Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: z/eHl3XdPaeNUDfwhfA55wFRONlGeo5lUovgLHkCSpo=
Subject key identifier: C0:F1:B6:4F:BB:82:64:10:5A:E1:7B:8C:3F:CF:0C:BC:B8:F3:F7:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A39AEC17F32FC7736289D9926735F11F3EEDE9C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Tue 20 May 2025 20:50:36 +0000
ROA not before: Tue 20 May 2025 20:50:36 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:39:ae:c1:7f:32:fc:77:36:28:9d:99:26:73:5f:11:f3:ee:de:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:36 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=508eb29983f8ff8c66a4534dae49afa36601d4a2bf1cac5ab062497f0aee0e57, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:fa:9a:cf:45:99:6e:0c:84:a7:41:d3:45:ee:
ec:63:4a:15:6e:93:54:d4:d5:51:18:d4:d2:75:b6:
c7:44:f8:4a:58:77:bf:44:b5:16:4d:60:07:89:4e:
02:1b:98:cd:f1:0d:c3:de:1b:ad:66:40:3e:0d:ee:
f5:c9:08:cd:1b:b4:13:a0:01:bd:3f:38:63:ec:3f:
f8:7a:f2:a4:6a:6e:3b:a2:56:3e:2e:e9:ea:53:02:
13:62:d9:41:53:59:54:da:0b:45:e3:91:83:e7:aa:
a4:40:f1:b0:ba:44:7d:5a:f9:a4:9c:6e:c0:8b:2d:
ef:ed:7e:a1:be:fd:c3:c2:10:7c:9a:f2:34:e8:b6:
99:5a:f8:52:a9:e7:ae:36:88:e2:59:2e:56:9f:13:
04:8f:c8:7b:c6:c5:69:bc:71:eb:71:ac:d1:98:67:
da:b5:e3:63:27:80:69:48:64:3a:83:77:4e:61:50:
d7:76:ad:91:c1:eb:2f:8e:c0:37:28:7b:b9:ab:aa:
61:3a:82:aa:72:33:81:5e:0a:71:a5:47:53:ef:85:
b8:71:1c:71:36:aa:64:8a:90:63:cb:41:c1:51:76:
a9:73:23:5c:3b:42:f2:bd:43:9a:f2:7b:e0:56:bf:
88:fd:18:ef:0a:f9:cd:f2:76:ca:b3:90:ad:21:e6:
5e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F1:B6:4F:BB:82:64:10:5A:E1:7B:8C:3F:CF:0C:BC:B8:F3:F7:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6e:d2:af:82:dd:91:a5:ec:56:56:d2:45:ec:90:8a:d0:30:3a:
15:6d:c5:1c:43:15:a8:2e:48:43:22:12:e8:5e:62:ae:5d:18:
00:1d:3b:4e:3a:fe:9c:8f:07:3a:04:82:0a:35:8b:59:d7:11:
a9:8a:55:5e:1f:e6:0a:0f:81:54:bb:a1:d1:4c:41:8b:6e:91:
e6:e9:55:ff:59:08:d4:10:8a:14:ce:69:44:0c:06:0c:a5:d7:
88:63:20:f1:92:97:c4:5e:bf:98:1a:1e:e3:48:47:73:a6:cb:
9b:33:fe:88:19:a1:9e:b0:b0:17:1d:69:52:e4:44:4b:80:85:
6d:e1:bf:fe:56:af:ad:3e:cc:ed:62:31:a6:27:7b:ba:db:e8:
39:8c:70:ac:cd:d6:ce:1b:b2:a9:31:32:10:7f:7a:c1:06:64:
b9:31:5a:4d:4a:e1:cb:bf:55:62:ee:b5:7f:05:38:58:b2:dc:
cf:ed:5c:15:36:a5:4c:0b:2d:b3:58:39:0d:bc:71:b4:ce:cd:
f7:53:79:70:9b:9b:c7:b6:53:cd:55:f9:b8:31:8b:20:b1:1b:
77:15:67:41:5f:c3:f3:98:8a:83:7f:02:c9:1f:ca:eb:11:96:
74:11:11:64:12:9d:24:af:82:df:8e:44:42:17:a2:69:67:65:
4b:71:3c:2c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUejmuwX8y/Hc2KJ2ZJnNfEfPu3pwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMzZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwOGViMjk5ODNmOGZmOGM2NmE0NTM0ZGFlNDlhZmEzNjYwMWQ0YTJiZjFj
YWM1YWIwNjI0OTdmMGFlZTBlNTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO/6ms9FmW4MhKdB00Xu7GNKFW6TVNTVURjU0nW2x0T4Slh3v0S1Fk1gB4lO
AhuYzfENw94brWZAPg3u9ckIzRu0E6ABvT84Y+w/+HrypGpuO6JWPi7p6lMCE2LZ
QVNZVNoLReORg+eqpEDxsLpEfVr5pJxuwIst7+1+ob79w8IQfJryNOi2mVr4Uqnn
rjaI4lkuVp8TBI/Ie8bFabxx63Gs0Zhn2rXjYyeAaUhkOoN3TmFQ13atkcHrL47A
Nyh7uauqYTqCqnIzgV4KcaVHU++FuHEccTaqZIqQY8tBwVF2qXMjXDtC8r1DmvJ7
4Fa/iP0Y7wr5zfJ2yrOQrSHmXiECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTA8bZP
u4JkEFrhe4w/zwy8uPP3hTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQBu0q+C3ZGl7FZW0kXskIrQMDoVbcUcQxWoLkhDIhLo
XmKuXRgAHTtOOv6cjwc6BIIKNYtZ1xGpilVeH+YKD4FUu6HRTEGLbpHm6VX/WQjU
EIoUzmlEDAYMpdeIYyDxkpfEXr+YGh7jSEdzpsubM/6IGaGesLAXHWlS5ERLgIVt
4b/+Vq+tPsztYjGmJ3u62+g5jHCszdbOG7KpMTIQf3rBBmS5MVpNSuHLv1Vi7rV/
BThYstzP7VwVNqVMCy2zWDkNvHG0zs33U3lwm5vHtlPNVfm4MYsgsRt3FWdBX8Pz
mIqDfwLJH8rrEZZ0ERFkEp0kr4LfjkRCF6JpZ2VLcTws
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:59:04 2025 by rpki-client