Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json)
Hash identifier: rmiSC8WRZer7lNey2Viw+A+kXfPJzh/t4zshjEhmzUE=
Subject key identifier: DD:33:87:04:E2:CB:BB:9B:FF:CD:12:2B:2E:67:A8:70:BF:BB:0C:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3844BE0F98F0B25F97737A2582D4CF3B7A165407
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
Signing time: Fri 08 Aug 2025 00:40:57 +0000
ROA not before: Fri 08 Aug 2025 00:40:57 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:44:be:0f:98:f0:b2:5f:97:73:7a:25:82:d4:cf:3b:7a:16:54:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:57 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=74c74bd5aa79a93d2137b692e8159b9cac81c5ef1165e6986a4273c9860524e0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:49:55:a2:fe:5d:de:45:17:5f:bd:c0:dc:99:
58:8d:30:08:59:f5:bb:c4:81:12:f8:42:df:44:b9:
ef:28:31:48:6f:c9:af:65:f9:95:84:ad:3f:c6:ab:
7a:bb:69:e1:a0:f8:9f:ca:96:2a:07:66:ac:43:65:
b7:90:91:3f:fe:d9:f7:8a:13:c9:dc:b9:ad:b3:93:
c5:43:f3:4e:e1:2c:cc:f9:36:18:78:38:ab:02:40:
1d:c2:67:43:2c:51:14:b1:f5:b0:f8:08:0a:88:c8:
ce:49:cc:4d:a9:2f:56:fc:c7:69:70:3a:cc:ab:e1:
7f:36:7d:96:c7:e3:bd:72:dd:2d:eb:23:c3:60:76:
f1:3f:b8:43:2e:63:eb:61:56:cb:a3:09:eb:86:0d:
97:ff:ef:4f:31:c6:c2:c2:35:9e:ea:f2:c6:8d:69:
4d:13:f6:27:0c:bf:ad:f9:20:85:b7:d5:a8:db:7d:
4c:65:de:84:f1:f9:37:93:30:db:9f:de:5a:16:96:
7e:5b:3b:b2:d9:16:60:60:e8:73:17:97:07:ca:bb:
8b:66:d8:b3:43:0c:d3:f4:4f:12:3d:ce:c0:a0:7e:
8a:6f:ec:3e:f8:14:aa:db:04:f8:71:e6:5a:bd:81:
7a:af:2b:18:e0:25:4f:7d:1a:de:e5:20:c0:8d:e3:
e4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:33:87:04:E2:CB:BB:9B:FF:CD:12:2B:2E:67:A8:70:BF:BB:0C:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
54:2a:af:d7:4c:c9:1a:c8:37:96:00:93:8d:79:7c:7f:29:ee:
a7:7e:c4:52:49:e8:4a:ab:0e:37:d5:3a:ab:1d:74:6c:f7:b0:
ee:8c:a2:51:41:93:c9:68:d2:a5:a5:d8:98:b7:01:f0:a8:01:
d2:1d:85:5e:46:8b:f5:28:d6:5a:85:eb:30:8b:0f:89:ea:b1:
2a:e5:7b:54:d3:b3:44:df:bf:08:d3:12:f0:1a:00:92:9f:95:
ba:e4:15:85:20:df:33:9a:ea:57:de:6c:0f:cd:44:17:53:af:
2c:a2:50:67:0a:1f:dd:4e:5b:79:ff:12:8e:f0:6b:02:11:d6:
e6:f4:49:84:ca:97:62:cc:d4:55:6e:7c:b0:8d:7f:ba:b8:9b:
e9:88:dd:8f:17:24:56:fb:f6:43:fd:a3:a3:d5:f9:da:15:16:
74:fc:b6:d0:79:c3:38:b7:d8:23:cc:09:03:80:9b:db:0f:45:
b6:af:6c:0a:7a:bc:02:48:a4:57:ec:dd:d1:4f:14:c6:74:fc:
b3:9e:0f:38:68:b2:6d:a3:32:e1:23:36:c7:6e:4e:4c:d6:bd:
29:9a:44:a7:32:8a:f3:93:0e:14:41:ea:df:fd:e6:c1:18:84:
81:83:af:1e:a6:0a:96:84:5c:2b:d6:43:ad:7b:c2:e7:06:dd:
59:57:43:74
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOES+D5jwsl+Xc3olgtTPO3oWVAcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwNTdaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0Yzc0YmQ1YWE3OWE5M2QyMTM3YjY5MmU4MTU5YjljYWM4MWM1ZWYxMTY1
ZTY5ODZhNDI3M2M5ODYwNTI0ZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhJVaL+Xd5FF1+9wNyZWI0wCFn1u8SBEvhC30S57ygxSG/Jr2X5lYStP8ar
ertp4aD4n8qWKgdmrENlt5CRP/7Z94oTydy5rbOTxUPzTuEszPk2GHg4qwJAHcJn
QyxRFLH1sPgICojIzknMTakvVvzHaXA6zKvhfzZ9lsfjvXLdLesjw2B28T+4Qy5j
62FWy6MJ64YNl//vTzHGwsI1nuryxo1pTRP2Jwy/rfkghbfVqNt9TGXehPH5N5Mw
25/eWhaWfls7stkWYGDocxeXB8q7i2bYs0MM0/RPEj3OwKB+im/sPvgUqtsE+HHm
Wr2Beq8rGOAlT30a3uUgwI3j5D8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTdM4cE
4su7m//NEisuZ6hwv7sM6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEAVCqv10zJGsg3lgCTjXl8fynup37EUknoSqsON9U6
qx10bPew7oyiUUGTyWjSpaXYmLcB8KgB0h2FXkaL9SjWWoXrMIsPieqxKuV7VNOz
RN+/CNMS8BoAkp+VuuQVhSDfM5rqV95sD81EF1OvLKJQZwof3U5bef8SjvBrAhHW
5vRJhMqXYszUVW58sI1/urib6YjdjxckVvv2Q/2jo9X52hUWdPy20HnDOLfYI8wJ
A4Cb2w9Ftq9sCnq8AkikV+zd0U8UxnT8s54POGiybaMy4SM2x25OTNa9KZpEpzKK
85MOFEHq3/3mwRiEgYOvHqYKloRcK9ZDrXvC5wbdWVdDdA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:30 2025 by rpki-client