Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: SaBz42+6lUBulicA1FUqzEZOThv2Emtyf01ajQIaSkQ=
Subject key identifier: 1D:2A:72:F0:A9:7F:FB:3F:AE:E7:22:FA:AE:1E:F9:8C:FF:E0:B2:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 710927ADA6556A6D46B59A3E161A88A40BE69D05
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Tue 05 Aug 2025 20:20:12 +0000
ROA not before: Tue 05 Aug 2025 20:20:12 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:09:27:ad:a6:55:6a:6d:46:b5:9a:3e:16:1a:88:a4:0b:e6:9d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:12 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d5f4df1169e19c40a80bd4aec9ba4769da0619a94ddc209000668069e7850f61, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:16:86:38:26:99:ce:4e:2b:db:20:85:b1:99:
77:35:6a:83:79:cd:a2:58:8a:b2:b5:37:68:07:72:
dd:24:ab:64:5e:30:6e:9a:9d:f2:d4:9e:c4:28:ce:
8a:c9:cd:ac:4c:81:26:b2:3e:dc:6b:cc:b3:1c:30:
fc:ef:47:69:ff:4b:5a:e2:86:55:48:69:6f:e1:dc:
c6:04:18:5a:d6:a8:47:97:9f:0c:43:3f:c2:6d:f7:
dc:02:4b:81:ff:3a:6b:3b:6a:41:5d:b3:76:3b:a1:
97:9d:13:c8:a9:64:bf:d9:fb:7c:86:5e:e5:fd:a8:
0d:30:8e:19:f6:a9:e9:37:4d:2f:ef:09:a8:92:e1:
b9:dd:7e:6c:85:10:23:75:b2:5f:31:df:5d:93:b3:
14:7c:e4:2e:54:82:73:3c:b2:db:95:f8:43:60:1d:
91:9a:ca:6a:f2:4b:21:ba:18:e3:1c:32:6f:30:a6:
6b:3c:7f:c0:e1:1d:61:0b:69:f4:4d:00:c7:bb:4a:
0c:3d:2e:1e:e3:79:bd:92:b3:38:5e:65:25:3b:f6:
dd:ae:e6:6b:f2:23:16:ff:f9:fe:a6:30:ab:fc:19:
d6:17:3b:db:d2:8f:f4:ea:84:20:58:9a:ce:08:88:
0c:53:54:76:ed:35:c1:fc:8f:c3:a8:79:1a:d7:bf:
ae:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2A:72:F0:A9:7F:FB:3F:AE:E7:22:FA:AE:1E:F9:8C:FF:E0:B2:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3a:a4:f6:08:40:f5:86:05:6c:2e:ed:3d:40:60:80:ef:4c:86:
bd:f8:d7:57:15:13:59:ed:fb:7b:51:a1:da:1f:3d:2c:37:0a:
26:c2:a0:54:a3:26:65:36:7d:84:a7:f8:54:3f:ea:23:73:8b:
b4:26:65:78:b0:f7:ed:3a:54:56:fe:34:25:3b:cf:d1:cd:0e:
41:97:2e:81:59:5a:b9:36:dd:ae:d1:07:2d:6c:b4:51:7d:63:
b3:d3:9e:84:c7:0c:32:2a:af:a3:e5:10:35:9d:29:1a:10:7f:
bb:c2:b0:ad:92:2b:98:1b:c9:e5:81:fc:6e:fd:11:11:34:43:
c9:1a:25:42:90:e6:9e:26:a1:a4:6e:17:1f:3e:1d:2e:2c:86:
5b:84:0c:8f:d5:3e:08:f2:2c:b4:9c:7d:a3:0b:58:0c:6d:2a:
2e:10:85:36:b8:77:44:f7:49:50:00:e4:8b:b6:f0:d7:c7:9c:
d5:c6:9a:ab:c8:ea:ee:20:97:da:c5:cb:d4:9e:5e:53:71:ff:
db:8d:aa:f5:f9:32:8c:14:0e:d2:8f:c6:02:cf:3c:51:ce:5f:
65:cf:d4:d5:1a:8f:d5:30:42:98:a0:b9:cd:a5:32:53:d4:c5:
21:07:fb:18:84:8f:f4:01:6b:8b:99:d1:53:d9:46:2b:34:87:
0a:39:83:a4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcQknraZVam1GtZo+FhqIpAvmnQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMTJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ZjRkZjExNjllMTljNDBhODBiZDRhZWM5YmE0NzY5ZGEwNjE5YTk0ZGRj
MjA5MDAwNjY4MDY5ZTc4NTBmNjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8Whjgmmc5OK9sghbGZdzVqg3nNoliKsrU3aAdy3SSrZF4wbpqd8tSexCjO
isnNrEyBJrI+3GvMsxww/O9Haf9LWuKGVUhpb+HcxgQYWtaoR5efDEM/wm333AJL
gf86aztqQV2zdjuhl50TyKlkv9n7fIZe5f2oDTCOGfap6TdNL+8JqJLhud1+bIUQ
I3WyXzHfXZOzFHzkLlSCczyy25X4Q2AdkZrKavJLIboY4xwybzCmazx/wOEdYQtp
9E0Ax7tKDD0uHuN5vZKzOF5lJTv23a7ma/IjFv/5/qYwq/wZ1hc729KP9OqEIFia
zgiIDFNUdu01wfyPw6h5Gte/rt8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQdKnLw
qX/7P67nIvquHvmM/+CyvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQA6pPYIQPWGBWwu7T1AYIDvTIa9+NdXFRNZ7ft7UaHa
Hz0sNwomwqBUoyZlNn2Ep/hUP+ojc4u0JmV4sPftOlRW/jQlO8/RzQ5Bly6BWVq5
Nt2u0QctbLRRfWOz056ExwwyKq+j5RA1nSkaEH+7wrCtkiuYG8nlgfxu/RERNEPJ
GiVCkOaeJqGkbhcfPh0uLIZbhAyP1T4I8iy0nH2jC1gMbSouEIU2uHdE90lQAOSL
tvDXx5zVxpqryOruIJfaxcvUnl5Tcf/bjar1+TKMFA7Sj8YCzzxRzl9lz9TVGo/V
MEKYoLnNpTJT1MUhB/sYhI/0AWuLmdFT2UYrNIcKOYOk
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:17 2025 by rpki-client