Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: nsJxftiDkESZijjHU4JejAW9yW7RBfPPaisBzULDseQ=
Subject key identifier: 98:F4:06:7B:E3:D5:8A:BE:0C:A0:74:E9:A2:62:18:14:53:0D:8F:21
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 261BA70559715584677E4D11760217A0C4D3D688
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Fri 08 Aug 2025 00:41:03 +0000
ROA not before: Fri 08 Aug 2025 00:41:03 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:1b:a7:05:59:71:55:84:67:7e:4d:11:76:02:17:a0:c4:d3:d6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:41:03 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=e603b7381afb3376fc5e422b603a4c31ee08189c3e6b59ba63ba29b7b19634cc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bf:9c:b4:ec:b1:67:59:00:76:73:30:88:7c:
5e:4b:80:e4:27:5b:b4:aa:a8:ed:94:92:5a:8d:06:
c4:ad:ed:64:25:f1:77:01:cd:ab:d5:ae:a6:bc:00:
29:09:16:f6:a3:f8:6b:3a:2d:94:99:fd:a1:ce:e5:
88:a8:64:9c:1b:0c:fb:7f:eb:76:45:f8:88:f3:13:
8d:05:66:34:e6:75:3d:3a:a7:e7:71:f3:aa:3e:71:
af:04:89:e4:bd:bf:e0:ef:d2:bc:60:83:58:0b:3c:
79:e7:55:44:b7:07:06:56:bf:03:a3:0d:37:19:6b:
77:69:13:fa:34:9f:08:24:84:ee:81:7c:48:57:6c:
ff:74:d1:d1:d4:1b:fb:59:70:f2:0a:4a:5b:46:03:
82:36:0d:cb:ec:c9:1a:48:b4:11:ff:04:3f:0c:a8:
d3:da:39:5a:2d:00:94:e8:ba:cf:58:b0:8b:b0:c4:
28:89:93:ac:79:f6:db:86:ab:74:3c:84:15:15:ee:
e1:53:2a:15:21:9a:3c:47:c7:7b:90:77:96:a1:23:
fc:92:58:06:c8:30:25:b4:0b:41:e5:b6:ef:01:ec:
7b:77:06:39:ab:09:99:e7:72:ac:25:09:28:9b:f7:
ee:d3:e9:1d:bb:36:7b:26:78:c1:b3:7e:b8:75:e9:
20:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F4:06:7B:E3:D5:8A:BE:0C:A0:74:E9:A2:62:18:14:53:0D:8F:21
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
92:4e:a5:7a:a3:80:98:59:d2:07:32:3e:92:16:62:8d:2b:c5:
8d:74:b6:4b:f6:de:19:da:77:64:75:e1:51:cc:fb:99:ea:96:
10:26:86:2e:9f:31:78:04:01:39:f1:43:3a:46:11:ee:1b:91:
7b:66:8c:1e:7a:20:2f:d9:63:f5:8e:e1:8a:cf:93:23:4e:3e:
6d:82:94:c9:17:98:66:25:0d:9c:fa:d8:fe:81:c5:15:1f:e0:
e0:20:b4:2f:be:db:84:9d:25:e5:39:5c:57:6d:a7:c2:bc:4a:
7e:05:f3:10:38:a1:2b:d9:af:5c:53:79:3a:cb:69:61:c2:08:
82:f3:75:01:83:53:5e:38:7e:32:2d:90:61:e9:a1:d9:f3:46:
12:35:25:fc:e9:52:6a:df:98:28:be:cf:31:db:f8:af:20:7c:
66:27:69:87:c0:34:24:e4:cb:61:6a:f4:e8:4e:ab:7d:35:52:
a2:e3:28:7f:89:ca:e4:aa:8e:0a:9a:0d:0c:10:67:18:28:8c:
2b:2f:f5:cc:e2:38:95:0e:82:15:c4:2b:31:f1:b7:b4:51:42:
f8:f9:60:e6:d9:17:38:72:0f:7c:bb:46:6d:ad:55:a7:b0:e6:
75:fb:a8:bc:8d:6f:78:e6:12:6b:3f:65:1a:df:9f:3f:a2:9b:
01:2c:0f:ff
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJhunBVlxVYRnfk0RdgIXoMTT1ogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQxMDNaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2MDNiNzM4MWFmYjMzNzZmYzVlNDIyYjYwM2E0YzMxZWUwODE4OWMzZTZi
NTliYTYzYmEyOWI3YjE5NjM0Y2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALy/nLTssWdZAHZzMIh8XkuA5CdbtKqo7ZSSWo0GxK3tZCXxdwHNq9WuprwA
KQkW9qP4azotlJn9oc7liKhknBsM+3/rdkX4iPMTjQVmNOZ1PTqn53Hzqj5xrwSJ
5L2/4O/SvGCDWAs8eedVRLcHBla/A6MNNxlrd2kT+jSfCCSE7oF8SFds/3TR0dQb
+1lw8gpKW0YDgjYNy+zJGki0Ef8EPwyo09o5Wi0AlOi6z1iwi7DEKImTrHn224ar
dDyEFRXu4VMqFSGaPEfHe5B3lqEj/JJYBsgwJbQLQeW27wHse3cGOasJmedyrCUJ
KJv37tPpHbs2eyZ4wbN+uHXpIE8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSY9AZ7
49WKvgygdOmiYhgUUw2PITAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEAkk6leqOAmFnSBzI+khZijSvFjXS2S/beGdp3ZHXh
Ucz7meqWECaGLp8xeAQBOfFDOkYR7huRe2aMHnogL9lj9Y7his+TI04+bYKUyReY
ZiUNnPrY/oHFFR/g4CC0L77bhJ0l5TlcV22nwrxKfgXzEDihK9mvXFN5OstpYcII
gvN1AYNTXjh+Mi2QYemh2fNGEjUl/OlSat+YKL7PMdv4ryB8Zidph8A0JOTLYWr0
6E6rfTVSouMof4nK5KqOCpoNDBBnGCiMKy/1zOI4lQ6CFcQrMfG3tFFC+Plg5tkX
OHIPfLtGba1Vp7DmdfuovI1veOYSaz9lGt+fP6KbASwP/w==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:09 2025 by rpki-client