Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: EO3wOTwXlWXvOEH8tcIcHU+VB+lpvrAN1Y6YaF15Vuk=
Subject key identifier: 25:E6:38:13:66:5A:E5:29:C9:E8:D8:F2:E8:29:40:D5:B2:E6:AF:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F4D170F6CBCA576EB30B6A1826B439CA2C4E965
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Mon 01 Sep 2025 21:40:01 +0000
ROA not before: Mon 01 Sep 2025 21:40:01 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:4d:17:0f:6c:bc:a5:76:eb:30:b6:a1:82:6b:43:9c:a2:c4:e9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:40:01 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=122f00e97747ef5ef2dd552f9f29c387d36085a87c98d1a74446ccb18858a9b9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7b:f8:4d:c6:c7:95:26:04:ec:4b:02:5f:fd:
b5:95:ba:45:49:7f:73:45:6c:96:c3:62:0e:79:3a:
6a:4a:2e:6e:52:cd:e6:9f:21:b8:e6:69:0d:ba:0f:
1c:a0:0f:1e:62:1f:46:6c:ea:85:4d:bf:2b:ec:e6:
4d:26:ba:e1:71:af:02:a8:e1:ef:a8:68:e4:dd:75:
61:d2:3d:10:4f:2c:35:0f:9b:7c:b1:2f:f0:50:64:
d3:0d:fa:83:73:83:e6:30:23:a4:27:f4:82:d8:95:
78:d9:71:fc:21:27:a1:66:b9:fc:49:d9:c1:86:f6:
eb:61:fe:99:6a:14:3c:52:6f:8f:da:28:08:b9:43:
3b:50:85:c5:a3:97:8e:6e:b7:00:db:29:c2:aa:77:
0f:7c:4e:aa:75:c6:f0:f1:c4:c9:bf:07:10:77:96:
fd:f7:83:fe:a6:46:c5:14:45:8a:e4:ea:9d:0c:54:
b1:54:74:55:07:fe:28:2a:c6:c4:17:31:99:14:d0:
11:df:4a:cc:cc:c5:0e:0f:43:f8:7b:4d:db:75:ee:
e8:dc:ce:3b:68:f2:39:ff:01:c3:ca:32:9a:b7:6f:
72:fd:41:09:4d:d9:31:59:af:29:e2:f3:f3:e4:67:
26:cb:b9:26:d0:9e:94:30:5c:f8:dc:12:23:a9:ef:
dd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E6:38:13:66:5A:E5:29:C9:E8:D8:F2:E8:29:40:D5:B2:E6:AF:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
86:93:4e:56:c3:4a:6a:03:c2:40:17:b5:d5:34:4e:6e:9d:61:
e5:ea:26:4f:29:d7:27:6f:a9:b3:51:44:90:13:00:b8:ed:38:
d8:f5:80:16:f6:17:64:ea:10:5e:9a:eb:71:fe:57:c6:47:9c:
fd:38:6c:e2:2c:37:36:6f:ce:b5:29:3e:95:f8:b8:8c:b0:e2:
c3:81:36:4c:9d:f0:33:18:84:0f:c1:d0:89:35:45:87:09:79:
a2:0a:a1:d4:1e:e8:96:1e:b6:f7:5c:96:a0:1e:4d:ac:9f:58:
8f:3e:60:a0:4b:be:2a:71:77:76:ec:f2:4d:17:b3:1f:53:cd:
4a:22:09:ef:bd:8d:b2:e5:d3:46:91:fb:70:3b:b8:f6:f9:30:
a5:ce:6b:97:b9:9b:93:1e:ca:ea:00:50:2e:e3:66:02:02:61:
0b:3c:4f:03:0d:cf:87:db:2a:fc:b2:04:20:d7:43:d0:ac:1f:
38:7b:a2:ab:5c:1f:a6:7a:c5:15:cc:94:4c:37:8e:b1:2d:ae:
9d:a7:68:9e:c6:5a:6b:42:fe:00:90:f2:c2:67:40:5a:04:04:
c7:33:79:c0:bd:4b:4c:30:b1:2f:4a:a8:7d:93:ad:d1:cd:74:
87:53:a3:7f:6a:9e:14:75:f4:72:3e:6a:d3:bd:42:20:67:16:
57:e1:9a:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL00XD2y8pXbrMLahgmtDnKLE6WUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTQwMDFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyMmYwMGU5Nzc0N2VmNWVmMmRkNTUyZjlmMjljMzg3ZDM2MDg1YTg3Yzk4
ZDFhNzQ0NDZjY2IxODg1OGE5YjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMN7+E3Gx5UmBOxLAl/9tZW6RUl/c0VslsNiDnk6akoublLN5p8huOZpDboP
HKAPHmIfRmzqhU2/K+zmTSa64XGvAqjh76ho5N11YdI9EE8sNQ+bfLEv8FBk0w36
g3OD5jAjpCf0gtiVeNlx/CEnoWa5/EnZwYb262H+mWoUPFJvj9ooCLlDO1CFxaOX
jm63ANspwqp3D3xOqnXG8PHEyb8HEHeW/feD/qZGxRRFiuTqnQxUsVR0VQf+KCrG
xBcxmRTQEd9KzMzFDg9D+HtN23Xu6NzOO2jyOf8Bw8oymrdvcv1BCU3ZMVmvKeLz
8+RnJsu5JtCelDBc+NwSI6nv3YsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQl5jgT
ZlrlKcno2PLoKUDVsuav7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQCGk05Ww0pqA8JAF7XVNE5unWHl6iZPKdcnb6mzUUSQ
EwC47TjY9YAW9hdk6hBemutx/lfGR5z9OGziLDc2b861KT6V+LiMsOLDgTZMnfAz
GIQPwdCJNUWHCXmiCqHUHuiWHrb3XJagHk2sn1iPPmCgS74qcXd27PJNF7MfU81K
IgnvvY2y5dNGkftwO7j2+TClzmuXuZuTHsrqAFAu42YCAmELPE8DDc+H2yr8sgQg
10PQrB84e6KrXB+mesUVzJRMN46xLa6dp2iexlprQv4AkPLCZ0BaBATHM3nAvUtM
MLEvSqh9k63RzXSHU6N/ap4UdfRyPmrTvUIgZxZX4ZqP
-----END CERTIFICATE-----
Generated at Tue Sep 16 09:45:48 2025 by rpki-client