Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: rnaNzx05tHbh0WMPtRqhHyELlRtV1KQwxWuFozx6xPk=
Subject key identifier: 8A:81:9D:A1:F9:C3:CD:29:C3:62:6A:44:35:91:5F:E3:6B:8C:9E:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48ECF50FE94EBE5F4A68582F325493F5DA1F69F8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Sat 31 May 2025 00:50:17 +0000
ROA not before: Sat 31 May 2025 00:50:17 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:ec:f5:0f:e9:4e:be:5f:4a:68:58:2f:32:54:93:f5:da:1f:69:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:17 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=515aa154952dda721b3dc0a72d9f63a9f51dfb7f6ffebd213a771422a98cea42, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:4b:ab:d2:39:b9:02:75:a1:e4:0d:cf:09:
91:09:53:e9:9e:01:a6:fb:03:d9:5f:f9:7f:5f:d0:
ef:86:39:f9:42:f2:84:da:8d:bd:b9:15:16:f1:a6:
91:76:f7:5a:83:05:02:66:aa:e2:cb:78:71:77:31:
e6:ac:91:e6:1c:4d:84:80:d5:94:21:7f:e7:ce:79:
68:7b:48:85:a9:01:d5:03:e1:70:c4:07:5a:d0:44:
22:c1:86:bf:81:02:1e:6f:92:ec:b7:78:35:99:9b:
7f:9e:78:75:69:d0:65:f0:0e:80:30:74:91:38:d6:
9c:ff:f2:5c:20:1e:42:5d:b3:62:b4:2c:0e:2e:8d:
04:eb:5c:4b:36:1e:6d:1a:9f:4f:73:ff:a0:46:c2:
20:a7:68:13:41:62:dd:77:9a:ef:ee:21:a7:af:61:
cb:e4:04:2c:e6:82:5b:63:42:8e:46:c6:54:fe:19:
6e:f0:dc:c1:e7:b0:9d:64:4e:38:f2:be:3f:23:93:
01:88:1b:7c:dd:9d:41:81:25:e7:ae:32:a0:a4:40:
0a:ac:ac:cf:c7:f7:a7:c8:77:af:0c:b6:06:11:03:
58:e1:de:24:2d:c1:55:46:a2:61:e7:84:87:e3:6d:
63:35:3a:14:c1:9e:8a:5c:e9:ea:6d:58:d8:2b:c8:
d4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:81:9D:A1:F9:C3:CD:29:C3:62:6A:44:35:91:5F:E3:6B:8C:9E:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:51:1e:3d:d7:9c:0d:39:9c:59:70:82:10:df:d7:81:e3:f5:
80:f1:ae:2b:a8:5c:4e:26:1f:f2:4d:69:5b:b8:d3:85:7d:1f:
7b:e1:f6:b6:6e:2e:9d:ba:42:8e:a1:a0:41:4c:b4:2c:42:8d:
56:36:db:02:77:55:34:57:4f:8c:fe:26:47:3a:e5:17:bf:8c:
3b:bd:91:01:dc:c7:00:48:45:9a:69:94:32:a6:0b:35:01:f4:
79:3b:43:86:9c:54:12:d5:a4:a0:62:80:e7:9e:91:3f:3f:f7:
05:67:2c:f1:7d:aa:1b:a5:d9:98:36:3e:f2:80:5b:b6:45:14:
4e:d5:4b:e5:8b:ce:53:00:c4:a8:14:c1:02:41:da:fc:91:54:
60:07:55:3c:6a:89:fe:d8:3a:d4:38:7b:94:48:bb:2c:38:36:
c6:a7:8d:14:0a:77:e9:51:3a:98:06:92:f4:ff:41:31:ac:3e:
ad:de:c8:df:36:20:c8:74:b2:2d:4d:48:f7:02:b7:21:bc:e0:
c0:c8:e8:8d:73:64:5a:90:26:4f:6e:39:2e:fe:50:6d:f6:94:
49:3e:14:41:49:8e:0b:9e:b4:b3:36:3f:8f:53:4f:e0:47:15:
77:ae:3d:02:43:a9:7b:75:2f:2b:cf:66:0d:d5:15:88:0b:b0:
43:2e:3d:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSOz1D+lOvl9KaFgvMlST9dofafgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMTdaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNWFhMTU0OTUyZGRhNzIxYjNkYzBhNzJkOWY2M2E5ZjUxZGZiN2Y2ZmZl
YmQyMTNhNzcxNDIyYTk4Y2VhNDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALX5S6vSObkCdaHkDc8JkQlT6Z4BpvsD2V/5f1/Q74Y5+ULyhNqNvbkVFvGm
kXb3WoMFAmaq4st4cXcx5qyR5hxNhIDVlCF/5855aHtIhakB1QPhcMQHWtBEIsGG
v4ECHm+S7Ld4NZmbf554dWnQZfAOgDB0kTjWnP/yXCAeQl2zYrQsDi6NBOtcSzYe
bRqfT3P/oEbCIKdoE0Fi3Xea7+4hp69hy+QELOaCW2NCjkbGVP4ZbvDcweewnWRO
OPK+PyOTAYgbfN2dQYEl564yoKRACqysz8f3p8h3rwy2BhEDWOHeJC3BVUaiYeeE
h+NtYzU6FMGeilzp6m1Y2CvI1FkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKgZ2h
+cPNKcNiakQ1kV/ja4yeLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAXUR4915wNOZxZcIIQ39eB4/WA8a4rqFxOJh/yTWlb
uNOFfR974fa2bi6dukKOoaBBTLQsQo1WNtsCd1U0V0+M/iZHOuUXv4w7vZEB3McA
SEWaaZQypgs1AfR5O0OGnFQS1aSgYoDnnpE/P/cFZyzxfaobpdmYNj7ygFu2RRRO
1Uvli85TAMSoFMECQdr8kVRgB1U8aon+2DrUOHuUSLssODbGp40UCnfpUTqYBpL0
/0ExrD6t3sjfNiDIdLItTUj3ArchvODAyOiNc2RakCZPbjku/lBt9pRJPhRBSY4L
nrSzNj+PU0/gRxV3rj0CQ6l7dS8rz2YN1RWIC7BDLj1e
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:47:13 2025 by rpki-client