Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: bgxhwbwNFPjzTWgtZazMm8xeK+9Bj4JgLoWOh0MrWTA=
Subject key identifier: 65:DB:EF:0A:91:E0:4D:25:97:04:0A:E2:56:4B:59:D7:82:D7:CF:16
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34BDAA1802A79328C05486A5BABDF4DD2657CAA3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Tue 05 Aug 2025 20:21:05 +0000
ROA not before: Tue 05 Aug 2025 20:21:05 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:bd:aa:18:02:a7:93:28:c0:54:86:a5:ba:bd:f4:dd:26:57:ca:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:05 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7f9f9d7be65599a282cfc57792ea94d44168aad7badc7719cd1727e31b7274ad, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ce:f6:fb:e3:d2:99:b1:76:5b:b0:9b:f2:2a:
2f:f9:1c:e6:36:4f:a9:64:a1:c1:30:ab:71:59:4e:
6a:4a:31:4a:84:00:d0:5b:3e:d4:34:8f:c3:6b:ea:
a6:43:43:f0:33:cc:c5:ae:eb:eb:29:10:c6:f0:1c:
6f:bf:6e:b3:61:2b:14:61:4d:06:3d:fa:28:7c:14:
2e:91:f2:00:b6:4f:50:ca:a8:65:0a:cb:76:48:1a:
0a:88:5f:43:a4:82:55:6d:bf:14:22:ee:30:13:3c:
d0:1b:81:93:e9:27:dc:b2:d7:1a:0b:18:72:99:bc:
4e:d4:46:0e:94:be:9a:dc:49:75:af:8f:20:53:04:
ff:da:af:87:4f:f5:2d:b7:da:03:22:67:a6:8e:14:
a7:67:ee:3e:ee:9d:8c:38:94:01:b5:c3:46:10:1f:
7b:18:d7:fe:f1:24:d9:87:9c:8f:0e:e0:62:64:ef:
cd:0a:64:d5:b7:93:ba:d1:79:0c:cd:42:64:97:1b:
59:2e:25:95:42:0c:93:51:28:3c:b2:0d:d9:86:ef:
99:95:54:d4:84:20:51:f3:e2:68:b9:64:83:6a:19:
e9:3c:e4:c2:6b:ba:ff:b7:97:9b:f6:10:41:95:fd:
bc:bf:57:0d:2a:b2:db:04:af:4d:bb:9f:f6:00:1d:
ee:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DB:EF:0A:91:E0:4D:25:97:04:0A:E2:56:4B:59:D7:82:D7:CF:16
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3f:2b:dc:74:ba:6d:b5:08:6a:04:08:5a:bf:0c:e8:8c:b4:7f:
6a:f3:56:a5:3c:90:35:32:df:c4:df:7d:ca:c6:9c:4a:5d:bb:
6e:02:55:9f:1c:de:fd:da:eb:a0:c6:1e:35:21:a7:51:5c:dc:
b2:34:8f:cf:a2:25:8e:3e:d0:04:02:09:97:a9:e2:0d:f9:f7:
64:0f:8e:5a:a2:56:1b:d6:25:19:22:e6:b7:71:81:b2:be:68:
e2:7a:d3:f1:db:01:f5:01:ef:d1:5a:c9:3f:67:12:f6:fb:88:
2f:84:3d:ef:05:08:86:8a:87:39:5f:03:6d:c0:69:af:68:94:
eb:2d:29:8e:ac:91:9d:13:ea:c5:0f:2e:4a:56:61:80:0e:fa:
e9:2b:30:9f:50:e7:98:3e:59:09:7b:b4:bb:89:b0:81:86:d0:
03:ba:4a:6e:a2:66:b7:4b:df:61:66:94:60:aa:83:52:89:6a:
c0:65:ea:9a:79:78:0d:f0:1e:b9:22:d0:43:9a:05:b3:a3:f2:
c8:20:60:36:08:ee:26:56:30:48:6d:70:30:41:c9:85:43:b1:
f3:c1:d8:1a:8c:c8:2a:82:07:84:b4:1d:bf:9b:9f:45:81:f4:
93:2b:24:71:ff:40:3d:19:ef:43:d9:30:9f:7a:66:7d:16:3c:
1a:31:4b:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNL2qGAKnkyjAVIalur303SZXyqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmOWY5ZDdiZTY1NTk5YTI4MmNmYzU3NzkyZWE5NGQ0NDE2OGFhZDdiYWRj
NzcxOWNkMTcyN2UzMWI3Mjc0YWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPO9vvj0pmxdluwm/IqL/kc5jZPqWShwTCrcVlOakoxSoQA0Fs+1DSPw2vq
pkND8DPMxa7r6ykQxvAcb79us2ErFGFNBj36KHwULpHyALZPUMqoZQrLdkgaCohf
Q6SCVW2/FCLuMBM80BuBk+kn3LLXGgsYcpm8TtRGDpS+mtxJda+PIFME/9qvh0/1
LbfaAyJnpo4Up2fuPu6djDiUAbXDRhAfexjX/vEk2Yecjw7gYmTvzQpk1beTutF5
DM1CZJcbWS4llUIMk1EoPLIN2YbvmZVU1IQgUfPiaLlkg2oZ6Tzkwmu6/7eXm/YQ
QZX9vL9XDSqy2wSvTbuf9gAd7jcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRl2+8K
keBNJZcECuJWS1nXgtfPFjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQA/K9x0um21CGoECFq/DOiMtH9q81alPJA1Mt/E333K
xpxKXbtuAlWfHN792uugxh41IadRXNyyNI/PoiWOPtAEAgmXqeIN+fdkD45aolYb
1iUZIua3cYGyvmjietPx2wH1Ae/RWsk/ZxL2+4gvhD3vBQiGioc5XwNtwGmvaJTr
LSmOrJGdE+rFDy5KVmGADvrpKzCfUOeYPlkJe7S7ibCBhtADukpuoma3S99hZpRg
qoNSiWrAZeqaeXgN8B65ItBDmgWzo/LIIGA2CO4mVjBIbXAwQcmFQ7HzwdgajMgq
ggeEtB2/m59FgfSTKyRx/0A9Ge9D2TCfemZ9FjwaMUuT
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:30 2025 by rpki-client