Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
File: 4a35eec8-470f-4ad0-852b-9006065bbbb0.roa (raw, json)
Hash identifier: 3QVilld+lX2rJc0dw9CjxNW1jn7QFnVrJfqufJvkLLk=
Subject key identifier: FD:A8:F0:67:3C:43:61:AA:C6:0E:52:3D:16:73:AB:18:4D:3E:1C:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 364B2AE70E58E440D0DDEEDA833698277A373E8D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
Signing time: Wed 06 Aug 2025 07:37:46 +0000
ROA not before: Wed 06 Aug 2025 07:37:46 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:4b:2a:e7:0e:58:e4:40:d0:dd:ee:da:83:36:98:27:7a:37:3e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 6 07:37:46 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=525f0fe66bc7d1ff9a229d5f4750454d28f119b2a3e078a0a0d1d4c9d2e0f37f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7d:2e:29:07:98:b1:55:26:7f:1e:ee:a3:55:
08:d0:84:7e:be:c7:3a:14:83:90:8a:ef:d9:a3:48:
c4:1b:49:c5:16:79:19:3f:2c:15:e4:ab:59:c4:23:
93:18:99:b0:0c:0b:73:59:d9:11:cd:4c:4d:8c:1d:
69:06:88:9f:81:03:45:cb:63:b3:9a:fb:9c:78:b3:
84:99:64:e9:fb:e9:11:16:50:8f:07:b4:a9:0d:36:
e7:b9:3e:a2:dc:f2:04:03:e0:1e:7c:8b:63:b7:88:
7a:15:0a:8d:95:c6:f8:23:21:04:bc:92:66:4b:47:
8e:f6:70:5f:b6:39:f9:47:4a:1b:2b:50:b9:d7:4f:
3f:7e:76:58:2e:07:00:65:0f:a7:86:ea:8e:0c:6e:
f6:ca:67:11:2b:c2:0e:f7:6f:4a:88:5d:d8:54:e7:
98:c3:05:c4:a9:90:5b:3a:d3:8d:2b:1e:87:0c:7a:
2c:a6:eb:c5:7d:dc:59:f1:20:a9:94:74:4f:b8:a8:
ba:2f:fe:79:b3:f8:8b:54:5b:fa:0c:ea:27:fb:13:
0e:83:cc:65:10:81:af:6a:8b:8c:9c:47:69:fb:5c:
80:3e:42:a4:cc:53:33:59:81:93:5f:0e:ba:71:8a:
ce:b9:4c:91:cc:79:12:38:27:5c:d0:6d:bd:77:b9:
f1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A8:F0:67:3C:43:61:AA:C6:0E:52:3D:16:73:AB:18:4D:3E:1C:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
34:79:ea:c1:31:94:f6:85:26:61:80:62:9a:88:14:17:bc:ed:
b1:2e:a6:87:cb:ea:9f:3d:74:36:2e:e3:a5:b9:53:c6:d1:19:
71:aa:4c:6e:13:8c:a3:e4:d3:e9:22:00:28:6d:d9:f2:a9:8a:
80:50:9c:02:8b:72:b4:4f:d3:13:2c:4f:47:e5:58:d6:57:81:
62:73:5e:3f:2e:03:40:f1:80:b2:32:85:08:d2:13:d3:dd:69:
47:1a:23:15:30:a6:12:1b:18:10:0c:65:f9:4f:1f:12:78:17:
42:e7:5c:8c:ad:62:23:e2:4d:75:5b:31:5d:1d:00:ca:c3:01:
6b:c4:8f:a0:8b:63:de:68:b7:ec:21:be:c5:cc:49:0e:43:2b:
20:3a:8e:70:4b:a8:ca:9a:6c:69:39:90:6c:76:e6:4c:47:2f:
d9:ca:eb:2b:ae:39:c5:ab:77:1f:78:74:9f:b4:98:e8:54:ab:
33:cf:e6:ad:9e:9d:71:11:a9:7b:b9:28:e9:b7:33:1c:ef:b3:
b3:d5:f1:aa:97:0d:74:89:20:86:17:f3:df:13:09:80:2f:c3:
fa:ca:fe:40:26:14:19:50:5c:21:09:a0:42:4f:ea:7c:9e:ca:
2c:8e:a5:ed:7e:4f:c6:d9:25:ec:45:66:d7:25:5f:ba:35:a2:
1a:f1:d5:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNksq5w5Y5EDQ3e7agzaYJ3o3Po0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDYwNzM3NDZaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyNWYwZmU2NmJjN2QxZmY5YTIyOWQ1ZjQ3NTA0NTRkMjhmMTE5YjJhM2Uw
NzhhMGEwZDFkNGM5ZDJlMGYzN2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM19LikHmLFVJn8e7qNVCNCEfr7HOhSDkIrv2aNIxBtJxRZ5GT8sFeSrWcQj
kxiZsAwLc1nZEc1MTYwdaQaIn4EDRctjs5r7nHizhJlk6fvpERZQjwe0qQ0257k+
otzyBAPgHnyLY7eIehUKjZXG+CMhBLySZktHjvZwX7Y5+UdKGytQuddPP352WC4H
AGUPp4bqjgxu9spnESvCDvdvSohd2FTnmMMFxKmQWzrTjSsehwx6LKbrxX3cWfEg
qZR0T7ioui/+ebP4i1Rb+gzqJ/sTDoPMZRCBr2qLjJxHaftcgD5CpMxTM1mBk18O
unGKzrlMkcx5EjgnXNBtvXe58SsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT9qPBn
PENhqsYOUj0Wc6sYTT4c6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGEzNWVlYzgtNDcwZi00YWQwLTg1MmItOTAwNjA2NWJiYmIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQA0eerBMZT2hSZhgGKaiBQXvO2xLqaHy+qfPXQ2LuOl
uVPG0RlxqkxuE4yj5NPpIgAobdnyqYqAUJwCi3K0T9MTLE9H5VjWV4Fic14/LgNA
8YCyMoUI0hPT3WlHGiMVMKYSGxgQDGX5Tx8SeBdC51yMrWIj4k11WzFdHQDKwwFr
xI+gi2PeaLfsIb7FzEkOQysgOo5wS6jKmmxpOZBsduZMRy/ZyusrrjnFq3cfeHSf
tJjoVKszz+atnp1xEal7uSjptzMc77Oz1fGqlw10iSCGF/PfEwmAL8P6yv5AJhQZ
UFwhCaBCT+p8nsosjqXtfk/G2SXsRWbXJV+6NaIa8dU9
-----END CERTIFICATE-----
Generated at Thu Aug 21 18:52:02 2025 by rpki-client