Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
File: 2ce9a789-9599-4c9d-a093-ead3033f60d1.roa (raw, json)
Hash identifier: edzVwdAyuJiEvqw5TWbGUZ6V1ZpvVM5LuSdKQH9PMW4=
Subject key identifier: 7D:54:0F:D8:76:1B:99:C9:26:EA:18:A7:0A:BA:53:75:7B:97:52:00
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15EA3A1A0857148174A1BEB7A467886DA6ABC4E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
Signing time: Tue 05 Aug 2025 20:30:22 +0000
ROA not before: Tue 05 Aug 2025 20:30:22 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:ea:3a:1a:08:57:14:81:74:a1:be:b7:a4:67:88:6d:a6:ab:c4:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:22 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0af16a8e33e474e5f7cc00a07b593126a6588a599e5238a5e204ba295f5d4480, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:68:74:2f:bb:90:07:75:f3:33:36:86:c9:eb:
8d:4d:b8:c5:bb:07:dd:da:d5:bc:bc:21:4f:64:52:
a2:93:82:3a:56:b8:04:ab:05:1a:83:aa:1c:e8:67:
c5:42:41:3e:57:61:2d:c7:1a:32:aa:e7:a3:36:3f:
3e:56:1d:fa:4d:16:c9:9e:d5:c2:a5:cb:a1:13:8e:
7b:a3:49:d1:77:a0:12:98:c4:97:63:0d:84:42:5c:
65:a2:74:12:8e:78:89:d8:e2:07:ed:e6:5d:00:fa:
b0:e1:77:4c:bd:76:55:f6:be:1e:93:fa:74:6f:d9:
f1:4c:75:c7:e6:41:51:ee:65:ef:09:90:8f:00:d4:
cb:d2:10:e8:5f:e9:2f:01:72:0a:48:be:59:44:72:
fc:0e:4c:64:9e:07:72:59:34:2f:26:d9:34:a7:32:
70:ea:92:15:26:66:b8:d5:ce:1c:10:b9:75:20:c6:
77:be:b6:18:77:11:95:e8:6f:e8:0d:3f:90:d0:a8:
97:63:6c:2e:c4:8c:07:87:22:8e:0c:d8:51:ca:c4:
c1:3e:f5:30:6a:17:a0:ba:b7:07:94:d2:14:6e:2a:
2d:24:ab:04:af:e9:15:3d:7a:7e:47:4c:72:47:a8:
08:13:c4:74:02:e6:f9:b5:d6:b8:34:63:d1:37:7b:
a8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:54:0F:D8:76:1B:99:C9:26:EA:18:A7:0A:BA:53:75:7B:97:52:00
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:fa:c5:b1:63:47:db:65:10:c8:94:41:65:1c:4e:03:88:95:
71:75:42:67:6e:ed:ab:fc:32:13:8a:06:57:e0:81:91:ef:6d:
84:a6:2e:d8:af:ec:be:cc:b9:af:f2:9b:7d:ac:37:3f:99:f7:
15:ba:6e:64:07:65:29:b9:a1:67:8b:a5:39:cb:7a:18:46:da:
cf:bd:d4:04:62:a7:37:d0:25:6e:e7:75:f3:bc:bd:72:b5:19:
c0:23:a0:48:38:ce:5a:83:07:11:40:b0:a8:50:fe:42:73:79:
b1:27:6c:6e:6c:61:8c:42:06:e1:a9:d9:db:2e:d4:05:1b:b8:
6f:f4:ff:e7:89:d2:e4:a7:ab:90:82:b1:ac:97:42:01:b1:cd:
43:e6:53:35:80:fb:13:1f:94:04:1c:02:79:7a:4f:8e:14:3e:
f5:09:1b:66:72:05:47:2a:ec:54:8d:77:be:77:85:8e:11:7b:
92:3b:8f:ab:27:53:af:e0:d1:6c:d9:18:53:b3:30:c9:bc:ad:
41:76:15:d7:36:d9:5a:b5:ec:21:c8:2e:88:88:17:bc:e4:db:
c8:b1:20:a1:01:35:17:e2:5d:0f:53:2f:31:2e:25:5f:ec:11:
f4:95:e0:60:4a:a1:ce:ee:01:5d:63:0d:b6:03:53:02:48:02:
49:8a:71:57
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFeo6GghXFIF0ob63pGeIbaarxOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMjJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhZjE2YThlMzNlNDc0ZTVmN2NjMDBhMDdiNTkzMTI2YTY1ODhhNTk5ZTUy
MzhhNWUyMDRiYTI5NWY1ZDQ0ODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIRodC+7kAd18zM2hsnrjU24xbsH3drVvLwhT2RSopOCOla4BKsFGoOqHOhn
xUJBPldhLccaMqrnozY/PlYd+k0WyZ7VwqXLoROOe6NJ0XegEpjEl2MNhEJcZaJ0
Eo54idjiB+3mXQD6sOF3TL12Vfa+HpP6dG/Z8Ux1x+ZBUe5l7wmQjwDUy9IQ6F/p
LwFyCki+WURy/A5MZJ4Hclk0LybZNKcycOqSFSZmuNXOHBC5dSDGd762GHcRlehv
6A0/kNCol2NsLsSMB4cijgzYUcrEwT71MGoXoLq3B5TSFG4qLSSrBK/pFT16fkdM
ckeoCBPEdALm+bXWuDRj0Td7qO8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR9VA/Y
dhuZySbqGKcKulN1e5dSADAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmNlOWE3ODktOTU5OS00YzlkLWEwOTMtZWFkMzAzM2Y2MGQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G
CSqGSIb3DQEBCwUAA4IBAQB3+sWxY0fbZRDIlEFlHE4DiJVxdUJnbu2r/DITigZX
4IGR722Epi7Yr+y+zLmv8pt9rDc/mfcVum5kB2UpuaFni6U5y3oYRtrPvdQEYqc3
0CVu53XzvL1ytRnAI6BIOM5agwcRQLCoUP5Cc3mxJ2xubGGMQgbhqdnbLtQFG7hv
9P/nidLkp6uQgrGsl0IBsc1D5lM1gPsTH5QEHAJ5ek+OFD71CRtmcgVHKuxUjXe+
d4WOEXuSO4+rJ1Ov4NFs2RhTszDJvK1BdhXXNtlatewhyC6IiBe85NvIsSChATUX
4l0PUy8xLiVf7BH0leBgSqHO7gFdYw22A1MCSAJJinFX
-----END CERTIFICATE-----
Generated at Wed Aug 20 12:56:15 2025 by rpki-client