Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: syb4uNQBCRmOoE13Q78mYgQE5rCiSVcsnyWWWMObcwc=
Subject key identifier: 1F:6C:1C:EC:EA:21:CF:AA:59:B8:48:C9:0B:FB:42:E7:D5:A1:17:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F846D2D41C1EDBE57316C9B9B8CD6F0808881E0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Mon 01 Sep 2025 21:31:20 +0000
ROA not before: Mon 01 Sep 2025 21:31:20 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:84:6d:2d:41:c1:ed:be:57:31:6c:9b:9b:8c:d6:f0:80:88:81:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:31:20 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=374fc98c87a85d3a20252ec2fab3bb1063ee8c2f47e5388ff97cc24efbc9e1a3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:62:fa:14:1d:36:bf:ea:0a:1f:4e:df:dc:3a:
8d:6a:ac:cb:7a:ca:19:69:04:13:85:93:20:74:03:
ab:e6:23:cf:cd:16:50:23:83:fe:72:e9:c2:18:b6:
f5:f5:97:bc:53:79:09:04:72:c0:e1:01:66:af:d8:
b0:cf:cf:a8:b8:f5:d7:09:6a:c4:40:4e:6f:b7:4a:
68:34:10:3f:e2:b0:7c:0f:c0:0b:53:d2:74:32:43:
d8:89:73:72:2c:cb:e8:a6:b9:95:9b:b4:35:71:8e:
04:4f:fb:e8:bc:fa:a9:d3:1c:b5:af:e6:88:c5:22:
fe:79:ef:54:dc:06:4a:4e:b6:d0:f1:fa:0e:c3:c6:
61:f0:5a:95:2c:ee:2f:94:dd:62:f7:ec:cc:9e:ed:
e0:55:aa:47:ce:d9:fa:fc:96:51:ba:ba:36:d2:de:
b9:25:cc:ad:db:5f:01:06:de:50:3c:e5:3e:87:fb:
05:63:cf:a1:22:7f:e6:a3:e5:a2:cc:ab:f4:11:97:
2c:65:23:50:d0:7b:4e:1a:33:9b:a3:c6:56:c1:5a:
7d:f3:e7:4d:e2:10:42:04:0e:a1:50:cc:bb:16:cf:
d4:da:97:ff:0f:21:72:ba:1e:db:42:5a:a5:db:91:
4c:cb:84:e9:80:12:b6:36:11:f5:83:38:66:60:d6:
69:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6C:1C:EC:EA:21:CF:AA:59:B8:48:C9:0B:FB:42:E7:D5:A1:17:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:6c:3f:5b:65:35:f6:3b:ac:f9:a8:15:5b:e4:d3:5c:ae:7b:
48:5b:44:82:7d:9d:7c:d1:de:4f:39:46:93:7f:03:7e:91:84:
4b:eb:90:d9:97:6a:f3:5e:94:20:93:ae:3b:7c:dd:e3:3e:48:
eb:f2:48:aa:42:8c:a5:03:90:ab:9c:f4:58:a9:df:86:b7:d8:
85:61:01:60:5d:5e:8a:65:83:71:92:6b:e0:bb:b1:d3:af:ab:
12:84:7a:28:05:e6:68:74:16:8b:d8:86:76:0d:d5:0b:03:6a:
9c:4d:e9:02:f1:cb:f3:5f:06:e4:0d:8d:de:32:6d:52:70:0f:
39:9a:b2:dd:db:fe:01:25:35:27:db:a0:b2:fa:8a:31:ac:c9:
0d:68:30:02:88:f3:48:c1:81:96:b7:13:70:27:79:dd:25:6e:
72:9e:87:fd:16:da:ba:74:a8:b0:7b:6b:e5:b4:74:4b:c0:f2:
5f:ff:8f:6d:3f:76:c1:fd:6d:4e:bb:bd:32:90:31:97:07:d6:
0e:98:8e:8d:60:28:33:d1:51:c3:16:b6:02:93:a8:3a:f5:25:
22:ef:8e:3d:38:2b:22:14:89:ca:e3:7e:79:8f:88:d6:65:2c:
20:52:6e:ad:bd:50:3f:55:c4:01:05:51:5c:91:29:b6:06:4d:
21:bf:0d:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD4RtLUHB7b5XMWybm4zW8ICIgeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMxMjBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3NGZjOThjODdhODVkM2EyMDI1MmVjMmZhYjNiYjEwNjNlZThjMmY0N2U1
Mzg4ZmY5N2NjMjRlZmJjOWUxYTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBi+hQdNr/qCh9O39w6jWqsy3rKGWkEE4WTIHQDq+Yjz80WUCOD/nLpwhi2
9fWXvFN5CQRywOEBZq/YsM/PqLj11wlqxEBOb7dKaDQQP+KwfA/AC1PSdDJD2Ilz
cizL6Ka5lZu0NXGOBE/76Lz6qdMcta/miMUi/nnvVNwGSk620PH6DsPGYfBalSzu
L5TdYvfszJ7t4FWqR87Z+vyWUbq6NtLeuSXMrdtfAQbeUDzlPof7BWPPoSJ/5qPl
osyr9BGXLGUjUNB7Thozm6PGVsFaffPnTeIQQgQOoVDMuxbP1NqX/w8hcroe20Ja
pduRTMuE6YAStjYR9YM4ZmDWacsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQfbBzs
6iHPqlm4SMkL+0Ln1aEXyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQCmbD9bZTX2O6z5qBVb5NNcrntIW0SCfZ180d5POUaT
fwN+kYRL65DZl2rzXpQgk647fN3jPkjr8kiqQoylA5CrnPRYqd+Gt9iFYQFgXV6K
ZYNxkmvgu7HTr6sShHooBeZodBaL2IZ2DdULA2qcTekC8cvzXwbkDY3eMm1ScA85
mrLd2/4BJTUn26Cy+ooxrMkNaDACiPNIwYGWtxNwJ3ndJW5ynof9Ftq6dKiwe2vl
tHRLwPJf/49tP3bB/W1Ou70ykDGXB9YOmI6NYCgz0VHDFrYCk6g69SUi7449OCsi
FInK4355j4jWZSwgUm6tvVA/VcQBBVFckSm2Bk0hvw3t
-----END CERTIFICATE-----
Generated at Thu Sep 18 01:19:03 2025 by rpki-client