Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: bE6fBDFFDBJispJBliRFux99/e/Paqhp03jm2UhjGxA=
Subject key identifier: 81:D2:77:9D:E1:6A:14:D4:47:0F:D8:8B:EB:F0:26:41:63:DC:47:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47EC6DEF7B8B0455E5F4E455660D1756D6C48582
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Fri 08 Aug 2025 00:41:04 +0000
ROA not before: Fri 08 Aug 2025 00:41:04 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ec:6d:ef:7b:8b:04:55:e5:f4:e4:55:66:0d:17:56:d6:c4:85:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:41:04 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=66e28c8ce6806cd3542aa3d1684fcd169dd1533907973a2ce8b8ea6268f24b4d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b9:2d:f1:0c:90:55:5e:4b:47:eb:33:f4:63:
02:d1:50:06:3b:7d:b5:bb:92:f0:82:aa:1b:ed:c0:
76:5d:c6:18:a3:80:b1:f6:37:3b:25:11:39:48:04:
59:c9:ee:d5:c7:a3:25:23:d4:8e:f3:75:8f:3d:98:
2e:c7:d6:23:f1:e1:57:7a:16:d2:af:9e:c8:14:3e:
6f:ef:cb:b0:96:7c:1e:5e:21:b5:a8:d4:2a:21:96:
1d:97:1c:aa:68:2d:84:02:18:af:61:81:dc:19:c2:
bc:63:cf:66:7e:88:c1:57:57:14:6a:c4:65:65:1a:
fa:df:87:13:4a:9f:c6:d6:6b:a6:c4:8f:2e:7b:52:
ec:42:c3:d7:20:9f:d7:cd:5d:c8:7c:7d:b1:32:6c:
e2:3b:be:17:16:3f:1d:3c:fd:86:26:4d:77:0e:d7:
f8:46:c9:4e:fa:5d:58:cd:0e:1c:25:df:79:51:70:
e1:02:24:c2:f0:13:90:b1:9d:f5:f4:d1:9a:8d:9e:
a1:b3:e5:79:35:e2:dd:d8:a7:9d:22:a8:d3:a7:4c:
ac:de:31:83:d6:d1:b8:db:b8:2c:80:b9:d2:6c:14:
da:cc:ae:2b:9a:30:aa:c0:42:84:42:df:60:37:f3:
26:b4:9e:53:05:6e:4a:a1:0d:f5:91:1b:3c:9b:7b:
22:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D2:77:9D:E1:6A:14:D4:47:0F:D8:8B:EB:F0:26:41:63:DC:47:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:1d:55:a5:a8:f4:46:00:0c:d4:db:41:ca:ad:44:fa:73:c7:
c7:3b:5a:b6:b8:8a:20:3a:9d:a6:54:75:60:68:d5:f2:af:58:
3e:3c:2e:52:33:6b:d0:fd:68:d0:85:2a:4e:cd:c4:73:49:53:
7c:6a:a2:4f:df:1b:b5:99:7e:24:64:a5:0c:1a:ad:95:86:ae:
6a:58:bf:68:74:db:6f:1c:f6:8c:31:fd:dc:dd:fb:95:0a:5b:
be:43:00:ed:d8:89:82:bb:20:91:9d:21:a2:b7:f7:e7:79:1f:
ee:33:87:59:ee:a3:c9:44:2b:d5:25:79:53:ed:55:c9:b6:3b:
ae:f3:ab:43:cb:20:53:47:9f:3e:08:cd:b4:5d:06:69:36:14:
b9:f2:6e:96:2c:dc:2b:fe:2a:d2:96:5b:95:37:fb:ef:00:d7:
eb:c7:ed:52:67:6b:ad:a1:f2:c8:1f:60:98:31:1d:ef:4e:17:
7d:56:90:d6:3e:c3:13:98:70:0f:6f:8a:8b:78:34:81:68:ea:
1f:e5:a2:b8:1c:a3:69:fd:43:1c:99:44:a0:f2:f5:0d:a9:af:
ea:05:20:7a:7a:b3:8c:20:7e:03:15:af:b6:f9:51:1d:3a:91:
20:a4:57:2e:54:8a:30:84:e5:ed:39:05:bd:34:31:6b:1d:6b:
b0:20:7f:e6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR+xt73uLBFXl9ORVZg0XVtbEhYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQxMDRaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2ZTI4YzhjZTY4MDZjZDM1NDJhYTNkMTY4NGZjZDE2OWRkMTUzMzkwNzk3
M2EyY2U4YjhlYTYyNjhmMjRiNGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANm5LfEMkFVeS0frM/RjAtFQBjt9tbuS8IKqG+3Adl3GGKOAsfY3OyUROUgE
Wcnu1cejJSPUjvN1jz2YLsfWI/HhV3oW0q+eyBQ+b+/LsJZ8Hl4htajUKiGWHZcc
qmgthAIYr2GB3BnCvGPPZn6IwVdXFGrEZWUa+t+HE0qfxtZrpsSPLntS7ELD1yCf
181dyHx9sTJs4ju+FxY/HTz9hiZNdw7X+EbJTvpdWM0OHCXfeVFw4QIkwvATkLGd
9fTRmo2eobPleTXi3dinnSKo06dMrN4xg9bRuNu4LIC50mwU2syuK5owqsBChELf
YDfzJrSeUwVuSqEN9ZEbPJt7IhsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSB0ned
4WoU1EcP2Ivr8CZBY9xHOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAjx1Vpaj0RgAM1NtByq1E+nPHxztatriKIDqdplR1
YGjV8q9YPjwuUjNr0P1o0IUqTs3Ec0lTfGqiT98btZl+JGSlDBqtlYauali/aHTb
bxz2jDH93N37lQpbvkMA7diJgrsgkZ0horf353kf7jOHWe6jyUQr1SV5U+1VybY7
rvOrQ8sgU0efPgjNtF0GaTYUufJulizcK/4q0pZblTf77wDX68ftUmdrraHyyB9g
mDEd704XfVaQ1j7DE5hwD2+Ki3g0gWjqH+WiuByjaf1DHJlEoPL1Damv6gUgenqz
jCB+AxWvtvlRHTqRIKRXLlSKMITl7TkFvTQxax1rsCB/5g==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:43:53 2025 by rpki-client