Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json)
Hash identifier: LNtFwcYa6QoARH2iw4z0WWKbdWwJa5N7xN5DLrqwCDY=
Subject key identifier: F0:99:69:8E:22:DF:59:F2:28:B5:67:57:1A:5A:D0:EE:AB:27:22:BA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 01A3E6E3063D18F6947AD1CDDAD5A3AF2CC78676
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
Signing time: Tue 05 Aug 2025 20:30:24 +0000
ROA not before: Tue 05 Aug 2025 20:30:24 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:a3:e6:e3:06:3d:18:f6:94:7a:d1:cd:da:d5:a3:af:2c:c7:86:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:24 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0aac140aa0a371d7961124ac1cfc2df42a0643f4092a25ba7ffb9e00eaf65805, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:63:e6:e0:61:cd:33:28:25:17:55:f0:19:1b:
28:b5:79:a8:c4:f2:2a:bd:02:af:75:20:e3:a2:e4:
27:5f:b1:34:bd:04:5c:5f:45:4c:ac:c5:1f:a1:f9:
36:c6:33:20:53:66:4e:c8:e5:5b:30:b3:51:fc:28:
76:11:11:01:6d:81:04:72:03:4a:dd:8b:d9:0b:b1:
65:94:3a:be:08:84:7b:b0:8e:95:df:f1:f7:4b:8b:
c2:20:ee:79:19:57:21:94:a9:d9:b3:15:98:6a:18:
f3:d9:d8:15:85:c5:a1:b5:b8:13:8d:87:ab:12:d4:
cf:dd:1e:6f:d6:06:c8:e4:d2:7a:7b:c5:b5:69:b6:
79:53:6f:bb:48:5e:61:ce:08:75:61:0e:c3:a4:21:
77:bd:6e:43:f7:35:00:51:22:52:00:c6:8d:7c:07:
0d:08:a0:82:8b:f5:1a:42:a6:c4:dd:46:15:b8:01:
52:d8:9a:54:4c:24:2d:e6:a6:40:3e:cc:84:41:a0:
14:31:87:29:cb:ee:38:ce:d0:fb:49:ca:ea:81:30:
d7:9b:29:3e:68:fe:1c:64:cf:4c:c8:1f:67:b5:87:
e4:6b:58:ee:8d:a2:8e:de:9d:6a:79:23:22:76:65:
7e:fd:79:87:fe:16:fd:df:f7:19:ac:f8:f0:9a:8d:
cf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:99:69:8E:22:DF:59:F2:28:B5:67:57:1A:5A:D0:EE:AB:27:22:BA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
87:08:c5:70:fe:07:25:69:c9:7f:78:bf:ed:21:c3:37:5e:4a:
9b:c4:a2:ea:9c:8a:4e:2b:e3:08:5e:e5:5c:7d:13:44:aa:2b:
4b:28:d9:62:8c:d5:c4:9e:18:0a:58:67:8f:56:f4:5b:49:b1:
3b:ad:29:fc:59:ab:35:4b:73:bf:7c:f0:33:1d:bb:62:3e:bb:
a8:e0:72:be:9e:61:73:6e:71:e7:2d:ff:33:69:e7:d4:2f:2d:
ca:13:f7:e9:d0:e1:b5:0d:66:54:70:ff:4e:f8:f6:0c:31:dc:
6d:f9:21:54:df:c1:69:4c:8a:03:f7:50:3c:7a:fd:7d:5a:68:
17:cb:0f:94:49:7c:71:66:85:33:8a:16:5f:d2:49:f5:16:a2:
26:2b:87:c5:5b:07:1d:90:14:0f:1a:b6:f3:8d:5e:bb:a6:fc:
6c:da:67:63:6d:61:62:e9:dd:f5:9f:cb:49:8c:39:fb:20:46:
9a:df:4d:5a:89:a6:cb:a6:93:31:13:26:cc:ca:e2:0e:35:c9:
e4:2e:a3:6b:8e:5c:ee:8f:02:6d:cd:ad:e7:3f:a4:fe:96:72:
42:a5:c8:b6:84:91:fb:8e:5a:99:f1:e8:c4:cd:b2:ce:65:27:
a7:ed:38:42:6c:c6:bf:a3:e7:75:fd:34:e5:0d:ce:55:c1:91:
d7:2f:e3:d4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAaPm4wY9GPaUetHN2tWjryzHhnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMjRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYWMxNDBhYTBhMzcxZDc5NjExMjRhYzFjZmMyZGY0MmEwNjQzZjQwOTJh
MjViYTdmZmI5ZTAwZWFmNjU4MDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBj5uBhzTMoJRdV8BkbKLV5qMTyKr0Cr3Ug46LkJ1+xNL0EXF9FTKzFH6H5
NsYzIFNmTsjlWzCzUfwodhERAW2BBHIDSt2L2QuxZZQ6vgiEe7COld/x90uLwiDu
eRlXIZSp2bMVmGoY89nYFYXFobW4E42HqxLUz90eb9YGyOTSenvFtWm2eVNvu0he
Yc4IdWEOw6Qhd71uQ/c1AFEiUgDGjXwHDQiggov1GkKmxN1GFbgBUtiaVEwkLeam
QD7MhEGgFDGHKcvuOM7Q+0nK6oEw15spPmj+HGTPTMgfZ7WH5GtY7o2ijt6dankj
InZlfv15h/4W/d/3Gaz48JqNz90CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwmWmO
It9Z8ii1Z1caWtDuqyciujAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQCHCMVw/gclacl/eL/tIcM3XkqbxKLqnIpOK+MIXuVc
fRNEqitLKNlijNXEnhgKWGePVvRbSbE7rSn8Was1S3O/fPAzHbtiPruo4HK+nmFz
bnHnLf8zaefULy3KE/fp0OG1DWZUcP9O+PYMMdxt+SFU38FpTIoD91A8ev19WmgX
yw+USXxxZoUzihZf0kn1FqImK4fFWwcdkBQPGrbzjV67pvxs2mdjbWFi6d31n8tJ
jDn7IEaa301aiabLppMxEybMyuIONcnkLqNrjlzujwJtza3nP6T+lnJCpci2hJH7
jlqZ8ejEzbLOZSen7ThCbMa/o+d1/TTlDc5VwZHXL+PU
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:54 2025 by rpki-client