Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
File: 67568c6a-cd1a-4586-a397-580b374dbdb0.roa (raw, json)
Hash identifier: TLNd3WJAaen7v+v703okeHAFEllyo80ZyamwTAyBiUE=
Subject key identifier: 88:20:67:B8:60:3E:4C:B0:4A:B7:0C:99:CD:84:FB:3A:60:3E:9C:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C402B594950D63AD4B4D171A08ACEE97B722AC2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
Signing time: Mon 01 Sep 2025 21:40:15 +0000
ROA not before: Mon 01 Sep 2025 21:40:15 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 19:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:40:2b:59:49:50:d6:3a:d4:b4:d1:71:a0:8a:ce:e9:7b:72:2a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:40:15 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=798648439af0b81217f48af32dd714b2b9ceee32ca1e4d7de229b468cb1b8620, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:d5:5c:67:da:24:77:5e:8d:06:b2:a8:b9:
b7:6a:59:3e:69:41:4c:2d:b9:3a:1e:3d:77:89:43:
e9:40:75:2c:7e:3e:56:3c:9b:99:87:bc:58:fb:e7:
ac:50:04:f5:94:98:b8:78:60:05:08:d6:1c:67:83:
cb:bc:5b:8f:f0:87:24:9c:dd:14:93:ae:45:c0:82:
35:9a:33:19:e6:22:e6:14:f4:02:08:d0:a0:1c:03:
97:e2:e9:0f:c5:a9:5c:43:5e:23:6f:a1:bc:4b:d5:
98:67:ab:12:a7:a3:ea:fb:91:d9:a3:7b:b5:f9:58:
f3:63:49:1b:ff:e1:f5:7d:11:09:7a:11:f2:bd:0f:
b1:8b:b8:69:fa:15:bd:0c:67:0f:ca:e1:5a:29:69:
84:c8:5e:e4:1c:87:93:a2:c1:c7:df:75:cd:91:8a:
66:42:4e:bc:15:54:df:14:67:3a:f7:c3:84:5d:be:
ab:58:0e:4e:1b:a7:d2:7e:c3:1a:4f:e7:9a:09:42:
c0:7e:6a:a2:1e:3a:e6:40:1d:7e:38:ec:b1:29:59:
10:d5:2f:74:32:09:7e:28:b7:ef:c2:52:8e:cc:6b:
f6:cd:17:39:13:55:13:4f:1c:86:f6:0d:f5:50:22:
bc:d2:a4:54:ce:d7:c6:36:eb:a8:78:4a:88:a3:54:
e3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:20:67:B8:60:3E:4C:B0:4A:B7:0C:99:CD:84:FB:3A:60:3E:9C:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:19:46:5c:92:c5:06:d7:5a:47:46:ca:b0:f3:e3:f4:a9:5c:
d7:bc:9d:f2:77:8a:ff:c7:3f:52:d9:44:3d:ed:8f:3c:4a:41:
9c:4b:4c:96:a0:9c:42:9d:2e:8d:e3:25:cf:23:7b:6e:22:a0:
25:09:de:ed:7b:16:52:c5:b3:a0:0d:06:b1:80:a5:35:ff:69:
39:7d:4e:bb:41:eb:ec:ce:50:dc:31:1b:72:f5:09:00:c3:08:
59:44:7f:98:8a:eb:55:e7:93:a1:48:c3:39:d3:3d:8b:04:d8:
8a:d3:a4:41:3b:19:92:82:e8:99:af:f6:f5:b6:1e:4f:7a:b9:
cd:8c:67:31:fe:5f:bb:88:dc:3e:f0:77:b9:2c:f0:64:5a:b8:
4f:4d:26:d6:72:c7:e5:bd:39:30:e8:91:57:79:c5:b4:4e:a3:
4a:ff:10:12:9f:f0:d7:07:7f:13:ee:80:ce:24:d2:3c:a4:e6:
a8:80:66:5e:47:31:d0:55:a7:7d:2f:ab:9c:dc:68:33:95:e5:
44:5a:84:29:7c:39:bb:10:45:41:37:fc:18:bf:c0:b9:07:2c:
cb:bf:96:26:62:54:f2:ff:b2:75:72:08:6b:f5:44:18:43:99:
63:e8:54:09:a7:c0:3d:ad:3a:bf:1a:ed:44:11:5c:83:c9:32:
28:78:cc:98
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbEArWUlQ1jrUtNFxoIrO6XtyKsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTQwMTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5ODY0ODQzOWFmMGI4MTIxN2Y0OGFmMzJkZDcxNGIyYjljZWVlMzJjYTFl
NGQ3ZGUyMjliNDY4Y2IxYjg2MjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgg1Vxn2iR3Xo0Gsqi5t2pZPmlBTC25Oh49d4lD6UB1LH4+VjybmYe8WPvn
rFAE9ZSYuHhgBQjWHGeDy7xbj/CHJJzdFJOuRcCCNZozGeYi5hT0AgjQoBwDl+Lp
D8WpXENeI2+hvEvVmGerEqej6vuR2aN7tflY82NJG//h9X0RCXoR8r0PsYu4afoV
vQxnD8rhWilphMhe5ByHk6LBx991zZGKZkJOvBVU3xRnOvfDhF2+q1gOThun0n7D
Gk/nmglCwH5qoh465kAdfjjssSlZENUvdDIJfii378JSjsxr9s0XORNVE08chvYN
9VAivNKkVM7XxjbrqHhKiKNU44ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIIGe4
YD5MsEq3DJnNhPs6YD6cdDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc1NjhjNmEtY2QxYS00NTg2LWEzOTctNTgwYjM3NGRiZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQBfGUZcksUG11pHRsqw8+P0qVzXvJ3yd4r/xz9S2UQ9
7Y88SkGcS0yWoJxCnS6N4yXPI3tuIqAlCd7texZSxbOgDQaxgKU1/2k5fU67Qevs
zlDcMRty9QkAwwhZRH+YiutV55OhSMM50z2LBNiK06RBOxmSguiZr/b1th5PernN
jGcx/l+7iNw+8He5LPBkWrhPTSbWcsflvTkw6JFXecW0TqNK/xASn/DXB38T7oDO
JNI8pOaogGZeRzHQVad9L6uc3GgzleVEWoQpfDm7EEVBN/wYv8C5ByzLv5YmYlTy
/7J1cghr9UQYQ5lj6FQJp8A9rTq/Gu1EEVyDyTIoeMyY
-----END CERTIFICATE-----
Generated at Fri Sep 19 00:19:48 2025 by rpki-client