Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
File: 63e023f1-83fd-412f-8365-33afe1ac80af.roa (raw, json)
Hash identifier: SEbb3UmJ5PHHG/PJwUaNSMoay/5PknKH3JjwbQPEQTk=
Subject key identifier: 3F:4F:A0:52:84:B0:B7:55:E4:42:BC:D5:32:85:F8:CA:F9:7E:A2:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AE2C2913DA73E862D5681061872E1C5AD1B6643
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
Signing time: Tue 05 Aug 2025 20:20:11 +0000
ROA not before: Tue 05 Aug 2025 20:20:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:e2:c2:91:3d:a7:3e:86:2d:56:81:06:18:72:e1:c5:ad:1b:66:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f835226cf9ac5b3826ed5eb31e245bf3de0bf2450b36261b90f32256d2f5f2b9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6c:df:09:13:d7:2e:f7:26:aa:be:1b:a8:c7:
8a:44:f2:e2:fa:c5:d8:6b:22:a7:f2:df:a9:27:21:
55:e9:09:bf:6f:08:88:b9:09:40:26:0e:2f:27:4e:
ae:bd:c2:09:8b:60:1a:5e:6a:a5:49:d7:8c:57:9c:
c2:a9:99:63:ff:5e:9d:cf:8d:3f:f2:c3:b1:70:29:
9e:e1:19:7f:fd:d4:ee:37:fb:de:36:64:d1:e8:65:
5f:16:57:24:a8:b5:17:f5:03:b7:af:31:b2:97:2a:
3a:86:cb:ca:01:36:10:d0:36:5b:d3:9a:00:d6:4a:
36:2e:b9:f8:54:68:2e:fb:fe:13:c8:15:06:51:77:
52:ad:db:cb:9c:42:da:c8:a6:d2:d3:07:4c:97:0a:
df:bb:88:b7:4d:d4:de:a4:ab:fc:b2:54:18:87:a7:
19:65:10:96:e8:94:61:e7:5e:ae:d0:95:55:d6:d0:
44:0b:05:3a:12:a4:04:45:cd:36:9b:56:90:4d:27:
8b:7d:44:45:8b:84:21:23:a1:b9:0f:af:4c:5a:95:
99:3e:36:27:9d:8c:41:d0:02:fe:8a:fb:fe:f8:93:
55:e9:19:1d:68:24:52:1a:ab:93:f1:33:fa:c9:2b:
1e:68:52:cd:26:cc:4c:38:62:8a:85:ac:b7:55:6e:
05:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4F:A0:52:84:B0:B7:55:E4:42:BC:D5:32:85:F8:CA:F9:7E:A2:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:bd:f8:10:f1:20:68:c4:bf:1a:f4:fa:53:ac:c6:b4:0c:91:
56:4a:6d:e1:c9:73:a5:28:ee:e9:48:dd:67:ad:3b:b6:f3:c4:
eb:b3:3b:f0:2e:d6:08:b8:6f:09:87:6c:2a:1a:b0:dd:99:39:
90:9f:9b:82:13:f1:c5:de:db:fc:37:d0:9b:90:98:a8:5b:cf:
26:7a:4b:96:e8:2f:3c:6d:e3:07:59:e3:ad:06:46:60:2c:a6:
ba:3c:8e:af:51:82:2a:f2:02:0b:4f:74:c0:51:10:11:2d:a0:
34:ed:48:7d:ae:82:2f:64:9f:89:9a:b1:14:3c:a9:fa:e6:88:
57:2a:01:55:38:39:46:54:d3:6b:37:78:96:90:ae:60:e6:53:
73:57:4b:48:f4:c2:70:57:d5:35:4b:32:85:54:74:6a:18:ff:
cc:2d:77:cf:26:81:4a:e6:d7:42:e5:2f:62:aa:66:06:3c:4a:
af:10:56:62:21:db:c0:6a:06:20:e4:78:46:bb:6f:97:ca:f0:
89:95:7f:d1:68:76:1b:13:d1:74:19:66:46:ec:2d:dd:61:cf:
d1:a4:60:f0:47:eb:68:bc:46:00:57:a6:90:76:d5:34:81:ce:
aa:5d:f6:7f:59:47:05:bc:1c:a5:11:17:db:43:a5:bc:9e:71:
cc:09:7f:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWuLCkT2nPoYtVoEGGHLhxa0bZkMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4MzUyMjZjZjlhYzViMzgyNmVkNWViMzFlMjQ1YmYzZGUwYmYyNDUwYjM2
MjYxYjkwZjMyMjU2ZDJmNWYyYjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFs3wkT1y73Jqq+G6jHikTy4vrF2Gsip/LfqSchVekJv28IiLkJQCYOLydO
rr3CCYtgGl5qpUnXjFecwqmZY/9enc+NP/LDsXApnuEZf/3U7jf73jZk0ehlXxZX
JKi1F/UDt68xspcqOobLygE2ENA2W9OaANZKNi65+FRoLvv+E8gVBlF3Uq3by5xC
2sim0tMHTJcK37uIt03U3qSr/LJUGIenGWUQluiUYedertCVVdbQRAsFOhKkBEXN
NptWkE0ni31ERYuEISOhuQ+vTFqVmT42J52MQdAC/or7/viTVekZHWgkUhqrk/Ez
+skrHmhSzSbMTDhiioWst1VuBUECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ/T6BS
hLC3VeRCvNUyhfjK+X6iWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjNlMDIzZjEtODNmZC00MTJmLTgzNjUtMzNhZmUxYWM4MGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQB8vfgQ8SBoxL8a9PpTrMa0DJFWSm3hyXOlKO7pSN1n
rTu288TrszvwLtYIuG8Jh2wqGrDdmTmQn5uCE/HF3tv8N9CbkJioW88mekuW6C88
beMHWeOtBkZgLKa6PI6vUYIq8gILT3TAURARLaA07Uh9roIvZJ+JmrEUPKn65ohX
KgFVODlGVNNrN3iWkK5g5lNzV0tI9MJwV9U1SzKFVHRqGP/MLXfPJoFK5tdC5S9i
qmYGPEqvEFZiIdvAagYg5HhGu2+XyvCJlX/RaHYbE9F0GWZG7C3dYc/RpGDwR+to
vEYAV6aQdtU0gc6qXfZ/WUcFvBylERfbQ6W8nnHMCX/k
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:44:28 2025 by rpki-client