Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json)
Hash identifier: 3gGnoXYqjJblMRclW+9mYyOxGUuaNSgl+RVmcVg4zGU=
Subject key identifier: E3:71:BB:BF:90:12:A4:B2:8D:CD:A7:23:AD:4A:28:49:C6:CD:5F:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21C0CC33650AD36DDE731D7798C3478329C2CC91
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
Signing time: Tue 05 Aug 2025 20:20:19 +0000
ROA not before: Tue 05 Aug 2025 20:20:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c0:cc:33:65:0a:d3:6d:de:73:1d:77:98:c3:47:83:29:c2:cc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8833576886a14ac1dda65d339599990a37ea989fb31859ccf8726166efce462b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:6a:9c:9e:48:72:19:b9:24:c7:94:d9:b7:
c4:7b:5b:af:f1:91:b0:c8:7b:b8:c8:d3:c0:cf:f9:
eb:e7:7b:b8:5f:fe:06:da:6f:e8:51:45:ff:12:c6:
63:b3:66:1c:bc:0c:04:4e:a7:3a:77:cd:d2:5a:1a:
8a:38:9c:b0:c8:63:0b:c8:a9:d4:e6:35:a0:e1:c9:
e3:ea:f3:4a:bc:b6:21:fc:75:48:c9:a1:8a:08:03:
5e:cc:98:a7:9b:ab:d5:62:2c:7d:25:66:32:56:2a:
57:7c:91:01:c0:42:95:1b:bc:1d:15:76:ca:b6:da:
70:62:28:29:52:19:51:76:17:40:c6:1c:28:a4:92:
e2:38:4b:fd:d8:15:05:70:7d:79:a9:eb:84:45:32:
f1:07:09:55:71:39:1e:57:08:55:48:d5:bc:ba:3d:
54:51:87:bf:b1:b3:96:64:2e:2a:f7:b1:11:72:86:
e7:01:07:3c:a1:94:30:23:64:45:aa:c6:7c:ab:02:
ae:84:fa:c2:ac:c8:12:fa:04:8c:c3:6f:6f:6f:7c:
25:32:e3:af:cc:54:1b:6a:55:42:e4:35:3a:9e:48:
80:4a:39:3f:05:db:0a:fd:af:5d:d2:2a:0c:d7:29:
97:89:75:90:0e:b0:88:1d:35:2b:2e:e4:99:5e:a8:
9a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:71:BB:BF:90:12:A4:B2:8D:CD:A7:23:AD:4A:28:49:C6:CD:5F:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7e:c1:ae:c6:04:d2:35:a1:53:1d:1c:f6:ef:9e:f4:8d:39:2d:
ba:fa:b1:9c:a8:10:f9:1f:86:65:46:69:4a:7e:57:71:8b:8e:
62:19:71:83:25:fb:0d:e9:b8:39:2d:03:c1:de:85:c0:55:bf:
25:42:e9:8d:8d:b4:90:9b:27:6b:bc:eb:9a:52:d5:90:61:cb:
f0:18:d5:59:44:61:96:62:a1:00:46:84:a6:42:1f:43:10:eb:
11:aa:0a:47:da:5b:b0:ee:66:19:79:60:93:62:d5:e1:89:90:
7c:a2:eb:23:97:8f:f3:15:6f:57:85:8d:59:88:a5:99:d8:fa:
93:67:f9:f0:67:9b:ef:0b:b2:63:1a:15:d0:4e:31:0d:e0:a0:
b0:3b:9a:ac:08:fe:81:05:74:df:5a:2a:3a:1b:42:54:8e:34:
bd:5c:eb:53:c5:51:20:18:a7:68:c6:77:b1:09:19:e0:0e:ac:
7c:67:3d:1f:88:be:d2:3d:56:fc:68:13:c0:ba:ff:ba:92:b2:
ee:13:db:6a:55:8d:27:c3:9a:cd:8a:9a:4e:00:14:7f:4d:81:
16:82:95:bb:c1:fe:66:39:39:71:99:bc:d8:17:3e:b5:1c:1e:
b3:8b:e9:65:71:58:cf:63:e4:1f:14:60:cc:e7:b9:0c:a6:a0:
d5:c0:c6:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIcDMM2UK023ecx13mMNHgynCzJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4MzM1NzY4ODZhMTRhYzFkZGE2NWQzMzk1OTk5OTBhMzdlYTk4OWZiMzE4
NTljY2Y4NzI2MTY2ZWZjZTQ2MmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5UapyeSHIZuSTHlNm3xHtbr/GRsMh7uMjTwM/56+d7uF/+Btpv6FFF/xLG
Y7NmHLwMBE6nOnfN0loaijicsMhjC8ip1OY1oOHJ4+rzSry2Ifx1SMmhiggDXsyY
p5ur1WIsfSVmMlYqV3yRAcBClRu8HRV2yrbacGIoKVIZUXYXQMYcKKSS4jhL/dgV
BXB9eanrhEUy8QcJVXE5HlcIVUjVvLo9VFGHv7GzlmQuKvexEXKG5wEHPKGUMCNk
RarGfKsCroT6wqzIEvoEjMNvb298JTLjr8xUG2pVQuQ1Op5IgEo5PwXbCv2vXdIq
DNcpl4l1kA6wiB01Ky7kmV6oms8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTjcbu/
kBKkso3NpyOtSihJxs1f+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQB+wa7GBNI1oVMdHPbvnvSNOS26+rGcqBD5H4ZlRmlK
fldxi45iGXGDJfsN6bg5LQPB3oXAVb8lQumNjbSQmydrvOuaUtWQYcvwGNVZRGGW
YqEARoSmQh9DEOsRqgpH2luw7mYZeWCTYtXhiZB8ousjl4/zFW9XhY1ZiKWZ2PqT
Z/nwZ5vvC7JjGhXQTjEN4KCwO5qsCP6BBXTfWio6G0JUjjS9XOtTxVEgGKdoxnex
CRngDqx8Zz0fiL7SPVb8aBPAuv+6krLuE9tqVY0nw5rNippOABR/TYEWgpW7wf5m
OTlxmbzYFz61HB6zi+llcVjPY+QfFGDM57kMpqDVwMYO
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:51 2025 by rpki-client