Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: 4p8aMbbS7eMbrpb6haa0TaVX+VkGceQ3OsG0yQMiaxM=
Subject key identifier: E2:C3:7B:92:99:FF:A0:B3:7D:D8:35:AE:03:B4:E7:42:33:34:EE:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 661EFAEE55F4113CCD2863F6109EC1E634C4D01F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Tue 05 Aug 2025 20:20:04 +0000
ROA not before: Tue 05 Aug 2025 20:20:04 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:1e:fa:ee:55:f4:11:3c:cd:28:63:f6:10:9e:c1:e6:34:c4:d0:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:04 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=3a84ae3096d3688a2865941b83cf877f5ff9a56bac086b17b9589dd663917c4f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:79:3f:d5:ba:d5:7d:f2:47:5b:6e:59:6c:
f3:bc:5e:23:2c:ae:71:fb:d5:e7:12:81:92:88:82:
84:e5:a8:72:ff:a7:c3:95:78:d3:b0:ce:16:88:c2:
50:d6:c0:b6:7a:a7:e1:be:00:08:39:a6:ba:fc:98:
23:27:ec:be:9b:82:d0:85:f2:fa:45:3d:15:f1:33:
6f:ff:63:41:75:6a:99:72:3b:f2:dd:8e:e9:1e:44:
50:b3:35:b6:da:2b:4b:00:94:7c:a0:29:c6:c3:25:
f6:3b:17:06:46:6b:66:a2:9d:c7:20:33:f9:23:37:
82:13:3b:8b:ca:7e:02:a2:5f:0e:ce:5d:95:f9:e4:
2f:5e:27:9a:81:20:ca:8e:c0:28:ea:9e:9f:6e:e5:
fc:27:58:a3:c2:2d:68:77:97:34:74:dc:c0:4f:12:
61:6d:5f:07:33:55:d9:05:56:73:57:72:cd:05:33:
c2:5c:ab:50:1b:45:d6:b2:c4:68:cf:b3:3c:25:a1:
a2:a8:31:84:20:26:0d:69:6d:71:aa:4e:d6:db:f7:
5f:a6:37:e3:3d:d7:06:e4:46:d1:cb:22:b5:a7:f1:
bb:2e:7a:dc:65:ba:48:8a:62:c0:b7:b9:b8:56:c1:
e9:03:7f:2d:0f:3f:69:5e:04:db:2c:e2:de:3f:1b:
6e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C3:7B:92:99:FF:A0:B3:7D:D8:35:AE:03:B4:E7:42:33:34:EE:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:8a:f4:b9:7e:93:96:78:02:d4:66:14:8e:65:09:ac:d0:9a:
0a:40:f0:17:19:c5:90:1e:b0:19:f7:60:0a:5c:05:6c:6b:79:
d3:6f:2d:bb:c0:4f:62:6a:dc:9d:a6:8a:51:03:c6:02:78:25:
6a:e0:a1:21:c3:d4:3a:09:cd:2f:f9:11:9f:ca:c8:6a:50:f0:
0e:e6:09:09:9e:c5:fe:dc:86:c2:18:1c:06:c8:53:b8:85:47:
44:15:1c:bd:21:a9:df:8d:4c:ea:94:66:25:71:6e:a0:c7:7e:
23:c5:1e:44:77:7c:b2:e4:15:1f:d2:7f:2d:ea:9c:70:a4:af:
e7:6c:0d:78:9e:65:22:47:2e:22:38:2a:3f:72:f1:6e:24:18:
e9:39:9e:fc:90:5f:f5:40:cd:1f:04:56:a7:c9:06:98:b5:fb:
4a:cb:01:48:d3:6d:12:66:e5:6a:1d:74:df:cc:9d:82:28:b9:
97:7c:e3:54:a9:c1:b7:94:58:06:fa:31:80:32:af:99:07:ae:
81:21:33:85:f8:7e:e6:d5:4f:36:7f:12:19:0e:ac:32:e3:3c:
eb:61:76:c9:5e:ab:a2:a0:bd:c0:26:40:0c:03:1b:eb:bd:05:
16:df:0a:2a:3c:42:1d:67:5c:1c:11:7c:84:48:ea:8f:2f:ed:
07:05:bb:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZh767lX0ETzNKGP2EJ7B5jTE0B8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMDRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhODRhZTMwOTZkMzY4OGEyODY1OTQxYjgzY2Y4NzdmNWZmOWE1NmJhYzA4
NmIxN2I5NTg5ZGQ2NjM5MTdjNGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzZeT/VutV98kdbblls87xeIyyucfvV5xKBkoiChOWocv+nw5V407DOFojC
UNbAtnqn4b4ACDmmuvyYIyfsvpuC0IXy+kU9FfEzb/9jQXVqmXI78t2O6R5EULM1
ttorSwCUfKApxsMl9jsXBkZrZqKdxyAz+SM3ghM7i8p+AqJfDs5dlfnkL14nmoEg
yo7AKOqen27l/CdYo8ItaHeXNHTcwE8SYW1fBzNV2QVWc1dyzQUzwlyrUBtF1rLE
aM+zPCWhoqgxhCAmDWltcapO1tv3X6Y34z3XBuRG0csitafxuy563GW6SIpiwLe5
uFbB6QN/LQ8/aV4E2yzi3j8bbokCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTiw3uS
mf+gs33YNa4DtOdCMzTuOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQA0ivS5fpOWeALUZhSOZQms0JoKQPAXGcWQHrAZ92AK
XAVsa3nTby27wE9iatydpopRA8YCeCVq4KEhw9Q6Cc0v+RGfyshqUPAO5gkJnsX+
3IbCGBwGyFO4hUdEFRy9IanfjUzqlGYlcW6gx34jxR5Ed3yy5BUf0n8t6pxwpK/n
bA14nmUiRy4iOCo/cvFuJBjpOZ78kF/1QM0fBFanyQaYtftKywFI020SZuVqHXTf
zJ2CKLmXfONUqcG3lFgG+jGAMq+ZB66BITOF+H7m1U82fxIZDqwy4zzrYXbJXqui
oL3AJkAMAxvrvQUW3woqPEIdZ1wcEXyESOqPL+0HBbtV
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:31 2025 by rpki-client