Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
File: 42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa (raw, json)
Hash identifier: FDwAJqVzwBf0nglrM4TVBSR/oHbi4rVPdr/+QCfwZcg=
Subject key identifier: 18:9E:23:81:C9:74:72:39:C8:0F:35:1A:5C:53:15:12:D2:D4:76:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 216AC7B72B6964F0D857CFA3F6330CD1649C1045
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
Signing time: Fri 08 Aug 2025 00:40:11 +0000
ROA not before: Fri 08 Aug 2025 00:40:11 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:6a:c7:b7:2b:69:64:f0:d8:57:cf:a3:f6:33:0c:d1:64:9c:10:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:11 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=b1f7b4ccfbeb0d7b0f59728e4305308a9740a261b039e526b8bc9b097312e7ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ed:8b:80:b7:0f:86:2b:ca:02:2e:c9:c9:19:
2c:3a:7f:13:31:6a:4e:18:4d:ab:30:4e:56:d7:db:
4b:8e:55:8c:6c:c6:04:78:d5:f6:08:c3:06:61:b0:
32:68:c0:15:58:0c:35:e4:04:5c:55:73:9f:27:6a:
47:af:e6:cd:ba:ae:d4:59:eb:6b:6b:f4:91:01:d8:
83:de:ed:73:c4:3c:b0:d1:77:9e:de:ca:2a:57:e1:
81:79:2f:a6:18:bd:5b:29:fb:81:d2:81:99:0b:be:
25:2f:95:8a:b0:ce:01:c1:a0:ff:c9:97:52:9d:14:
1b:4d:50:8b:07:ca:d3:a6:9e:d2:fa:a8:a0:19:3a:
96:45:29:85:ef:cf:22:e9:80:fc:b3:a9:32:91:58:
47:4f:8d:f7:e2:ee:79:9a:0d:ba:5c:c3:90:78:a7:
1a:71:3d:26:4b:3c:50:96:d1:a5:5e:b3:9a:28:3c:
9c:57:8e:05:2e:6f:6a:08:7e:7e:96:05:84:8b:cb:
ef:89:a2:d2:43:ff:9b:44:c5:7a:f3:62:79:6d:19:
b9:db:68:68:51:3d:3c:a3:73:13:87:46:3d:57:fd:
c7:a3:8d:24:0e:95:fc:04:9b:09:35:da:12:a6:d4:
a8:c4:aa:46:e0:94:f1:f1:70:8f:61:3a:c7:51:b9:
f3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9E:23:81:C9:74:72:39:C8:0F:35:1A:5C:53:15:12:D2:D4:76:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:01:39:22:1e:e2:32:bc:b6:04:dc:02:12:7d:13:c5:92:08:
02:4b:8c:b2:62:b4:60:7c:de:57:91:38:59:1c:67:02:6e:3c:
98:ac:b6:7f:9b:e8:29:60:7b:ed:be:c4:77:0d:08:ba:8e:e6:
34:61:7a:6c:eb:50:2a:23:44:4d:33:7a:42:73:a3:24:61:14:
62:13:f9:4f:ab:9a:86:5d:a1:62:ef:a3:43:4a:53:8d:03:ab:
12:fa:19:bf:a5:9b:04:9d:81:65:14:ae:ca:50:5a:92:10:72:
7e:1d:02:2f:ff:2d:57:5d:8d:a7:f6:5b:60:e1:79:3e:f3:1b:
f8:b6:a1:e9:f0:2e:a3:3a:11:93:f3:08:50:c2:c9:5a:b9:56:
d1:36:44:37:b3:52:e9:b9:e7:5e:d1:ae:21:fc:d2:43:91:ef:
fc:7b:cd:9a:4e:61:bf:c9:1c:f2:3c:f7:19:23:89:18:d6:ff:
84:d4:19:75:e3:d5:96:24:6a:e8:c8:06:cd:86:84:cc:03:19:
af:b8:4f:03:6c:e0:d9:23:11:38:3b:b2:87:b8:f1:18:bf:86:
29:fd:72:74:18:f2:a8:73:78:bc:9c:3f:e1:9b:68:7a:80:a0:
ad:b2:d3:4f:ff:e8:03:63:62:7b:e0:78:17:47:55:32:02:50:
cd:08:94:f0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIWrHtytpZPDYV8+j9jMM0WScEEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMTFaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxZjdiNGNjZmJlYjBkN2IwZjU5NzI4ZTQzMDUzMDhhOTc0MGEyNjFiMDM5
ZTUyNmI4YmM5YjA5NzMxMmU3ZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIvti4C3D4YrygIuyckZLDp/EzFqThhNqzBOVtfbS45VjGzGBHjV9gjDBmGw
MmjAFVgMNeQEXFVznydqR6/mzbqu1Fnra2v0kQHYg97tc8Q8sNF3nt7KKlfhgXkv
phi9Wyn7gdKBmQu+JS+VirDOAcGg/8mXUp0UG01QiwfK06ae0vqooBk6lkUphe/P
IumA/LOpMpFYR0+N9+LueZoNulzDkHinGnE9Jks8UJbRpV6zmig8nFeOBS5vagh+
fpYFhIvL74mi0kP/m0TFevNieW0ZudtoaFE9PKNzE4dGPVf9x6ONJA6V/ASbCTXa
EqbUqMSqRuCU8fFwj2E6x1G580sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYniOB
yXRyOcgPNRpcUxUS0tR2czAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJmNDdjODUtZTlmZS00MGY5LWFlMWMtNTdlYTFiODA1NDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2ATkiHuIyvLYE3AISfRPFkggCS4yyYrRgfN5XkThZ
HGcCbjyYrLZ/m+gpYHvtvsR3DQi6juY0YXps61AqI0RNM3pCc6MkYRRiE/lPq5qG
XaFi76NDSlONA6sS+hm/pZsEnYFlFK7KUFqSEHJ+HQIv/y1XXY2n9ltg4Xk+8xv4
tqHp8C6jOhGT8whQwslauVbRNkQ3s1Lpuede0a4h/NJDke/8e82aTmG/yRzyPPcZ
I4kY1v+E1Bl149WWJGroyAbNhoTMAxmvuE8DbODZIxE4O7KHuPEYv4Yp/XJ0GPKo
c3i8nD/hm2h6gKCtstNP/+gDY2J74HgXR1UyAlDNCJTw
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:24 2025 by rpki-client