Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: /EVHK/+qcmyQPKnMDBvokM14+EbA5CFNeXVS1INuV2Q=
Subject key identifier: 5A:20:D8:79:9C:44:8C:63:9E:EB:6B:DF:3A:DA:72:6F:7A:7B:93:77
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2502702BB65A6ADB29327DB9788226560F240708
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Mon 01 Sep 2025 21:30:46 +0000
ROA not before: Mon 01 Sep 2025 21:30:46 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 08:32:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:02:70:2b:b6:5a:6a:db:29:32:7d:b9:78:82:26:56:0f:24:07:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:46 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=7fb5e5857f3ccbabdcb9728ffa85112787d0e694061d56b8f8c517f69fbf3b2f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:30:fc:e1:a2:59:06:90:68:8b:5c:62:54:38:
ea:be:94:f6:f5:89:0a:60:00:46:be:74:74:9c:a1:
1e:cb:b5:ad:c5:e9:29:e5:b0:63:8b:35:8c:89:67:
b2:5d:ad:05:21:97:ca:44:56:17:e8:fe:8f:d5:47:
86:5a:35:00:da:a0:4f:c9:98:1d:cb:ba:90:7c:5e:
e9:0e:95:fe:1b:0c:f9:73:1b:5e:17:ab:93:41:71:
38:fa:10:aa:3d:6f:cb:d7:77:60:f3:94:5c:75:06:
25:e9:cd:d7:70:ae:0b:af:0e:c5:15:0a:00:1a:9d:
9c:a8:ef:f5:8d:28:5a:26:cf:ab:0b:a0:a0:db:87:
e0:79:71:32:c5:ea:82:88:09:22:26:a8:fb:fd:6d:
81:b9:03:1c:a3:36:b0:10:38:dc:99:12:4e:0a:4a:
4b:a3:db:3a:5f:38:16:e2:ff:6d:3f:51:ea:2c:09:
97:05:39:91:6a:28:6f:ca:ae:38:15:a2:94:cb:b4:
8b:fe:2e:f8:b8:de:7a:33:62:6e:f0:e0:87:65:bd:
a6:7e:99:40:ba:7d:5d:37:2d:48:c7:76:58:d5:58:
64:da:54:28:8f:b1:54:6d:13:f6:3a:cd:02:f7:65:
5d:07:1d:b8:8a:97:70:53:aa:ac:e5:7f:81:66:01:
24:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:20:D8:79:9C:44:8C:63:9E:EB:6B:DF:3A:DA:72:6F:7A:7B:93:77
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2e:ff:18:d9:d5:17:12:93:2a:4b:9d:a6:16:0b:cd:5e:b1:2f:
c4:1e:ee:4e:96:ef:16:2a:65:98:97:03:a2:67:d4:ae:66:59:
79:bf:33:71:0c:b0:92:21:01:2e:cc:c0:55:94:bb:19:3e:1f:
99:d4:fb:0d:5e:4d:be:c7:df:75:90:e2:37:69:73:bc:75:8d:
f6:96:8d:4c:69:a8:5d:cb:6b:e5:a9:7f:6f:69:01:51:4c:90:
ff:66:41:ac:a2:a1:16:46:dd:f3:bf:a9:46:db:80:4a:97:cb:
a5:17:92:45:9c:a0:d7:c6:3b:d5:a7:a2:0b:76:0d:77:5c:c9:
96:cc:e9:ea:3f:a4:a4:e3:e6:b3:ab:e8:95:57:aa:94:76:32:
3e:fb:7e:2e:9d:91:92:d6:95:e6:75:08:70:7f:ca:bf:d7:55:
a2:6b:96:a2:ee:40:3c:cb:83:46:42:5b:7c:4d:94:7d:73:e1:
a9:53:c4:c2:c0:c8:76:07:63:a4:06:b9:6a:39:6a:ab:d2:68:
4e:23:50:9f:b8:c6:f8:d1:0a:d3:98:86:49:14:83:da:ce:01:
52:50:a1:19:c3:33:3c:c0:f6:b6:9c:8b:9b:6e:e8:61:01:ed:
84:96:f9:18:29:61:f1:a8:97:1b:68:58:99:d4:8b:7f:e2:d8:
19:ad:08:cd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJQJwK7ZaatspMn25eIImVg8kBwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwNDZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmYjVlNTg1N2YzY2NiYWJkY2I5NzI4ZmZhODUxMTI3ODdkMGU2OTQwNjFk
NTZiOGY4YzUxN2Y2OWZiZjNiMmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMw/OGiWQaQaItcYlQ46r6U9vWJCmAARr50dJyhHsu1rcXpKeWwY4s1jIln
sl2tBSGXykRWF+j+j9VHhlo1ANqgT8mYHcu6kHxe6Q6V/hsM+XMbXherk0FxOPoQ
qj1vy9d3YPOUXHUGJenN13CuC68OxRUKABqdnKjv9Y0oWibPqwugoNuH4HlxMsXq
gogJIiao+/1tgbkDHKM2sBA43JkSTgpKS6PbOl84FuL/bT9R6iwJlwU5kWoob8qu
OBWilMu0i/4u+LjeejNibvDgh2W9pn6ZQLp9XTctSMd2WNVYZNpUKI+xVG0T9jrN
AvdlXQcduIqXcFOqrOV/gWYBJDMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRaINh5
nESMY57ra9862nJvenuTdzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQAu/xjZ1RcSkypLnaYWC81esS/EHu5Olu8WKmWYlwOi
Z9SuZll5vzNxDLCSIQEuzMBVlLsZPh+Z1PsNXk2+x991kOI3aXO8dY32lo1Maahd
y2vlqX9vaQFRTJD/ZkGsoqEWRt3zv6lG24BKl8ulF5JFnKDXxjvVp6ILdg13XMmW
zOnqP6Sk4+azq+iVV6qUdjI++34unZGS1pXmdQhwf8q/11Wia5ai7kA8y4NGQlt8
TZR9c+GpU8TCwMh2B2OkBrlqOWqr0mhOI1CfuMb40QrTmIZJFIPazgFSUKEZwzM8
wPa2nIubbuhhAe2ElvkYKWHxqJcbaFiZ1It/4tgZrQjN
-----END CERTIFICATE-----
Generated at Thu Sep 18 11:10:53 2025 by rpki-client