Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa
File: 4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa (raw, json)
Hash identifier: lVuSi9xxljeBN612u5b4b7730uPku+EHdFrFR4FKDwU=
Subject key identifier: 25:BD:9E:EB:BD:94:A6:35:7E:F7:43:D6:AC:2C:DA:0A:EA:B8:54:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 12098857AAFF7A70AC1B61DE16E7E06AA0226DD3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa
Signing time: Wed 06 Aug 2025 07:36:50 +0000
ROA not before: Wed 06 Aug 2025 07:36:50 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:09:88:57:aa:ff:7a:70:ac:1b:61:de:16:e7:e0:6a:a0:22:6d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 6 07:36:50 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=9f0557ba484c030b450243439c299a88d8f0a2504b7b0113603960fa826f3ea4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cf:78:46:32:a6:84:de:0a:e4:c0:00:a2:c5:
a2:81:40:36:42:e9:69:63:2c:64:83:b3:eb:2f:0c:
c1:30:b1:97:2e:a0:bb:23:76:34:e8:6b:9c:fc:e3:
32:8a:a2:55:6a:ad:d6:18:1d:f1:33:49:69:69:ad:
05:a1:52:b0:0a:e5:57:0e:dc:7b:83:e2:da:30:a1:
b2:fc:89:d0:b1:f1:cd:87:f3:9f:b5:44:74:08:6a:
22:86:60:e0:9a:55:b2:33:95:cb:35:2e:63:b7:d9:
9a:a2:66:7a:c5:56:69:2d:89:84:c8:01:c7:3a:ae:
60:05:d3:35:6e:af:f1:1c:4c:b7:96:4e:07:b4:a3:
94:13:3e:2b:52:c7:c2:b3:0d:18:e3:a4:fb:6a:db:
2d:fc:7b:23:44:77:45:87:8a:ff:c7:7d:7f:b1:c2:
0c:75:4a:ed:e7:83:40:03:7e:79:f1:46:3e:9c:75:
96:47:60:da:53:b4:2e:45:0a:ad:b4:ea:f0:75:f5:
89:8f:31:fc:73:a8:fa:df:9c:77:60:7c:6e:e4:f3:
6f:eb:0e:fd:df:84:ec:c6:76:d5:51:04:0c:f8:f6:
7d:6b:92:05:59:ba:a6:88:56:25:83:16:ed:ed:f0:
60:58:09:67:2b:69:e9:7b:68:66:5e:ee:a6:78:59:
91:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BD:9E:EB:BD:94:A6:35:7E:F7:43:D6:AC:2C:DA:0A:EA:B8:54:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
91:da:09:5e:8e:89:f7:c7:b4:42:38:7c:ca:cf:1c:97:38:69:
61:64:0e:00:05:71:4d:87:64:2c:95:48:b2:f4:ff:88:61:36:
d7:8c:9f:92:44:d7:d6:59:cb:da:ae:c4:96:13:36:13:f9:6f:
ef:01:6d:7c:e9:67:d1:54:59:88:b3:0f:aa:3e:dd:9d:f0:20:
f9:57:33:4b:0a:0e:94:b3:f2:7f:47:bd:23:c2:22:f1:ee:f4:
87:30:21:f2:09:4c:f1:15:d7:d0:71:a7:17:d0:80:4b:04:26:
ea:e5:e3:ae:4c:3a:1a:94:b9:34:1e:bd:de:65:77:83:87:12:
38:60:a2:53:ab:42:13:ab:de:ed:2c:e0:93:f3:72:31:28:c2:
59:36:71:49:a5:30:9f:82:bc:b0:86:fd:dc:6b:ae:79:c9:2d:
59:d4:ad:68:70:1e:3c:b1:13:75:52:d6:de:4f:40:eb:4b:cf:
9f:71:df:38:69:59:ec:38:52:68:4d:fa:a1:2f:f9:53:31:23:
48:12:63:93:64:ef:12:94:39:33:07:57:76:0a:92:ea:65:41:
66:f6:e2:23:b7:cc:2f:06:bb:c7:4b:18:43:f2:2d:62:ef:af:
dc:3f:7b:6a:8c:d4:0c:8c:35:e1:d7:70:b1:f1:fc:94:dd:42:
30:78:97:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEgmIV6r/enCsG2HeFufgaqAibdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDYwNzM2NTBaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMDU1N2JhNDg0YzAzMGI0NTAyNDM0MzljMjk5YTg4ZDhmMGEyNTA0Yjdi
MDExMzYwMzk2MGZhODI2ZjNlYTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfPeEYypoTeCuTAAKLFooFANkLpaWMsZIOz6y8MwTCxly6guyN2NOhrnPzj
MoqiVWqt1hgd8TNJaWmtBaFSsArlVw7ce4Pi2jChsvyJ0LHxzYfzn7VEdAhqIoZg
4JpVsjOVyzUuY7fZmqJmesVWaS2JhMgBxzquYAXTNW6v8RxMt5ZOB7SjlBM+K1LH
wrMNGOOk+2rbLfx7I0R3RYeK/8d9f7HCDHVK7eeDQAN+efFGPpx1lkdg2lO0LkUK
rbTq8HX1iY8x/HOo+t+cd2B8buTzb+sO/d+E7MZ21VEEDPj2fWuSBVm6pohWJYMW
7e3wYFgJZytp6XtoZl7upnhZkSUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQlvZ7r
vZSmNX73Q9asLNoK6rhUgjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGVhYWY5YWEtYmJjNC00MmE1LTllYWQtNzE2NGU3OTUzYWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQCR2glejon3x7RCOHzKzxyXOGlhZA4ABXFNh2QslUiy
9P+IYTbXjJ+SRNfWWcvarsSWEzYT+W/vAW186WfRVFmIsw+qPt2d8CD5VzNLCg6U
s/J/R70jwiLx7vSHMCHyCUzxFdfQcacX0IBLBCbq5eOuTDoalLk0Hr3eZXeDhxI4
YKJTq0ITq97tLOCT83IxKMJZNnFJpTCfgrywhv3ca655yS1Z1K1ocB48sRN1Utbe
T0DrS8+fcd84aVnsOFJoTfqhL/lTMSNIEmOTZO8SlDkzB1d2CpLqZUFm9uIjt8wv
BrvHSxhD8i1i76/cP3tqjNQMjDXh13Cx8fyU3UIweJeF
-----END CERTIFICATE-----
Generated at Thu Aug 21 18:51:58 2025 by rpki-client