Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
File: 07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa (raw, json)
Hash identifier: riL8ntchfvzvLicF0m1OK+iGogP2sEMNIJmb2Z6JfdQ=
Subject key identifier: 19:2C:A2:A6:1D:41:88:42:B8:63:E9:BF:A9:F7:8A:DE:63:96:2B:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56EEA615287B17B242141E9635915A7F5DDE8351
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
Signing time: Wed 06 Aug 2025 06:53:01 +0000
ROA not before: Wed 06 Aug 2025 06:53:01 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:ee:a6:15:28:7b:17:b2:42:14:1e:96:35:91:5a:7f:5d:de:83:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 6 06:53:01 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=6b4858dea5ec539a77a38a01e52783da9ba2a96155e12f78769ecdec2e5d542e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b7:47:cc:4f:15:ac:35:9e:68:cd:40:75:d5:
28:13:0a:78:0e:03:9d:e7:71:e1:88:6e:2f:16:f3:
12:67:43:c3:bf:bc:95:c3:e8:b7:9b:7e:1a:0f:49:
e6:7d:3b:87:e6:80:0a:7f:ca:0c:7c:5c:b1:22:67:
3e:ae:9b:0b:26:87:12:5f:56:bd:cd:b8:fe:d1:16:
74:fe:7f:b7:68:f6:79:54:19:84:2b:e2:98:bd:4d:
0c:1a:77:ae:74:c2:18:66:0b:95:20:8d:32:fd:0e:
35:87:93:69:91:fa:85:ed:a8:60:16:be:2f:22:93:
69:e7:36:66:4a:4f:77:8d:dd:1a:7f:79:9c:aa:06:
4b:3f:af:4a:5c:93:63:d0:73:1b:8b:e8:c8:b0:41:
97:3e:ba:4f:67:91:a8:d8:db:b5:9d:54:84:1a:e4:
51:5b:56:ff:28:a1:1f:ac:e2:ab:2c:e4:f6:4d:89:
c7:7f:ce:bb:b2:87:9a:20:76:72:5c:20:6a:62:d3:
b5:33:8b:b0:a6:45:32:c9:08:ad:84:6f:e8:6d:94:
ab:c0:6b:12:cd:16:d3:b0:94:30:b0:81:6b:67:c8:
f8:cb:43:a7:0a:28:bf:2a:70:0b:79:74:13:7d:3a:
bb:30:79:eb:72:e8:97:61:4d:c0:8f:b2:56:b9:36:
96:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2C:A2:A6:1D:41:88:42:B8:63:E9:BF:A9:F7:8A:DE:63:96:2B:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:10:97:61:3c:ae:1a:4d:82:f6:9f:0d:20:fc:d6:9b:ec:39:
10:65:fc:52:1a:6b:c0:bd:76:ca:97:e1:4e:35:76:49:cb:1a:
7a:e0:24:60:5c:2a:f5:03:22:90:f6:fc:a0:5d:a8:3f:a1:95:
03:e8:4a:7f:8a:59:a0:eb:8d:59:ae:c9:c6:fb:3a:f8:f0:66:
f0:62:a2:6d:f0:b2:78:5c:3d:ef:2a:e0:90:5b:3f:b8:a4:23:
df:e9:c8:79:aa:d7:72:cc:76:e3:17:3d:e4:aa:4d:24:fa:82:
f6:ac:f2:34:23:d1:e7:05:eb:52:70:b4:fd:37:75:3c:5b:3d:
6b:8b:af:93:25:02:94:14:ea:fe:07:76:27:06:87:24:a1:8f:
10:d3:0a:44:e2:e8:17:b5:91:cc:01:f9:04:f5:4d:69:9c:a1:
d0:56:c6:78:1f:2c:b1:c1:fe:ed:c0:74:43:0f:fd:c0:fe:3d:
b0:bb:16:ab:28:0a:36:92:36:c9:ad:1f:c2:5b:7a:43:6b:73:
df:77:dc:2d:59:6b:6d:fb:1f:47:ee:6e:4f:3d:c1:3a:58:44:
2f:60:d5:23:97:9f:20:16:c7:44:48:86:ec:b4:aa:1a:43:cd:
5b:4f:f5:c5:b9:90:d5:5b:5b:c8:1c:2b:65:aa:c3:3e:ec:0c:
a7:a4:24:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVu6mFSh7F7JCFB6WNZFaf13eg1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDYwNjUzMDFaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNDg1OGRlYTVlYzUzOWE3N2EzOGEwMWU1Mjc4M2RhOWJhMmE5NjE1NWUx
MmY3ODc2OWVjZGVjMmU1ZDU0MmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+3R8xPFaw1nmjNQHXVKBMKeA4Dnedx4YhuLxbzEmdDw7+8lcPot5t+Gg9J
5n07h+aACn/KDHxcsSJnPq6bCyaHEl9Wvc24/tEWdP5/t2j2eVQZhCvimL1NDBp3
rnTCGGYLlSCNMv0ONYeTaZH6he2oYBa+LyKTaec2ZkpPd43dGn95nKoGSz+vSlyT
Y9BzG4voyLBBlz66T2eRqNjbtZ1UhBrkUVtW/yihH6ziqyzk9k2Jx3/Ou7KHmiB2
clwgamLTtTOLsKZFMskIrYRv6G2Uq8BrEs0W07CUMLCBa2fI+MtDpwoovypwC3l0
E306uzB563Lol2FNwI+yVrk2ltsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQZLKKm
HUGIQrhj6b+p94reY5YriDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDdhMGEyZDctN2RlNy00ODA3LTg2M2YtZmNiZTdmODEwNmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G
CSqGSIb3DQEBCwUAA4IBAQAqEJdhPK4aTYL2nw0g/Nab7DkQZfxSGmvAvXbKl+FO
NXZJyxp64CRgXCr1AyKQ9vygXag/oZUD6Ep/ilmg641ZrsnG+zr48GbwYqJt8LJ4
XD3vKuCQWz+4pCPf6ch5qtdyzHbjFz3kqk0k+oL2rPI0I9HnBetScLT9N3U8Wz1r
i6+TJQKUFOr+B3YnBockoY8Q0wpE4ugXtZHMAfkE9U1pnKHQVsZ4Hyyxwf7twHRD
D/3A/j2wuxarKAo2kjbJrR/CW3pDa3Pfd9wtWWtt+x9H7m5PPcE6WEQvYNUjl58g
FsdESIbstKoaQ81bT/XFuZDVW1vIHCtlqsM+7AynpCT2
-----END CERTIFICATE-----
Generated at Thu Aug 21 18:52:03 2025 by rpki-client