Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: 2w2EfEe3QeJuBy8UH73o0goxZaQN/0iiB+/UvpauNLg=
Subject key identifier: 35:99:C8:F6:51:19:AF:58:0E:0E:8D:07:A2:BA:7E:27:B2:4B:05:0B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C9E08DCF56719CB7D16B5634494B9C1E31D5710
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Tue 05 Aug 2025 20:30:09 +0000
ROA not before: Tue 05 Aug 2025 20:30:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:9e:08:dc:f5:67:19:cb:7d:16:b5:63:44:94:b9:c1:e3:1d:57:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=701b9c2cf88c80e47c66d467655ede34e5153101e5fa9245e9d72936d3595e8b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:44:4a:ed:3c:a9:41:af:38:0f:44:04:8b:9e:
ab:0e:0c:93:4a:10:63:70:d0:0b:7a:fc:52:9d:fa:
47:68:45:2a:ca:a1:72:2a:fc:3b:a6:65:42:18:80:
fa:39:c1:ab:7e:eb:f3:22:cb:95:7b:fe:be:f9:2a:
f4:62:07:f6:80:e2:a8:a3:7b:b8:48:80:dd:bc:09:
94:55:d2:93:ac:93:1a:d6:1c:87:3e:c5:2e:f4:59:
d2:7a:5d:fd:8b:8f:0d:9c:4c:55:13:3b:8c:b3:d6:
ca:d1:f9:0e:50:9e:6a:60:92:4b:ac:4a:e6:83:10:
2e:a5:75:de:d6:7d:fb:56:32:0e:0b:d3:44:b9:57:
74:8c:c7:bc:9c:48:b7:08:25:05:09:60:f2:cf:02:
48:b9:53:c4:72:72:8f:5f:90:c7:cc:20:5f:f6:66:
9f:bf:8b:a4:ca:34:12:2c:b2:eb:23:92:57:88:16:
77:d8:6f:e4:70:83:fb:ba:d2:0a:14:42:e5:79:b9:
b6:80:db:c8:28:11:a9:de:2b:39:66:74:98:f5:c2:
69:20:4f:d4:ac:55:01:2f:cf:70:ee:b8:c7:d8:8d:
9b:a5:20:69:ca:00:b1:84:80:61:c7:7f:27:1a:ce:
b5:d1:ec:a0:1a:9c:98:66:b4:b1:19:a4:d3:b3:51:
f0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:99:C8:F6:51:19:AF:58:0E:0E:8D:07:A2:BA:7E:27:B2:4B:05:0B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
07:b9:03:a4:b1:da:d0:57:b6:c0:60:36:ec:e4:1d:0d:ac:77:
3f:8d:af:4d:95:d2:86:c2:91:59:8d:74:49:44:10:a3:17:25:
74:20:18:56:8f:39:f6:1d:b3:95:88:9a:07:ef:31:2a:cc:ae:
5f:c8:e4:f1:f1:01:e9:33:f6:49:bc:b6:80:3d:50:41:de:21:
c0:d6:e9:2a:55:17:eb:60:92:97:95:c4:f0:b4:60:3d:cd:45:
21:6a:6c:c9:05:ed:2d:45:4d:a8:17:92:27:64:b5:12:d1:1e:
b5:9f:df:14:e2:64:f5:56:f8:e6:37:38:80:c0:d7:ea:79:97:
b1:1a:93:d9:4f:18:42:58:eb:a1:28:52:7a:13:c3:be:a0:2a:
e2:2a:e8:19:09:61:ba:b2:bf:0c:96:9c:88:81:27:bb:a2:5a:
b6:ec:34:c1:81:c5:5a:ad:fa:fd:f1:ad:a2:cb:59:8b:13:bd:
7d:1c:c6:45:a7:8c:6e:7b:04:0e:3b:b0:62:c7:65:74:7c:a2:
98:b0:ce:d0:3a:7b:b8:b7:97:64:9a:4c:47:01:71:5d:47:85:
b9:e8:89:16:1d:bc:dc:14:a4:90:8c:27:84:09:11:19:ae:ac:
cd:60:6e:4b:1e:5d:b6:2e:b8:25:45:77:a6:a5:0c:fc:5e:8c:
1c:88:ce:45
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXJ4I3PVnGct9FrVjRJS5weMdVxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwMWI5YzJjZjg4YzgwZTQ3YzY2ZDQ2NzY1NWVkZTM0ZTUxNTMxMDFlNWZh
OTI0NWU5ZDcyOTM2ZDM1OTVlOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRESu08qUGvOA9EBIueqw4Mk0oQY3DQC3r8Up36R2hFKsqhcir8O6ZlQhiA
+jnBq37r8yLLlXv+vvkq9GIH9oDiqKN7uEiA3bwJlFXSk6yTGtYchz7FLvRZ0npd
/YuPDZxMVRM7jLPWytH5DlCeamCSS6xK5oMQLqV13tZ9+1YyDgvTRLlXdIzHvJxI
twglBQlg8s8CSLlTxHJyj1+Qx8wgX/Zmn7+LpMo0Eiyy6yOSV4gWd9hv5HCD+7rS
ChRC5Xm5toDbyCgRqd4rOWZ0mPXCaSBP1KxVAS/PcO64x9iNm6UgacoAsYSAYcd/
JxrOtdHsoBqcmGa0sRmk07NR8EkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ1mcj2
URmvWA4OjQeiun4nsksFCzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQAHuQOksdrQV7bAYDbs5B0NrHc/ja9NldKGwpFZjXRJ
RBCjFyV0IBhWjzn2HbOViJoH7zEqzK5fyOTx8QHpM/ZJvLaAPVBB3iHA1ukqVRfr
YJKXlcTwtGA9zUUhamzJBe0tRU2oF5InZLUS0R61n98U4mT1VvjmNziAwNfqeZex
GpPZTxhCWOuhKFJ6E8O+oCriKugZCWG6sr8MlpyIgSe7olq27DTBgcVarfr98a2i
y1mLE719HMZFp4xuewQOO7Bix2V0fKKYsM7QOnu4t5dkmkxHAXFdR4W56IkWHbzc
FKSQjCeECREZrqzNYG5LHl22LrglRXempQz8XowciM5F
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:28 2025 by rpki-client