Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: 5uvbibZGO1j/kgW6/Z/fk90ltJa2BC/4ncSFjgJuEzQ=
Subject key identifier: 9B:F9:83:2B:A3:DA:E0:EE:86:95:D7:4D:13:5E:59:54:F3:45:C9:17
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 542B24D6D4877DE5FFC41501DF0D6A541FF4ADE7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Fri 08 Aug 2025 00:40:38 +0000
ROA not before: Fri 08 Aug 2025 00:40:38 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:2b:24:d6:d4:87:7d:e5:ff:c4:15:01:df:0d:6a:54:1f:f4:ad:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:38 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=264ab2a245c97e4037a69f92b752c4d9dbdb34434dd44a3c7254fb03bc228617, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:66:8e:1a:bc:b8:3e:6d:79:f4:d5:56:cc:b1:
72:88:90:5a:ab:f4:38:fd:d5:0c:92:51:35:70:1b:
ec:f6:9a:e4:ee:b8:ed:59:56:69:65:f5:70:b4:19:
82:d9:81:b9:3f:57:15:a7:ff:01:b4:ec:07:ed:fe:
50:66:b9:73:c1:9e:ae:0b:20:6c:66:b4:ef:41:3c:
a3:9a:6a:64:a4:22:ee:20:45:10:08:1c:68:9b:b2:
0b:57:10:68:3e:06:dc:df:54:21:2a:38:da:c6:10:
cb:ee:a8:23:2e:fa:53:be:6c:30:d0:43:e2:6a:34:
aa:18:5a:58:24:65:b9:db:dd:cb:3d:f7:65:5c:d2:
4b:db:0d:f6:0b:73:d3:37:da:c1:cf:01:78:a4:2e:
f5:16:53:33:31:2a:30:ae:05:f4:0c:23:f8:db:6f:
25:41:08:64:4d:06:f5:43:80:7b:2f:b2:90:34:fc:
6a:67:9a:e2:34:71:e4:e9:5b:91:f6:17:2d:b7:2c:
d0:0c:8a:f4:26:59:1d:0f:60:fd:6f:d9:65:a5:34:
c0:42:8d:ba:34:e9:a6:2e:ee:8d:66:c1:09:fd:8f:
2c:1f:c9:3d:22:12:f0:e9:0f:59:0d:22:b0:80:7e:
cb:41:f3:cb:e5:2c:91:b0:86:48:db:f9:c2:a7:bb:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F9:83:2B:A3:DA:E0:EE:86:95:D7:4D:13:5E:59:54:F3:45:C9:17
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
64:64:3c:2f:3e:cb:9f:f6:95:e3:a1:13:be:a9:7a:97:78:16:
93:33:ca:5f:0b:53:cc:ba:94:e9:1c:0d:ef:d4:74:79:0b:7e:
3e:da:2c:b8:c8:88:d4:9f:f8:ab:96:7c:f7:57:a0:73:50:6c:
62:47:11:3c:3d:44:4e:fc:bf:8c:68:1a:dd:54:4a:33:cd:17:
2d:ba:3a:6a:e5:9a:58:22:c5:b5:34:d6:33:49:70:6d:b8:14:
5d:fd:79:b6:70:18:e6:f7:21:a9:41:e2:ed:21:12:a0:6b:6e:
13:70:e2:84:90:e3:54:ea:5b:e7:c6:10:9f:59:51:3c:8e:52:
ec:54:7b:72:f5:b9:cd:ff:2f:20:87:ff:7b:49:da:44:0a:9d:
8c:a8:94:d9:da:4d:4a:00:31:71:d5:2b:fa:c2:5b:83:3f:67:
c6:6a:b0:d6:d9:6e:a5:7c:20:c9:63:af:57:d3:64:5e:c9:8d:
69:6e:4c:e1:b4:4d:d0:57:22:30:2d:d9:a8:7f:9c:3d:02:b6:
2d:17:28:26:d1:71:21:ca:74:f9:12:7d:85:2e:51:2c:93:03:
17:1f:63:57:5a:21:46:bc:cc:f6:67:c0:e4:d1:73:20:0a:fc:
4e:22:55:6a:33:bd:62:cf:a4:a1:35:5a:8f:ec:55:9f:dc:da:
98:ec:58:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVCsk1tSHfeX/xBUB3w1qVB/0recwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMzhaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2NGFiMmEyNDVjOTdlNDAzN2E2OWY5MmI3NTJjNGQ5ZGJkYjM0NDM0ZGQ0
NGEzYzcyNTRmYjAzYmMyMjg2MTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxmjhq8uD5tefTVVsyxcoiQWqv0OP3VDJJRNXAb7Paa5O647VlWaWX1cLQZ
gtmBuT9XFaf/AbTsB+3+UGa5c8GergsgbGa070E8o5pqZKQi7iBFEAgcaJuyC1cQ
aD4G3N9UISo42sYQy+6oIy76U75sMNBD4mo0qhhaWCRludvdyz33ZVzSS9sN9gtz
0zfawc8BeKQu9RZTMzEqMK4F9Awj+NtvJUEIZE0G9UOAey+ykDT8amea4jRx5Olb
kfYXLbcs0AyK9CZZHQ9g/W/ZZaU0wEKNujTppi7ujWbBCf2PLB/JPSIS8OkPWQ0i
sIB+y0Hzy+UskbCGSNv5wqe7Zr0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSb+YMr
o9rg7oaV100TXllU80XJFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBkZDwvPsuf9pXjoRO+qXqXeBaTM8pfC1PMupTpHA3v
1HR5C34+2iy4yIjUn/irlnz3V6BzUGxiRxE8PURO/L+MaBrdVEozzRctujpq5ZpY
IsW1NNYzSXBtuBRd/Xm2cBjm9yGpQeLtIRKga24TcOKEkONU6lvnxhCfWVE8jlLs
VHty9bnN/y8gh/97SdpECp2MqJTZ2k1KADFx1Sv6wluDP2fGarDW2W6lfCDJY69X
02ReyY1pbkzhtE3QVyIwLdmof5w9ArYtFygm0XEhynT5En2FLlEskwMXH2NXWiFG
vMz2Z8Dk0XMgCvxOIlVqM71iz6ShNVqP7FWf3NqY7Fhn
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:04 2025 by rpki-client