Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: nwSKuj/jLXAomObObnR+E2F7jRB/rlqqm3nh13Y7hHI=
Subject key identifier: 59:C1:74:9A:2B:12:83:03:DE:3E:04:5F:B7:68:01:60:84:C9:2B:CB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A157CE1CFDF4EA9708C8578CDE598E88B5CA147
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Tue 05 Aug 2025 20:20:04 +0000
ROA not before: Tue 05 Aug 2025 20:20:04 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:15:7c:e1:cf:df:4e:a9:70:8c:85:78:cd:e5:98:e8:8b:5c:a1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:04 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=827541ff6fb621cfe75493754f3e2d44abfea91dcaf39ab56b10d098beb95b76, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8c:bb:10:fe:d6:72:e2:b7:30:70:f9:55:39:
d5:0e:7d:ec:19:a6:f5:be:67:8f:01:14:0f:da:b3:
f6:a1:45:44:64:d5:97:33:3a:ea:6e:79:7c:b1:57:
e7:df:21:c7:34:c6:58:6c:02:e2:48:b9:11:b3:72:
1d:47:47:c7:7f:68:0e:d8:fd:57:19:a9:63:ef:bc:
78:44:d3:10:4d:b7:79:1c:92:a2:19:0b:40:a5:57:
49:ab:d4:75:62:9f:8e:9b:e7:ff:72:c1:dd:56:98:
e6:2f:dd:5b:3a:9c:b9:17:54:86:60:e1:1b:05:3b:
6c:48:19:5d:c9:79:b8:bb:e4:9d:10:4d:ff:22:80:
ad:21:2b:a2:a3:f1:ee:3d:32:a0:53:75:44:c4:39:
65:db:be:75:07:67:36:5e:70:59:b7:90:7c:7c:5b:
12:20:43:ad:2c:6d:0d:3c:5e:b2:2c:64:d1:61:53:
e3:dd:a0:0a:a3:3f:71:52:3c:a4:e0:2b:9a:8c:f5:
69:2d:8f:f7:1a:90:69:4b:68:89:58:9b:14:7e:49:
76:19:4f:f3:f8:91:d9:36:36:0e:41:bf:dd:e9:b1:
95:54:1e:14:a4:6d:e9:34:99:f6:67:24:b0:06:0b:
ad:2d:f0:2c:13:07:5d:d3:f6:17:c0:f9:e6:d2:c0:
46:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C1:74:9A:2B:12:83:03:DE:3E:04:5F:B7:68:01:60:84:C9:2B:CB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:bd:74:cd:89:be:83:89:25:aa:9c:c9:65:5c:3c:03:0b:7f:
c2:4c:85:30:c3:90:4a:e3:23:2a:a9:1b:c8:2e:46:f3:fa:3f:
a0:cc:08:63:3e:a0:cb:7c:1b:f4:39:c3:8f:6c:25:7b:21:2e:
f3:74:7d:61:d1:d1:d8:dc:7b:ce:4b:be:67:21:e2:68:aa:fc:
af:fa:bd:0c:fe:b8:f2:93:09:f2:73:f0:f7:c3:ce:71:6e:e3:
73:02:ab:62:74:dc:99:c6:ce:b3:fe:cf:87:28:2c:7a:65:86:
9a:53:48:9f:8e:12:d6:2d:47:03:94:11:c0:96:27:b0:e0:66:
26:9d:3a:ab:b2:bb:85:0b:c2:c6:07:b5:ae:8c:b5:14:60:c6:
c4:b7:05:ff:4a:ff:f4:f2:2b:d2:94:d3:64:9e:95:48:b1:a1:
43:cb:cd:43:19:6a:85:4d:b1:df:3c:45:21:2d:58:ba:ea:a3:
79:6b:7d:35:33:be:9e:fb:37:99:ad:39:89:b4:1b:80:98:a6:
6c:c7:09:5c:52:da:c1:b5:c6:8a:8c:77:fb:ed:b3:83:8e:51:
e8:2c:75:4a:a6:43:0d:76:02:ba:f5:34:3b:a0:92:4e:3c:0d:
75:53:e8:01:69:86:87:f2:87:16:6f:8e:14:ac:b6:1c:7e:82:
72:72:d3:6e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUChV84c/fTqlwjIV4zeWY6ItcoUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMDRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyNzU0MWZmNmZiNjIxY2ZlNzU0OTM3NTRmM2UyZDQ0YWJmZWE5MWRjYWYz
OWFiNTZiMTBkMDk4YmViOTViNzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJiMuxD+1nLitzBw+VU51Q597Bmm9b5njwEUD9qz9qFFRGTVlzM66m55fLFX
598hxzTGWGwC4ki5EbNyHUdHx39oDtj9VxmpY++8eETTEE23eRySohkLQKVXSavU
dWKfjpvn/3LB3VaY5i/dWzqcuRdUhmDhGwU7bEgZXcl5uLvknRBN/yKArSEroqPx
7j0yoFN1RMQ5Zdu+dQdnNl5wWbeQfHxbEiBDrSxtDTxesixk0WFT492gCqM/cVI8
pOArmoz1aS2P9xqQaUtoiVibFH5JdhlP8/iR2TY2DkG/3emxlVQeFKRt6TSZ9mck
sAYLrS3wLBMHXdP2F8D55tLARvkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZwXSa
KxKDA94+BF+3aAFghMkryzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQA1vXTNib6DiSWqnMllXDwDC3/CTIUww5BK4yMqqRvI
Lkbz+j+gzAhjPqDLfBv0OcOPbCV7IS7zdH1h0dHY3HvOS75nIeJoqvyv+r0M/rjy
kwnyc/D3w85xbuNzAqtidNyZxs6z/s+HKCx6ZYaaU0ifjhLWLUcDlBHAliew4GYm
nTqrsruFC8LGB7WujLUUYMbEtwX/Sv/08ivSlNNknpVIsaFDy81DGWqFTbHfPEUh
LVi66qN5a301M76e+zeZrTmJtBuAmKZsxwlcUtrBtcaKjHf77bODjlHoLHVKpkMN
dgK69TQ7oJJOPA11U+gBaYaH8ocWb44UrLYcfoJyctNu
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:44:48 2025 by rpki-client