Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json)
Hash identifier: xCWYt/rukxeDm1tZ5PXoTVxaj2m2CzLDOzybf0309pY=
Subject key identifier: 14:B4:F2:D0:70:BF:F1:EA:BC:BB:2F:6F:09:26:6B:3D:60:FB:7D:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20F7AF643DD0F02E748A094A3CC18DAF035D01F3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
Signing time: Fri 08 Aug 2025 00:40:07 +0000
ROA not before: Fri 08 Aug 2025 00:40:07 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:f7:af:64:3d:d0:f0:2e:74:8a:09:4a:3c:c1:8d:af:03:5d:01:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:07 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=82c00a86526324b32aa8cc6847c56c36d35e44e6add8b240358938eb85451ea9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8e:6b:49:ca:bb:ac:db:34:e7:09:71:c6:00:
29:55:37:f6:1c:09:94:9b:64:2c:dd:9f:2b:44:b3:
d7:de:63:37:75:45:4b:3e:8e:93:dd:0e:a6:09:c5:
80:8b:f2:27:77:87:34:15:b4:a3:8b:a6:e7:74:10:
6f:eb:91:cb:af:63:5c:56:93:bd:e9:e7:91:07:bb:
5b:72:74:07:db:3c:ce:8d:6e:47:03:4a:97:04:f4:
db:22:7a:09:2c:94:dc:8d:ef:f9:80:b7:4c:2c:65:
c1:17:3a:14:d5:30:5e:e0:ba:fe:18:97:0b:50:e8:
18:5d:0a:f5:bd:2e:d7:07:55:57:70:50:9f:8e:38:
2c:bd:1b:97:61:82:61:f3:47:dd:3c:a9:06:84:36:
ac:e0:99:a5:66:1f:86:49:c4:ef:bc:11:9d:ef:93:
a3:8f:e0:0d:21:b2:0c:b3:b6:91:3c:6e:b5:2e:8f:
99:71:b8:d9:34:c6:1a:32:7a:f7:40:13:13:d1:7f:
53:d0:71:6f:6b:0e:2f:c3:9c:a8:a4:98:65:b2:b3:
ed:bf:ac:f0:50:89:2a:41:4b:85:78:c8:1f:72:64:
93:b3:3f:ba:16:4e:4f:be:6e:8b:80:9f:8e:52:e2:
cb:2f:87:4c:ac:9f:8c:38:31:5a:07:45:48:b4:b4:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B4:F2:D0:70:BF:F1:EA:BC:BB:2F:6F:09:26:6B:3D:60:FB:7D:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.183.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:09:47:70:b4:e0:14:f3:aa:d1:5b:c5:5f:59:8b:89:79:bc:
8e:d8:e1:0b:c3:fd:8e:c0:60:ff:e6:ca:48:42:91:90:26:b1:
c7:61:18:ae:3d:ed:fe:38:1e:f9:62:1d:cb:61:51:44:ea:21:
b1:b0:8a:53:81:16:74:11:d2:ad:a3:70:7f:8a:0f:47:57:2a:
de:ff:41:cb:bb:18:fa:c5:7d:c9:20:1e:7b:78:b3:46:d1:8e:
12:12:42:9d:95:62:d8:c1:ef:70:6e:33:08:69:8a:56:8a:7c:
86:7f:78:3f:50:36:0b:a0:b0:08:40:c8:b5:61:bf:d6:f1:15:
f1:7d:c1:d2:9d:7e:31:8a:86:de:d2:65:5b:20:01:22:4c:9c:
a3:3a:68:76:7d:cb:a7:cd:1a:91:a2:33:a9:4e:9f:48:fc:fc:
59:37:45:f2:89:24:38:c8:42:f5:3e:49:be:ac:2a:bc:19:f2:
65:3f:d2:ff:0f:3d:9d:e3:bf:41:0d:71:18:c9:cc:e6:d3:f4:
f8:bf:f1:6a:1b:40:fb:99:f9:8f:58:62:12:78:29:36:6d:65:
ee:79:d0:38:7b:2d:65:4b:dd:1b:be:6d:c9:63:a4:da:3a:be:
a3:48:79:79:fc:27:56:dc:15:d9:23:57:0e:11:e8:2a:58:e1:
a6:5d:94:83
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIPevZD3Q8C50iglKPMGNrwNdAfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMDdaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYzAwYTg2NTI2MzI0YjMyYWE4Y2M2ODQ3YzU2YzM2ZDM1ZTQ0ZTZhZGQ4
YjI0MDM1ODkzOGViODU0NTFlYTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWOa0nKu6zbNOcJccYAKVU39hwJlJtkLN2fK0Sz195jN3VFSz6Ok90OpgnF
gIvyJ3eHNBW0o4um53QQb+uRy69jXFaTvennkQe7W3J0B9s8zo1uRwNKlwT02yJ6
CSyU3I3v+YC3TCxlwRc6FNUwXuC6/hiXC1DoGF0K9b0u1wdVV3BQn444LL0bl2GC
YfNH3TypBoQ2rOCZpWYfhknE77wRne+To4/gDSGyDLO2kTxutS6PmXG42TTGGjJ6
90ATE9F/U9Bxb2sOL8OcqKSYZbKz7b+s8FCJKkFLhXjIH3Jkk7M/uhZOT75ui4Cf
jlLiyy+HTKyfjDgxWgdFSLS0CfMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQUtPLQ
cL/x6ry7L28JJms9YPt9jTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN
BgkqhkiG9w0BAQsFAAOCAQEAjAlHcLTgFPOq0VvFX1mLiXm8jtjhC8P9jsBg/+bK
SEKRkCaxx2EYrj3t/jge+WIdy2FRROohsbCKU4EWdBHSraNwf4oPR1cq3v9By7sY
+sV9ySAee3izRtGOEhJCnZVi2MHvcG4zCGmKVop8hn94P1A2C6CwCEDItWG/1vEV
8X3B0p1+MYqG3tJlWyABIkycozpodn3Lp80akaIzqU6fSPz8WTdF8okkOMhC9T5J
vqwqvBnyZT/S/w89neO/QQ1xGMnM5tP0+L/xahtA+5n5j1hiEngpNm1l7nnQOHst
ZUvdG75tyWOk2jq+o0h5efwnVtwV2SNXDhHoKljhpl2Ugw==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:04 2025 by rpki-client