok84DvkAvIhn+pJoGxpdTjRvBg9YR3CpWYRPp01+
7IQJXfuqAOqSOvtXHlIy/nKt2zKm1Gz24jrS7edfh96kMtlph91fGCn4vD6TFecC
fFFy5YF2vcYV6oS570yl7IiVd+8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRoOo3h
eU/5PYxoh2L2ow053ccpRjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEAYaqnPuIGWiIaq0RHo5IxaVSW4r/jA7voH/T2
gfTKqWHMgxikJKxv8x7JPZhiE77VtK1dUx009IRVbmW633cjxXcEIBkxrtGkP0md
SXh4fC3m1yNo4I1ou/GVqLI5Y5vRPNK9olQAawCyGC34Wq/GXA6JC1A5YFGkwVxf
Hn/W5h0oAzyBAlItf3RqGw8cg0nTSgglouQspbp3+yyTCU1JLBl0IMCk1rBAykJ2
2EyMYRMfgQeBt8wzXRLpP+TpXx5JUXDnke6/QwqEBjQgZa6/6xI7W68K20ON2cXU
SYYX6Jz6R7RYYSECiaKTHLNoB07cKj1Shkq9sBHgQUchrQmpjg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:54:54 2025 by rpki-client