Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
File: 6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa (raw, json)
Hash identifier: x1CKatT77p+GmC2C/gxtVmVjWnW9Zpr01Tn1459u5z4=
Subject key identifier: 85:8F:7D:8A:86:C4:BE:02:66:B2:49:C1:77:A1:59:FD:A6:D5:AD:AE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 459CD28552F98224EC0804CA695A82A0A90894
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
Signing time: Fri 08 Aug 2025 00:40:16 +0000
ROA not before: Fri 08 Aug 2025 00:40:16 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:9c:d2:85:52:f9:82:24:ec:08:04:ca:69:5a:82:a0:a9:08:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:16 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=280476c5bac35d875863658d493361096832274dd10f653bf3038c8d548080f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f2:e8:8e:0c:66:df:c3:03:08:ea:8b:de:69:
2a:69:7b:97:78:d0:e2:11:04:df:07:5c:b4:4b:6d:
c4:c9:ae:03:58:e5:33:3c:79:58:6d:ef:e1:56:1d:
df:9a:32:44:04:0a:bd:ea:a4:ae:70:db:43:b0:93:
7e:b0:c1:a5:02:ea:fb:57:36:e8:10:96:1f:7d:01:
0d:5b:dc:a8:25:57:e5:7b:39:09:d6:9b:c7:c7:f1:
f9:cf:35:8e:aa:d9:96:ef:f9:ee:4f:a1:98:34:bf:
81:8a:76:14:3f:5e:f9:32:a6:f1:b0:f6:1b:e6:0c:
bf:0c:46:0d:e9:0e:e2:6d:2a:cc:3d:5f:05:b9:42:
93:6e:a2:a5:b2:d4:42:d3:ca:dc:cc:17:76:f4:5e:
14:f5:1b:62:a5:a0:3f:a7:3a:2a:5c:90:2d:e1:f0:
77:6e:96:29:46:ed:cf:40:69:a2:00:87:51:99:be:
c2:0d:6f:e5:0f:59:80:a5:2d:97:16:d1:54:f4:19:
3a:40:ee:ea:b0:a3:9e:a6:4a:13:d1:56:d6:0a:2a:
9a:6d:48:1c:0a:b4:f8:8e:e4:b4:1b:2b:4e:d2:a6:
57:4f:21:30:f2:32:5d:82:02:b4:ff:3d:9d:22:17:
aa:26:1f:37:3d:d3:8c:dc:4d:cf:db:b3:2d:62:e0:
7d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8F:7D:8A:86:C4:BE:02:66:B2:49:C1:77:A1:59:FD:A6:D5:AD:AE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
84:02:ec:32:9b:af:b9:90:b3:27:20:92:4c:41:e1:3d:c0:b9:
ac:a2:ab:6f:70:29:d0:14:74:5c:de:f1:18:7b:a5:19:da:0e:
ff:91:1e:a1:5c:e2:4c:ae:7d:57:05:d9:19:7c:f4:a1:84:56:
cc:ad:c9:03:c2:90:9a:9f:3a:88:9e:27:02:20:03:5f:7b:f4:
00:76:cb:48:9a:27:c5:e4:23:ab:56:65:a9:92:4f:ea:22:4a:
08:75:25:c2:20:40:81:22:43:1a:28:ea:11:8e:5e:81:da:c7:
22:cf:dc:aa:58:fd:91:c5:64:5d:5e:1f:84:2b:3a:d7:cd:3a:
e4:4b:c6:a8:2e:ea:fe:55:e4:8b:26:58:6e:28:3c:e1:ca:a5:
de:11:60:53:d1:8b:b7:15:20:c5:bf:27:bb:0d:b4:58:4d:26:
4d:78:b1:72:5f:eb:61:da:cf:71:58:bd:46:19:96:a4:6c:d3:
d3:45:ce:1c:d4:b9:55:8d:f7:bd:6b:d5:e0:1f:16:b9:86:07:
03:0d:91:fe:ce:de:2d:42:8e:22:46:68:26:84:6b:59:e0:94:
7d:b5:be:0e:0d:32:4a:52:ac:29:1a:38:5d:6f:d6:18:5f:63:
14:56:18:37:3f:ac:0c:96:ad:4b:66:c1:8a:72:27:43:f4:d6:
c1:49:6b:f6
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgITRZzShVL5giTsCATKaVqCoKkIlDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI1MDgwODAwNDAxNloXDTI1MDkxMjIzNTk1OVowejFJMEcGA1UE
BRNAMjgwNDc2YzViYWMzNWQ4NzU4NjM2NThkNDkzMzYxMDk2ODMyMjc0ZGQxMGY2
NTNiZjMwMzhjOGQ1NDgwODBmMjEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5/Lojgxm38MDCOqL3mkqaXuXeNDiEQTfB1y0S23Eya4DWOUzPHlYbe/hVh3f
mjJEBAq96qSucNtDsJN+sMGlAur7VzboEJYffQENW9yoJVflezkJ1pvHx/H5zzWO
qtmW7/nuT6GYNL+BinYUP175MqbxsPYb5gy/DEYN6Q7ibSrMPV8FuUKTbqKlstRC
08rczBd29F4U9RtipaA/pzoqXJAt4fB3bpYpRu3PQGmiAIdRmb7CDW/lD1mApS2X
FtFU9Bk6QO7qsKOepkoT0VbWCiqabUgcCrT4juS0GytO0qZXTyEw8jJdggK0/z2d
IheqJh83PdOM3E3P27MtYuB9XwIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFIWPfYqG
xL4CZrJJwXehWf2m1a2uMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy82
MjUyZTlhMy00ZmRjLTRjNDMtYjkxYi1kZWI1OGNhMmRkN2Mucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBMy4wDQYJ
KoZIhvcNAQELBQADggEBAIQC7DKbr7mQsycgkkxB4T3Auayiq29wKdAUdFze8Rh7
pRnaDv+RHqFc4kyufVcF2Rl89KGEVsytyQPCkJqfOoieJwIgA1979AB2y0iaJ8Xk
I6tWZamST+oiSgh1JcIgQIEiQxoo6hGOXoHaxyLP3KpY/ZHFZF1eH4QrOtfNOuRL
xqgu6v5V5IsmWG4oPOHKpd4RYFPRi7cVIMW/J7sNtFhNJk14sXJf62Haz3FYvUYZ
lqRs09NFzhzUuVWN971r1eAfFrmGBwMNkf7O3i1CjiJGaCaEa1nglH21vg4NMkpS
rCkaOF1v1hhfYxRWGDc/rAyWrUtmwYpyJ0P01sFJa/Y=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:19 2025 by rpki-client