Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa
File: 7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa (raw, json)
Hash identifier: UGIchsXPn257V0SkoPXWY/y8FVEweOEyYcX+MTsoaQo=
Subject key identifier: 19:C2:77:29:60:82:BB:AB:73:AA:6E:50:F7:41:69:A5:76:4B:52:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7ED8D58166D59416E204C318B93AAAF80332C212
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa
Signing time: Fri 08 Aug 2025 00:40:33 +0000
ROA not before: Fri 08 Aug 2025 00:40:33 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:d8:d5:81:66:d5:94:16:e2:04:c3:18:b9:3a:aa:f8:03:32:c2:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:33 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=12d9a085eb390005e0e5871e4715c17e6486109649628b281e0bbe4411f11817, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:63:db:4b:ef:a2:e7:24:08:2e:53:5c:a8:65:
46:b5:84:fe:8d:4b:34:40:43:21:bc:c2:eb:3b:7a:
3f:31:2b:3c:e7:6b:06:d0:7e:30:ee:fe:3a:cf:52:
30:8f:56:8a:a3:d3:a1:7e:3e:b4:76:6a:c4:be:b3:
35:9d:62:7b:8b:1e:40:ea:ba:44:76:b1:90:7d:47:
c8:f0:1d:3d:0f:8e:22:54:4d:b6:c5:39:da:e7:2e:
76:4e:b7:f6:2e:fb:bb:3c:e8:0e:83:df:05:d4:14:
29:88:8c:47:f9:f6:bd:6a:f8:04:fc:ea:2a:c8:9c:
93:18:63:a9:58:55:53:bd:bb:62:a0:6d:c2:e5:b0:
09:41:66:3a:59:ba:1c:6d:fe:81:f4:6f:c8:7b:ed:
6b:ff:a1:fb:41:81:d8:e0:ba:7b:fb:13:27:b0:94:
86:f2:11:a3:d6:d1:c8:90:0d:33:1f:12:e7:23:58:
43:13:9f:15:7d:59:74:b9:76:3d:0a:79:65:27:a3:
0c:40:35:5d:8d:32:0e:1f:cb:d2:cb:14:4c:38:fc:
d1:fa:f2:f2:8d:cc:42:74:f2:4b:c3:f8:1e:69:12:
a2:60:e6:c9:36:60:af:37:bf:23:94:ff:17:d7:35:
98:8e:b5:08:33:23:c6:ea:ea:e0:c4:a8:90:90:62:
3d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C2:77:29:60:82:BB:AB:73:AA:6E:50:F7:41:69:A5:76:4B:52:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:f5:e9:c6:43:66:0c:6d:51:02:1f:40:1f:94:55:21:e2:21:
21:c0:4f:a4:0f:a9:93:e5:b3:ea:f1:90:8a:33:8c:e9:bf:2f:
17:1c:55:18:81:36:8c:93:e7:d8:51:60:e8:02:2f:21:28:79:
e8:8b:70:10:46:77:92:c9:39:b1:41:a7:58:cd:ed:eb:99:7c:
c7:e5:47:3d:17:cc:9f:b2:b8:67:46:59:c1:9e:15:dd:b3:d1:
f0:13:3e:24:47:cb:4c:14:60:7f:c6:e1:da:f5:d2:48:0c:68:
cf:be:ae:f5:1f:b8:59:af:d0:71:cc:cd:ff:9e:7c:b1:cb:5b:
8d:11:55:58:62:0a:0e:7b:9e:b9:46:22:75:2d:58:bb:41:e1:
77:12:92:6c:40:87:38:1c:0a:85:b5:25:d8:6d:cd:1a:43:59:
76:5d:15:d9:f6:d9:f4:eb:9c:27:fe:53:dc:8e:9f:64:db:32:
9d:86:cc:32:00:1b:5e:64:03:b5:35:db:02:45:16:f4:01:77:
84:43:55:51:bf:d5:ab:ac:39:6c:77:9a:24:24:78:2d:97:3b:
38:8d:3e:e0:08:91:a6:a8:07:7a:4c:0d:79:5f:20:00:40:ed:
63:f6:81:87:cb:dd:16:b2:2c:5e:b0:6c:f0:89:f2:c0:a9:1d:
03:24:c8:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUftjVgWbVlBbiBMMYuTqq+AMywhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMzNaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyZDlhMDg1ZWIzOTAwMDVlMGU1ODcxZTQ3MTVjMTdlNjQ4NjEwOTY0OTYy
OGIyODFlMGJiZTQ0MTFmMTE4MTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9j20vvouckCC5TXKhlRrWE/o1LNEBDIbzC6zt6PzErPOdrBtB+MO7+Os9S
MI9WiqPToX4+tHZqxL6zNZ1ie4seQOq6RHaxkH1HyPAdPQ+OIlRNtsU52ucudk63
9i77uzzoDoPfBdQUKYiMR/n2vWr4BPzqKsickxhjqVhVU727YqBtwuWwCUFmOlm6
HG3+gfRvyHvta/+h+0GB2OC6e/sTJ7CUhvIRo9bRyJANMx8S5yNYQxOfFX1ZdLl2
PQp5ZSejDEA1XY0yDh/L0ssUTDj80fry8o3MQnTyS8P4HmkSomDmyTZgrze/I5T/
F9c1mI61CDMjxurq4MSokJBiPVUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQZwncp
YIK7q3OqblD3QWmldktS4DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y3MTk1ZmQtYmY5NS00YjNhLTgxYjEtOTA4YTg5YjhiNGIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQAe9enGQ2YMbVECH0AflFUh4iEhwE+kD6mT5bPq8ZCK
M4zpvy8XHFUYgTaMk+fYUWDoAi8hKHnoi3AQRneSyTmxQadYze3rmXzH5Uc9F8yf
srhnRlnBnhXds9HwEz4kR8tMFGB/xuHa9dJIDGjPvq71H7hZr9BxzM3/nnyxy1uN
EVVYYgoOe565RiJ1LVi7QeF3EpJsQIc4HAqFtSXYbc0aQ1l2XRXZ9tn065wn/lPc
jp9k2zKdhswyABteZAO1NdsCRRb0AXeEQ1VRv9WrrDlsd5okJHgtlzs4jT7gCJGm
qAd6TA15XyAAQO1j9oGHy90WsixesGzwifLAqR0DJMhm
-----END CERTIFICATE-----
Generated at Thu Aug 21 18:52:01 2025 by rpki-client