Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: gXE11foroW72uNdIpixeUJK5M30V9bhC3JuyR5+wl+c=
Subject key identifier: 92:48:BB:47:D2:FF:E7:65:AD:0D:D5:BF:21:56:6E:AC:F9:9C:6F:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68216BC3612A1B8EDCFFB80CD2B5FD8FF013CEEC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Tue 05 Aug 2025 20:30:18 +0000
ROA not before: Tue 05 Aug 2025 20:30:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:21:6b:c3:61:2a:1b:8e:dc:ff:b8:0c:d2:b5:fd:8f:f0:13:ce:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a81222d0bc7c56e3fb4db0f05dd566bf4b4ea8a354a10d4fed4f81f53ba45679, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:27:ad:ef:22:f5:e8:d9:ae:91:51:36:68:63:
cc:0d:28:aa:a3:19:99:4f:17:59:25:e8:2b:6e:99:
a1:19:71:7c:cf:e2:c2:92:07:3e:92:c5:81:7b:4b:
68:d3:5c:01:9c:cb:3c:d2:04:01:b2:79:ba:0e:81:
ec:13:81:e5:cd:e3:2c:3c:c3:f0:86:c1:c1:52:7a:
af:fd:f0:35:4c:2a:db:cb:74:72:e8:99:e2:99:0b:
7d:3d:82:96:1c:eb:62:67:4d:54:b6:ee:f2:37:cc:
48:99:a5:18:a5:ce:5c:17:74:70:97:78:f2:d2:37:
a1:1e:ee:79:3c:8b:e6:c0:39:56:92:df:9a:74:37:
06:65:65:af:3e:c8:19:6b:6c:48:d5:9e:8d:38:56:
5c:be:c5:ec:17:f8:59:8f:a5:45:0f:48:c0:ad:73:
53:17:df:1f:c6:50:dd:ca:55:63:b7:86:49:87:67:
20:4a:5d:98:ba:1f:58:8a:13:ab:09:34:ac:f6:02:
fb:69:99:bf:2d:d2:ce:1a:3a:2e:f2:55:b7:f4:f9:
fb:d2:41:71:a7:97:3e:a9:35:ee:9d:a9:48:dd:42:
cb:9b:a6:c2:55:5a:10:ab:74:f2:ea:1f:88:15:f1:
17:b1:11:dd:53:e7:b5:db:df:fa:2e:87:2d:15:b8:
b6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:48:BB:47:D2:FF:E7:65:AD:0D:D5:BF:21:56:6E:AC:F9:9C:6F:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
65:fc:dd:b6:2a:e1:7e:d2:f3:89:d5:14:27:f0:7d:5b:23:a4:
95:62:0d:6e:f1:50:1a:75:27:d5:7c:ce:3f:49:26:a2:4d:2c:
4b:4d:56:c4:2c:e7:ea:7d:4a:ba:ae:7c:a4:92:c7:a6:fb:5a:
22:09:4f:73:e5:e0:45:36:a1:64:7f:0a:70:5e:66:4f:7c:54:
83:aa:68:b5:30:5a:99:60:0d:85:4f:90:b4:7e:de:5a:32:d2:
84:ae:d6:6f:0d:97:2d:d4:9d:29:2f:a5:cb:c3:88:ae:23:27:
22:13:38:b6:96:bd:9d:ce:d1:69:6c:92:77:ae:76:f6:4f:80:
81:ea:90:74:d7:a0:ad:a2:20:a1:f8:80:10:bc:1e:80:a9:b9:
0b:84:70:0c:59:26:bf:5e:82:62:43:cb:89:32:86:14:c2:5d:
78:20:81:89:31:4d:4b:55:8f:e4:6f:1b:60:bd:1e:97:a8:e9:
26:2c:b7:2c:48:34:81:e0:55:5c:e2:69:03:43:d0:d5:4c:aa:
98:89:28:2b:24:5b:62:59:d2:84:91:ec:78:00:76:a7:4b:80:
dc:2e:0e:f0:5b:87:8e:6f:74:fb:53:31:3c:b8:aa:5f:bb:26:
37:8c:c4:50:2a:14:97:5c:a1:39:bc:cf:30:76:8d:88:4e:e9:
cb:d9:3e:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaCFrw2EqG47c/7gM0rX9j/ATzuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4MTIyMmQwYmM3YzU2ZTNmYjRkYjBmMDVkZDU2NmJmNGI0ZWE4YTM1NGEx
MGQ0ZmVkNGY4MWY1M2JhNDU2NzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUnre8i9ejZrpFRNmhjzA0oqqMZmU8XWSXoK26ZoRlxfM/iwpIHPpLFgXtL
aNNcAZzLPNIEAbJ5ug6B7BOB5c3jLDzD8IbBwVJ6r/3wNUwq28t0cuiZ4pkLfT2C
lhzrYmdNVLbu8jfMSJmlGKXOXBd0cJd48tI3oR7ueTyL5sA5VpLfmnQ3BmVlrz7I
GWtsSNWejThWXL7F7Bf4WY+lRQ9IwK1zUxffH8ZQ3cpVY7eGSYdnIEpdmLofWIoT
qwk0rPYC+2mZvy3Szho6LvJVt/T5+9JBcaeXPqk17p2pSN1Cy5umwlVaEKt08uof
iBXxF7ER3VPntdvf+i6HLRW4tj0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSSSLtH
0v/nZa0N1b8hVm6s+ZxvEzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQBl/N22KuF+0vOJ1RQn8H1bI6SVYg1u8VAadSfVfM4/
SSaiTSxLTVbELOfqfUq6rnykksem+1oiCU9z5eBFNqFkfwpwXmZPfFSDqmi1MFqZ
YA2FT5C0ft5aMtKErtZvDZct1J0pL6XLw4iuIyciEzi2lr2dztFpbJJ3rnb2T4CB
6pB016CtoiCh+IAQvB6AqbkLhHAMWSa/XoJiQ8uJMoYUwl14IIGJMU1LVY/kbxtg
vR6XqOkmLLcsSDSB4FVc4mkDQ9DVTKqYiSgrJFtiWdKEkex4AHanS4DcLg7wW4eO
b3T7UzE8uKpfuyY3jMRQKhSXXKE5vM8wdo2ITunL2T6T
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:17 2025 by rpki-client