Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
File: 16466217-dced-4a5a-a70d-36ae6ab6acbe.roa (raw, json)
Hash identifier: /jo3xmRZG3sGovhDXoWDssHCtBldnUnmqtqQ0W8rj2A=
Subject key identifier: 3D:34:36:4E:15:C6:07:34:CF:58:5F:4F:91:3F:42:47:1C:31:4C:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69F53BBC2607423277D56D0E377D2852644D976C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
Signing time: Fri 08 Aug 2025 00:40:36 +0000
ROA not before: Fri 08 Aug 2025 00:40:36 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f5:3b:bc:26:07:42:32:77:d5:6d:0e:37:7d:28:52:64:4d:97:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:36 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=dc5f72c023324d448822a804356a0648eb1bd4507de89a1349f4d6130345d256, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:3d:c8:f0:cb:60:67:c8:1d:6f:f8:5c:b2:
67:b0:3d:01:9d:b4:07:98:88:5f:5b:3d:ef:31:b9:
c4:44:37:0f:f8:d6:cd:d0:ef:fd:9e:a8:1d:06:b3:
95:9a:e1:84:a0:e8:2c:60:30:d7:a2:1a:bd:18:9b:
68:40:13:08:76:ca:73:f7:72:ef:b8:3d:f9:9f:57:
7e:88:a4:9f:1c:90:ef:e5:55:3c:7f:89:aa:38:87:
49:0a:c8:66:39:e4:0b:20:04:64:b7:dc:20:46:e2:
87:33:dd:89:58:52:dd:8e:34:75:69:20:f2:96:ab:
a8:fe:ae:64:52:42:8b:c7:97:01:80:9b:b5:e4:b5:
9d:5e:5c:6a:bc:fa:df:ed:18:22:e6:4d:29:2d:78:
f3:2a:6f:e9:af:bb:2f:11:ef:76:c2:2e:42:08:f1:
d8:b6:5f:27:b7:d8:09:ba:cc:d6:8b:f0:96:e2:53:
7c:1f:b3:a8:18:af:3a:ed:28:02:d4:2d:ca:ba:39:
a4:33:66:a4:5b:5c:73:f1:58:de:e1:93:b4:15:93:
06:b1:5f:d0:7e:a1:85:34:80:af:2b:1b:c1:e5:4b:
5a:f2:45:9d:a3:d2:47:f6:1e:fd:28:e6:6f:53:f1:
b2:e1:e8:5c:e6:ce:82:d1:7e:f5:28:28:d4:d8:f5:
5c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:34:36:4E:15:C6:07:34:CF:58:5F:4F:91:3F:42:47:1C:31:4C:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
c4:46:8b:69:4b:e6:c5:8e:63:e3:d9:29:3b:e6:6b:6f:ce:b2:
d9:60:8c:63:c5:d6:2d:89:2a:04:bf:f4:af:7c:fa:02:90:3b:
0e:73:51:53:ed:a9:d6:31:1b:30:29:4e:db:db:b4:18:be:62:
d0:6d:6d:b8:81:e5:b3:12:a0:c0:74:61:2e:3e:5a:fe:0f:39:
64:05:17:31:7e:ac:0d:62:ea:e1:f7:fd:a8:cf:0a:81:53:63:
50:63:10:96:0a:f1:9b:d0:e6:12:5e:1b:97:62:f6:28:36:75:
33:19:be:ae:bf:72:e8:4a:34:60:0f:3a:71:49:3e:52:fb:b8:
f2:7a:69:30:c4:b4:e7:d1:3f:34:8d:4b:04:8e:9a:0c:d2:69:
f3:ab:23:65:c2:ae:59:7a:72:a9:30:fa:9b:f2:8e:da:84:69:
46:a4:17:e5:63:35:b6:c1:02:ac:9f:60:57:f2:97:d0:b5:78:
b9:bb:4a:77:04:e4:a9:4f:c4:2e:b6:27:07:02:69:40:38:aa:
29:f4:59:56:cf:37:1f:a6:d2:6b:c1:d3:8f:b2:3c:6f:6b:c0:
b3:b4:84:1c:c0:45:3e:6f:18:68:fe:6d:67:6b:a3:77:a4:34:
2e:d5:64:37:62:43:60:5b:b8:27:4f:8d:d3:1b:90:7a:b8:27:
8b:8b:bf:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUafU7vCYHQjJ31W0ON30oUmRNl2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMzZaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNWY3MmMwMjMzMjRkNDQ4ODIyYTgwNDM1NmEwNjQ4ZWIxYmQ0NTA3ZGU4
OWExMzQ5ZjRkNjEzMDM0NWQyNTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALakPcjwy2BnyB1v+FyyZ7A9AZ20B5iIX1s97zG5xEQ3D/jWzdDv/Z6oHQaz
lZrhhKDoLGAw16IavRibaEATCHbKc/dy77g9+Z9XfoiknxyQ7+VVPH+JqjiHSQrI
ZjnkCyAEZLfcIEbihzPdiVhS3Y40dWkg8parqP6uZFJCi8eXAYCbteS1nV5carz6
3+0YIuZNKS148ypv6a+7LxHvdsIuQgjx2LZfJ7fYCbrM1ovwluJTfB+zqBivOu0o
AtQtyro5pDNmpFtcc/FY3uGTtBWTBrFf0H6hhTSArysbweVLWvJFnaPSR/Ye/Sjm
b1PxsuHoXObOgtF+9Sgo1Nj1XEECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9NDZO
FcYHNM9YX0+RP0JHHDFMLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY0NjYyMTctZGNlZC00YTVhLWE3MGQtMzZhZTZhYjZhY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQDERotpS+bFjmPj2Sk75mtvzrLZYIxjxdYtiSoEv/Sv
fPoCkDsOc1FT7anWMRswKU7b27QYvmLQbW24geWzEqDAdGEuPlr+DzlkBRcxfqwN
Yurh9/2ozwqBU2NQYxCWCvGb0OYSXhuXYvYoNnUzGb6uv3LoSjRgDzpxST5S+7jy
emkwxLTn0T80jUsEjpoM0mnzqyNlwq5ZenKpMPqb8o7ahGlGpBflYzW2wQKsn2BX
8pfQtXi5u0p3BOSpT8QuticHAmlAOKop9FlWzzcfptJrwdOPsjxva8CztIQcwEU+
bxho/m1na6N3pDQu1WQ3YkNgW7gnT43TG5B6uCeLi78D
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:27 2025 by rpki-client