Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
File: 70bc7703-020e-4153-b340-cced3a436951.roa (raw, json)
Hash identifier: mFdU1NiLlB+I/qIImqyAr3lwDZtxjzx0r4O4LN6o92Q=
Subject key identifier: F7:38:7A:37:BD:8D:B2:0B:F3:10:01:AE:FE:9A:FB:44:AA:A4:60:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 220F2E97441339155796EC079D976EE6E14368C0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
Signing time: Fri 08 Aug 2025 00:40:38 +0000
ROA not before: Fri 08 Aug 2025 00:40:38 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:0f:2e:97:44:13:39:15:57:96:ec:07:9d:97:6e:e6:e1:43:68:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:38 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=af1d39e2be5004b465bd5ae95dc75ba96dd4b13d91b61a0a5897013ca0613075, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c0:4d:54:96:65:cf:d0:59:60:e2:41:89:ef:
b2:92:18:65:ca:49:2a:08:51:14:b8:16:52:e1:c6:
33:d3:29:3d:03:44:82:ed:d9:77:ba:0a:8d:f4:e1:
f8:ec:9d:bf:c2:55:66:c0:d8:2f:a1:72:a1:78:44:
1b:ad:7c:5d:30:50:89:1a:b3:8e:4a:b4:3d:1c:0c:
ee:58:ab:d5:8c:32:b2:90:76:f1:84:b9:46:44:87:
01:9c:bc:8b:98:aa:5b:3c:e0:67:9f:8b:58:81:a3:
3f:95:ab:ef:51:b7:3e:9b:8c:17:67:5e:90:4b:fa:
e3:91:4f:88:bb:fd:2a:58:e6:ec:77:d0:51:f6:97:
54:00:b6:4d:52:7f:89:3b:0a:03:81:a7:7f:ff:d3:
92:b9:f3:53:ba:be:44:ab:7f:ab:e4:06:1c:ae:84:
40:9a:04:4f:63:fe:08:51:34:1f:b0:8a:b6:d5:d2:
46:9d:50:42:87:e2:d2:80:86:07:16:a5:fa:79:24:
6b:df:de:c5:25:42:35:4b:8d:6d:e4:48:a3:cf:1b:
61:cf:5a:76:bf:99:02:24:f1:42:af:4e:f9:c4:81:
09:f2:a0:0f:4f:45:8f:90:07:32:af:31:00:4c:e4:
08:60:9b:19:d5:96:72:dc:a4:51:a3:e8:f3:49:1b:
48:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:38:7A:37:BD:8D:B2:0B:F3:10:01:AE:FE:9A:FB:44:AA:A4:60:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:94:16:27:f3:26:97:3c:62:54:c3:3c:6e:a8:f9:5a:7f:08:
ab:82:af:d0:a8:f9:27:b5:a8:39:37:f6:f0:1c:84:c5:b9:35:
47:a3:92:af:96:2a:2b:ff:d1:b3:a5:6c:c7:de:b9:ad:3c:23:
03:f1:8e:dc:0d:87:8d:b0:bf:96:6c:90:ad:1e:94:ec:1c:a4:
7f:5f:f0:66:6e:19:a6:a4:b1:a2:f3:a3:ea:38:27:b5:bf:35:
bb:bc:a1:eb:47:3f:c2:4e:ca:b1:68:55:f4:60:72:d9:08:c4:
1d:b4:89:8f:26:50:42:e4:0c:93:66:35:94:a9:5e:fa:f9:17:
ec:bb:d6:70:c0:56:09:3c:7d:bd:cd:06:d5:46:7a:b7:b9:d2:
ec:ec:e3:55:56:c4:e3:2b:07:89:80:b1:a3:99:6d:fe:0c:4d:
f6:d2:4d:51:75:07:7c:1e:75:3a:e7:5a:f3:51:11:b4:78:00:
f5:5a:37:7f:7a:af:cc:5b:97:a8:b6:c7:29:5c:3e:97:ee:8f:
07:df:98:59:e0:f5:fb:ae:08:7c:a3:db:d8:ef:f4:b3:7b:bc:
07:cf:b5:09:01:fc:a6:4f:c6:de:60:49:9a:7d:72:32:92:e0:
f5:47:ad:64:93:f0:41:f7:be:8d:ea:00:af:a8:62:34:41:56:
88:2b:b5:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIg8ul0QTORVXluwHnZdu5uFDaMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMzhaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMWQzOWUyYmU1MDA0YjQ2NWJkNWFlOTVkYzc1YmE5NmRkNGIxM2Q5MWI2
MWEwYTU4OTcwMTNjYTA2MTMwNzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/ATVSWZc/QWWDiQYnvspIYZcpJKghRFLgWUuHGM9MpPQNEgu3Zd7oKjfTh
+Oydv8JVZsDYL6FyoXhEG618XTBQiRqzjkq0PRwM7lir1YwyspB28YS5RkSHAZy8
i5iqWzzgZ5+LWIGjP5Wr71G3PpuMF2dekEv645FPiLv9Kljm7HfQUfaXVAC2TVJ/
iTsKA4Gnf//TkrnzU7q+RKt/q+QGHK6EQJoET2P+CFE0H7CKttXSRp1QQofi0oCG
Bxal+nkka9/exSVCNUuNbeRIo88bYc9adr+ZAiTxQq9O+cSBCfKgD09Fj5AHMq8x
AEzkCGCbGdWWctykUaPo80kbSMMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3OHo3
vY2yC/MQAa7+mvtEqqRgqTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzBiYzc3MDMtMDIwZS00MTUzLWIzNDAtY2NlZDNhNDM2OTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBvlBYn8yaXPGJUwzxuqPlafwirgq/QqPkntag5N/bw
HITFuTVHo5Kvlior/9GzpWzH3rmtPCMD8Y7cDYeNsL+WbJCtHpTsHKR/X/Bmbhmm
pLGi86PqOCe1vzW7vKHrRz/CTsqxaFX0YHLZCMQdtImPJlBC5AyTZjWUqV76+Rfs
u9ZwwFYJPH29zQbVRnq3udLs7ONVVsTjKweJgLGjmW3+DE320k1RdQd8HnU651rz
URG0eAD1Wjd/eq/MW5eotscpXD6X7o8H35hZ4PX7rgh8o9vY7/Sze7wHz7UJAfym
T8beYEmafXIykuD1R61kk/BB976N6gCvqGI0QVaIK7VH
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:44:17 2025 by rpki-client