Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
File: 4264c9e7-8855-4a41-950f-ef8df4425790.roa (raw, json)
Hash identifier: o9MdFrvS8j4cmm0y80Tz84ZdIZOzwD/jg9r4WkgoyLA=
Subject key identifier: 4D:FB:27:44:97:2D:CD:24:44:13:6F:72:42:59:CF:59:3E:14:A1:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B1664D27DC82847820DBB710A7B394402933BD4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
Signing time: Wed 06 Aug 2025 07:52:00 +0000
ROA not before: Wed 06 Aug 2025 07:52:00 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:16:64:d2:7d:c8:28:47:82:0d:bb:71:0a:7b:39:44:02:93:3b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 6 07:52:00 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=a85c620ad21f77a4a8d31646189080d55fdc82bedfeefa64988c5dae9646eb8f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1c:68:c0:9e:0f:01:9d:92:66:1b:64:59:a1:
b0:a3:65:65:be:24:07:5f:b1:92:22:24:a8:be:02:
9c:26:9d:eb:e1:99:e1:90:1c:be:47:9f:4c:6c:38:
f4:b2:41:91:07:1c:54:be:4e:aa:fe:81:86:83:49:
21:d1:8e:e2:32:5b:e7:bb:a1:5a:f0:5e:a9:15:35:
dc:e5:14:22:9a:a6:88:50:fe:5d:05:97:98:e0:aa:
d2:cd:73:18:e0:fe:d9:d2:c9:62:f6:cc:69:38:15:
8c:f7:e1:2d:28:b2:b9:4e:31:10:c4:89:c3:82:4e:
26:c1:f6:ae:31:57:21:f6:27:ed:ab:83:e5:b7:75:
d7:4e:db:86:06:cf:96:8c:ce:c8:9c:4a:67:e0:3a:
81:79:5e:15:65:96:17:55:8a:29:ae:cb:8a:40:df:
4e:eb:8a:72:56:47:cc:94:de:1c:86:a3:8f:d5:08:
44:85:89:ff:63:1b:df:ab:67:01:4c:d2:b7:95:cd:
6a:c3:3a:cc:db:d1:6c:35:de:72:14:7e:15:a6:51:
18:bd:6d:71:0f:98:73:e7:c4:6e:bd:ed:a0:25:d1:
3e:d9:df:4c:4d:e9:fd:57:1d:24:ee:01:10:56:cc:
71:f6:44:d5:f0:4a:de:43:6f:78:0e:f5:db:e5:1a:
7a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FB:27:44:97:2D:CD:24:44:13:6F:72:42:59:CF:59:3E:14:A1:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c0:b9:2c:7d:8b:f2:e6:d4:00:dc:a6:de:2f:05:28:59:17:c9:
d5:c2:3e:4d:a9:8b:fe:61:56:1c:76:8e:39:b4:cf:b2:e3:05:
d1:58:3b:44:24:f6:bb:fa:a3:75:7b:e4:76:50:d5:63:27:dc:
68:e3:f3:e1:9e:0f:97:43:7a:6f:14:52:15:23:37:6b:dc:36:
5b:4e:dd:1e:23:78:69:93:54:eb:df:21:5b:c0:cb:bd:8b:63:
4a:29:58:8b:8c:93:fd:94:13:0c:31:8b:18:ea:c7:7b:fc:26:
52:fd:2e:e9:9b:e8:f4:88:80:bc:1b:dd:d6:ad:80:3a:62:d0:
b6:f4:27:64:a2:dd:45:ee:fa:40:7a:da:08:b9:e2:95:88:9d:
6e:60:e2:16:87:29:00:fe:14:e1:69:9e:21:45:a6:f8:6e:87:
ef:62:e4:25:52:6f:28:79:e6:93:d1:7e:91:60:1c:19:0b:8c:
e2:c1:e8:22:8b:09:90:be:f7:b2:b8:f7:6e:ab:76:51:95:1d:
35:1d:20:6b:73:89:76:01:ca:04:5f:54:2b:d4:85:fc:69:07:
d9:1d:c9:10:64:41:92:9a:0c:91:23:6f:aa:b0:fd:25:96:3f:
78:ad:ca:eb:4a:3a:58:89:4a:84:32:ed:c3:a7:61:85:c5:f2:
38:1e:b5:26
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSxZk0n3IKEeCDbtxCns5RAKTO9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDYwNzUyMDBaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NWM2MjBhZDIxZjc3YTRhOGQzMTY0NjE4OTA4MGQ1NWZkYzgyYmVkZmVl
ZmE2NDk4OGM1ZGFlOTY0NmViOGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkcaMCeDwGdkmYbZFmhsKNlZb4kB1+xkiIkqL4CnCad6+GZ4ZAcvkefTGw4
9LJBkQccVL5Oqv6BhoNJIdGO4jJb57uhWvBeqRU13OUUIpqmiFD+XQWXmOCq0s1z
GOD+2dLJYvbMaTgVjPfhLSiyuU4xEMSJw4JOJsH2rjFXIfYn7auD5bd1107bhgbP
lozOyJxKZ+A6gXleFWWWF1WKKa7LikDfTuuKclZHzJTeHIajj9UIRIWJ/2Mb36tn
AUzSt5XNasM6zNvRbDXechR+FaZRGL1tcQ+Yc+fEbr3toCXRPtnfTE3p/VcdJO4B
EFbMcfZE1fBK3kNveA712+UaetUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRN+ydE
ly3NJEQTb3JCWc9ZPhShETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDI2NGM5ZTctODg1NS00YTQxLTk1MGYtZWY4ZGY0NDI1NzkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQDAuSx9i/Lm1ADcpt4vBShZF8nVwj5NqYv+YVYcdo45
tM+y4wXRWDtEJPa7+qN1e+R2UNVjJ9xo4/Phng+XQ3pvFFIVIzdr3DZbTt0eI3hp
k1Tr3yFbwMu9i2NKKViLjJP9lBMMMYsY6sd7/CZS/S7pm+j0iIC8G93WrYA6YtC2
9Cdkot1F7vpAetoIueKViJ1uYOIWhykA/hThaZ4hRab4bofvYuQlUm8oeeaT0X6R
YBwZC4ziwegiiwmQvveyuPduq3ZRlR01HSBrc4l2AcoEX1Qr1IX8aQfZHckQZEGS
mgyRI2+qsP0llj94rcrrSjpYiUqEMu3Dp2GFxfI4HrUm
-----END CERTIFICATE-----
Generated at Thu Aug 21 18:53:39 2025 by rpki-client