Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
File: 60c12693-1526-46ae-aa45-d5276a0c0f79.roa (raw, json)
Hash identifier: 7TTxR/sWxpMlNL0R+i2737BrDnO6PXTEoBrmxViSjCM=
Subject key identifier: 61:B9:55:FA:D6:51:10:AA:DF:47:EF:01:55:CA:C1:72:4A:BC:5D:03
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6040E2BC4E3760CC25ED6DAFC6CBEB62F929B485
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
Signing time: Fri 08 Aug 2025 00:40:21 +0000
ROA not before: Fri 08 Aug 2025 00:40:21 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.86.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:40:e2:bc:4e:37:60:cc:25:ed:6d:af:c6:cb:eb:62:f9:29:b4:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:21 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=4feda92d2b3783889102d8ecb0f5d8356e84b812be7d942ddf56d5c6ffd1277d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:50:6b:e5:7b:1a:4f:8b:60:48:ae:59:a0:
15:1a:e9:75:ea:4d:e3:56:d4:68:ff:2f:b0:e5:7c:
00:b4:0d:b3:16:40:ae:ea:04:f1:d0:d8:3c:fd:93:
6c:a7:a3:e7:b3:32:2e:9d:d2:4b:ea:fb:77:fd:41:
ed:63:76:5d:50:77:4f:e2:f6:86:9f:52:8e:41:a0:
45:14:bf:c2:e0:2b:43:97:fb:f3:39:c1:33:ee:24:
d7:cc:e4:32:81:2b:a5:25:f9:ac:c2:9a:1a:09:3a:
da:ed:6a:11:3a:0b:4e:ab:6e:b8:54:2a:8e:bd:85:
88:a9:50:66:8c:52:f8:70:e0:3d:8c:da:27:9d:74:
4b:38:d4:7b:44:a6:62:6c:fe:72:38:d9:35:af:b6:
27:14:52:0c:9a:74:74:da:08:04:7d:12:bf:55:be:
c2:9e:a0:d3:82:70:10:59:b1:10:f4:84:f4:26:9c:
2d:3b:c7:86:51:bc:5f:f9:a7:17:69:b9:96:00:e9:
17:2d:c0:b8:77:38:94:55:94:06:f2:6e:1d:1d:18:
71:93:74:99:08:17:23:12:c2:4e:f1:59:80:72:74:
af:c3:aa:64:6d:2c:77:be:44:28:f7:59:1e:a4:27:
a0:d9:36:1d:2d:cd:e9:b9:5f:3e:9b:51:0e:4a:46:
fc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B9:55:FA:D6:51:10:AA:DF:47:EF:01:55:CA:C1:72:4A:BC:5D:03
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.86.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9d:be:c7:5a:11:c9:2b:61:e8:41:37:36:56:53:c7:07:fd:85:
5a:15:30:e2:33:3e:2a:67:81:4a:9e:47:4b:6c:26:08:af:77:
cc:b3:03:86:07:06:8c:85:5b:01:73:5b:2e:be:76:f8:82:19:
eb:9c:8d:0c:58:7d:d3:ab:e5:c5:46:72:00:13:b9:84:9b:d2:
db:65:25:bd:4a:b6:3b:9d:4b:5e:2f:6b:12:b3:85:1b:cd:32:
ff:2c:91:d8:a4:71:47:a1:c3:c0:24:83:c1:5e:59:e1:e4:09:
5c:f4:8b:dc:30:48:8a:b2:dd:b5:c0:e9:56:7d:8f:d1:79:6a:
da:b0:0e:50:6e:5c:1a:f1:69:7d:4c:6f:41:b8:23:22:b6:64:
70:1e:ae:1c:38:98:c1:c3:5b:81:ec:a1:76:f0:a7:23:b0:2d:
54:9d:78:1f:28:eb:8d:75:fb:a2:31:dd:63:cd:92:21:ad:5b:
5b:1d:c2:f6:a3:83:99:27:d4:2b:c8:82:ad:11:7a:c5:69:81:
20:61:49:24:87:fa:8e:7a:0d:a5:61:cd:05:5f:1d:a7:a5:8e:
e1:26:c4:fb:54:1d:1a:3c:6d:3d:a1:d8:39:b6:59:89:74:2e:
29:e5:ff:c7:d6:0e:b9:02:4e:bf:f2:0a:6c:7a:51:7e:04:ad:
fd:69:ee:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYEDivE43YMwl7W2vxsvrYvkptIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMjFaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmZWRhOTJkMmIzNzgzODg5MTAyZDhlY2IwZjVkODM1NmU4NGI4MTJiZTdk
OTQyZGRmNTZkNWM2ZmZkMTI3N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXPUGvlexpPi2BIrlmgFRrpdepN41bUaP8vsOV8ALQNsxZAruoE8dDYPP2T
bKej57MyLp3SS+r7d/1B7WN2XVB3T+L2hp9SjkGgRRS/wuArQ5f78znBM+4k18zk
MoErpSX5rMKaGgk62u1qEToLTqtuuFQqjr2FiKlQZoxS+HDgPYzaJ510SzjUe0Sm
Ymz+cjjZNa+2JxRSDJp0dNoIBH0Sv1W+wp6g04JwEFmxEPSE9CacLTvHhlG8X/mn
F2m5lgDpFy3AuHc4lFWUBvJuHR0YcZN0mQgXIxLCTvFZgHJ0r8OqZG0sd75EKPdZ
HqQnoNk2HS3N6blfPptRDkpG/NMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhuVX6
1lEQqt9H7wFVysFySrxdAzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjMTI2OTMtMTUyNi00NmFlLWFhNDUtZDUyNzZhMGMwZjc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G
CSqGSIb3DQEBCwUAA4IBAQCdvsdaEckrYehBNzZWU8cH/YVaFTDiMz4qZ4FKnkdL
bCYIr3fMswOGBwaMhVsBc1suvnb4ghnrnI0MWH3Tq+XFRnIAE7mEm9LbZSW9SrY7
nUteL2sSs4UbzTL/LJHYpHFHocPAJIPBXlnh5Alc9IvcMEiKst21wOlWfY/ReWra
sA5Qblwa8Wl9TG9BuCMitmRwHq4cOJjBw1uB7KF28KcjsC1UnXgfKOuNdfuiMd1j
zZIhrVtbHcL2o4OZJ9QryIKtEXrFaYEgYUkkh/qOeg2lYc0FXx2npY7hJsT7VB0a
PG09odg5tlmJdC4p5f/H1g65Ak6/8gpselF+BK39ae47
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:43 2025 by rpki-client