Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: 4wKOt+9qEGAWOMMNj3QSiyjhg2ACpMlOdtyz/a5LkIE=
Subject key identifier: BA:21:45:3C:2A:53:A1:17:58:46:41:35:80:48:63:1C:F4:F5:BD:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A79D4F06ABC37BFEDA9D6CC018DDA0E1CB74423
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Fri 15 Aug 2025 15:50:45 +0000
ROA not before: Fri 15 Aug 2025 15:50:45 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:79:d4:f0:6a:bc:37:bf:ed:a9:d6:cc:01:8d:da:0e:1c:b7:44:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:45 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=46b09cca42a67127fa7a374a03f0a8863b280f14f9a03d4644464e4bc796ca14, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2e:f9:87:38:b9:75:7c:d2:95:eb:7f:c6:7d:
c8:88:e4:ef:6b:e0:b5:d2:c7:04:cf:0e:c5:a3:d4:
93:bc:e0:da:ee:80:bc:fd:eb:07:fc:52:82:7e:9e:
fc:11:fe:ec:b5:15:7e:e3:89:18:ae:0d:e1:ab:9b:
fd:c8:37:86:be:2f:e2:73:c6:98:a3:73:ea:82:9c:
79:41:84:46:be:6e:89:88:4a:50:b5:ae:89:b0:bb:
5b:20:ea:f5:72:ef:45:4e:fd:e1:04:40:02:97:32:
d6:c3:8c:c2:86:a8:cd:c9:78:c5:79:0c:50:5b:71:
c6:fd:e6:02:ac:0d:64:e3:e6:00:7d:d0:17:5e:3f:
a1:3d:da:33:25:19:c8:18:9d:c6:cf:f7:3e:67:d5:
ba:f0:e0:ad:3c:e1:f8:a5:86:44:77:7b:2c:37:e4:
d6:72:fb:2f:80:ed:b2:92:2c:a1:98:59:82:41:94:
1b:77:80:db:32:d6:9e:98:45:28:8e:4b:aa:d4:36:
e7:97:1b:9a:13:36:23:de:a7:98:65:cd:98:f0:2d:
0f:46:f2:10:a2:39:0d:d1:70:ec:04:9b:5d:f1:75:
0c:12:54:1c:d2:58:be:e8:01:a0:cd:02:0f:47:16:
e0:74:b8:9f:61:d6:8f:2d:bc:5d:99:33:45:8a:ac:
70:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:21:45:3C:2A:53:A1:17:58:46:41:35:80:48:63:1C:F4:F5:BD:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:56:e3:65:e4:27:39:fe:42:66:e5:6e:86:4e:d0:ca:75:ff:
85:2e:49:91:b9:12:73:b6:7d:f8:2a:05:b5:2d:86:52:eb:56:
77:f0:ba:90:db:56:14:19:42:c5:99:85:74:93:08:4f:c9:bb:
70:20:7a:86:6f:47:0f:3b:ed:3b:8c:b2:fe:15:11:91:50:0d:
d0:3f:31:f0:88:a6:5a:5b:d4:86:37:a4:51:2a:57:3c:92:16:
7f:1a:07:dd:46:e2:9c:e5:20:07:87:cc:02:24:07:7f:83:a0:
4a:fa:41:9e:77:bf:1e:92:0a:84:f3:9a:b6:46:3d:13:b0:40:
7a:f9:55:57:74:ff:62:91:5c:89:73:c6:4a:a1:a7:0d:85:bd:
47:aa:a4:52:9a:2d:99:2f:ce:2f:3b:19:f6:ec:58:03:eb:17:
f1:e6:1e:ef:00:3a:68:ef:1f:f9:52:ef:97:52:53:ab:8b:b7:
56:10:26:47:2e:ce:b4:45:17:bb:01:41:bc:a5:ae:e9:ee:d5:
7f:5d:93:1c:30:64:4b:05:48:e2:3e:57:32:c9:1e:9f:9f:55:
d7:01:7e:08:8c:b1:a6:21:ad:0c:07:e4:7f:d2:41:45:94:6a:
1e:57:bf:63:c8:43:03:4c:fe:c8:64:bd:99:85:81:5b:b9:98:
d0:bb:71:51
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUennU8Gq8N7/tqdbMAY3aDhy3RCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNDVaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2YjA5Y2NhNDJhNjcxMjdmYTdhMzc0YTAzZjBhODg2M2IyODBmMTRmOWEw
M2Q0NjQ0NDY0ZTRiYzc5NmNhMTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcu+Yc4uXV80pXrf8Z9yIjk72vgtdLHBM8OxaPUk7zg2u6AvP3rB/xSgn6e
/BH+7LUVfuOJGK4N4aub/cg3hr4v4nPGmKNz6oKceUGERr5uiYhKULWuibC7WyDq
9XLvRU794QRAApcy1sOMwoaozcl4xXkMUFtxxv3mAqwNZOPmAH3QF14/oT3aMyUZ
yBidxs/3PmfVuvDgrTzh+KWGRHd7LDfk1nL7L4DtspIsoZhZgkGUG3eA2zLWnphF
KI5LqtQ255cbmhM2I96nmGXNmPAtD0byEKI5DdFw7ASbXfF1DBJUHNJYvugBoM0C
D0cW4HS4n2HWjy28XZkzRYqscMMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6IUU8
KlOhF1hGQTWASGMc9PW9bjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQBDVuNl5Cc5/kJm5W6GTtDKdf+FLkmRuRJztn34KgW1
LYZS61Z38LqQ21YUGULFmYV0kwhPybtwIHqGb0cPO+07jLL+FRGRUA3QPzHwiKZa
W9SGN6RRKlc8khZ/GgfdRuKc5SAHh8wCJAd/g6BK+kGed78ekgqE85q2Rj0TsEB6
+VVXdP9ikVyJc8ZKoacNhb1HqqRSmi2ZL84vOxn27FgD6xfx5h7vADpo7x/5Uu+X
UlOri7dWECZHLs60RRe7AUG8pa7p7tV/XZMcMGRLBUjiPlcyyR6fn1XXAX4IjLGm
Ia0MB+R/0kFFlGoeV79jyEMDTP7IZL2ZhYFbuZjQu3FR
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:12 2025 by rpki-client