Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: zbaQwEQiMYVFWzVr0M36f7VERKEePuzNynhYttGrlDs=
Subject key identifier: BF:29:FB:36:D3:2F:00:DA:D8:CA:D7:F2:36:2E:C0:31:26:80:9E:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 185987EAF22907B9890E066310D2C7C063E05997
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Fri 08 Aug 2025 00:40:12 +0000
ROA not before: Fri 08 Aug 2025 00:40:12 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:59:87:ea:f2:29:07:b9:89:0e:06:63:10:d2:c7:c0:63:e0:59:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:12 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=3e1f428019154fca49be10cd2451d6e2c8730399ffc13ac562bedfa5bafd3ef4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3c:e9:46:0a:b4:c6:a8:e0:8e:38:61:55:a4:
7d:4f:3d:0c:e3:bd:5e:32:f8:c4:ee:f8:3a:5b:aa:
e2:21:a2:75:1a:30:78:ad:dc:1f:78:1e:f4:7d:10:
50:24:33:77:a7:55:7a:5c:3d:3a:b6:4e:37:a9:32:
31:99:d9:75:90:f5:8e:72:a2:a3:b0:44:32:d2:0d:
d4:b5:e3:de:a8:ad:c0:09:b1:29:11:8c:45:f3:40:
7a:29:b5:2f:3a:55:a0:40:8b:9b:09:1c:ee:51:d7:
25:57:12:7c:54:65:08:3d:5d:2a:41:89:f9:6c:82:
53:b6:ca:59:7e:ee:0e:ad:10:a5:f4:3f:ea:2b:34:
63:9e:b2:96:ad:48:11:73:11:3d:d7:7d:be:8d:7e:
d3:b0:03:10:96:93:4a:21:98:53:19:ee:d2:fd:5b:
2d:2c:00:6d:b4:0d:bf:be:7e:d4:89:29:a7:73:75:
eb:2c:11:57:02:f8:f5:ae:74:19:46:b3:89:22:1e:
f7:96:0e:89:02:3a:87:36:be:59:6f:30:e7:fd:78:
a6:07:8c:98:e9:a9:38:8d:3a:8d:e2:7b:dc:d7:c9:
d2:5a:e8:e1:fa:65:fb:f3:63:3d:e0:b2:b0:f7:21:
ff:8e:24:67:ab:fa:12:cf:c1:57:37:57:13:a4:6a:
02:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:29:FB:36:D3:2F:00:DA:D8:CA:D7:F2:36:2E:C0:31:26:80:9E:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d1:eb:ce:3b:fd:e3:89:9f:c0:68:4d:ef:ee:be:4f:51:f5:a8:
9b:49:4f:57:4d:74:1b:17:24:83:f8:7b:67:83:c6:9c:d9:23:
30:07:08:e2:cf:2a:d4:69:39:fc:cd:78:2c:b0:3d:27:c5:71:
93:6c:1e:74:f9:1a:a9:de:69:b8:38:c8:6b:04:ee:0c:bb:f1:
05:5c:dd:54:d8:22:81:a1:9c:da:4d:1c:ee:fc:0e:c2:14:32:
c6:ea:ca:2d:58:c0:4f:46:52:bc:49:8a:50:f1:47:72:61:7a:
55:59:2c:9b:08:96:b2:57:b7:d2:80:58:53:a6:eb:3f:4b:3e:
fd:2b:b5:b2:28:04:66:22:c5:d6:ee:b1:6d:f6:79:06:a8:1b:
1b:3d:3a:29:ef:d6:e7:2e:c8:88:47:49:63:4e:e4:62:10:f4:
9b:2c:40:29:f1:94:10:16:3e:4c:41:3d:70:d2:d0:08:e9:cd:
95:1f:11:d0:15:3d:2d:a6:fd:0b:4c:5b:e7:6c:d8:3b:9b:3d:
f1:3f:d1:28:c7:f1:85:02:4a:12:b8:aa:f4:a7:b2:49:e1:0e:
d8:52:52:22:bf:2d:25:7c:81:4c:86:21:30:28:7f:11:6b:9b:
5b:7b:5b:0e:90:77:6d:cf:df:ed:7d:43:10:43:71:b3:96:bc:
06:a7:96:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGFmH6vIpB7mJDgZjENLHwGPgWZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMTJaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlMWY0MjgwMTkxNTRmY2E0OWJlMTBjZDI0NTFkNmUyYzg3MzAzOTlmZmMx
M2FjNTYyYmVkZmE1YmFmZDNlZjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANA86UYKtMao4I44YVWkfU89DOO9XjL4xO74Oluq4iGidRoweK3cH3ge9H0Q
UCQzd6dVelw9OrZON6kyMZnZdZD1jnKio7BEMtIN1LXj3qitwAmxKRGMRfNAeim1
LzpVoECLmwkc7lHXJVcSfFRlCD1dKkGJ+WyCU7bKWX7uDq0QpfQ/6is0Y56ylq1I
EXMRPdd9vo1+07ADEJaTSiGYUxnu0v1bLSwAbbQNv75+1Ikpp3N16ywRVwL49a50
GUaziSIe95YOiQI6hza+WW8w5/14pgeMmOmpOI06jeJ73NfJ0lro4fpl+/NjPeCy
sPch/44kZ6v6Es/BVzdXE6RqAmMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS/Kfs2
0y8A2tjK1/I2LsAxJoCeTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQDR6847/eOJn8BoTe/uvk9R9aibSU9XTXQbFySD+Htn
g8ac2SMwBwjizyrUaTn8zXgssD0nxXGTbB50+Rqp3mm4OMhrBO4Mu/EFXN1U2CKB
oZzaTRzu/A7CFDLG6sotWMBPRlK8SYpQ8UdyYXpVWSybCJayV7fSgFhTpus/Sz79
K7WyKARmIsXW7rFt9nkGqBsbPTop79bnLsiIR0ljTuRiEPSbLEAp8ZQQFj5MQT1w
0tAI6c2VHxHQFT0tpv0LTFvnbNg7mz3xP9Eox/GFAkoSuKr0p7JJ4Q7YUlIivy0l
fIFMhiEwKH8Ra5tbe1sOkHdtz9/tfUMQQ3GzlrwGp5Y3
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:39 2025 by rpki-client