Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: pJLudwP4y+jng+ciwCmi0F11FRfr09r+fs9AF/HaVqs=
Subject key identifier: 00:52:BD:CE:D9:82:DE:C3:3A:23:16:05:71:63:13:AD:54:6A:6E:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40F411D374A7B649E6EF4B176FEF3C6BAF5F75CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Mon 01 Sep 2025 21:30:36 +0000
ROA not before: Mon 01 Sep 2025 21:30:36 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:f4:11:d3:74:a7:b6:49:e6:ef:4b:17:6f:ef:3c:6b:af:5f:75:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:36 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=07b09dc38d8ca798dc697d8a2b7c182cbad86640eb61a3dfad5297037742a48f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c2:a5:60:43:9e:a2:07:a2:03:da:4f:3e:50:
fb:99:76:6d:31:2f:84:9c:8d:13:1f:31:e4:b2:b2:
e2:81:36:c9:1f:3b:9a:99:38:53:02:e7:04:63:64:
ec:eb:73:37:30:d9:0e:80:aa:af:3b:33:11:8f:d5:
73:03:33:41:8e:df:6c:a3:12:e7:49:2d:cf:76:ea:
a7:0c:ea:3c:c5:c7:3e:12:b1:7b:d3:e0:5e:2d:03:
28:77:a4:28:7a:a8:93:2d:39:86:55:1d:87:66:53:
a5:79:a5:82:e4:ad:10:65:cf:30:dc:6e:de:8c:26:
6f:79:17:84:b6:d3:26:7c:d0:58:64:57:b4:eb:a2:
ba:93:0f:05:d5:e3:96:4c:14:a2:46:f5:01:75:9d:
20:37:1d:65:f4:84:2a:6d:43:ce:84:78:46:07:9d:
7e:fa:f4:57:e6:08:08:26:24:6d:12:2e:c4:9f:fc:
75:59:7e:a4:ba:d6:08:25:b7:78:0f:f0:75:21:51:
9e:5d:22:a4:18:07:b3:d8:f3:ee:fc:dc:10:b1:91:
b6:db:f8:a5:6d:12:2e:5b:39:ed:64:a8:37:f5:44:
b5:3f:12:47:1c:79:05:3b:ee:6b:5d:6c:2f:99:cf:
d9:4c:ce:f9:1b:f5:07:16:b1:01:0e:a3:c7:2a:49:
4c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:52:BD:CE:D9:82:DE:C3:3A:23:16:05:71:63:13:AD:54:6A:6E:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0a:ac:3b:cd:7f:9c:0e:0f:df:f3:27:7e:26:2a:e4:fe:57:e4:
7d:47:b0:d6:0d:fe:00:ab:3a:16:02:7d:9b:0e:f0:92:26:a0:
90:7b:16:0a:2a:cc:19:46:5f:64:d8:c8:c4:dc:43:0e:73:c1:
1a:b6:44:f4:d0:59:ab:00:2d:93:e6:d5:53:74:71:4b:7b:32:
8c:31:e7:ea:f3:f3:90:b1:27:26:ae:c4:74:83:b0:6e:0c:27:
07:c8:e9:c9:a7:19:35:c5:20:d3:98:2e:c2:1c:f3:1e:49:d0:
c9:98:37:d8:c4:b0:04:56:c3:50:60:09:c6:20:88:ce:ce:e0:
36:2d:fb:4a:f6:34:15:55:0e:41:e2:9b:89:73:c4:9a:9d:97:
0a:91:3c:45:5b:ff:17:9a:a2:74:6c:e4:97:81:ac:f1:a1:70:
5b:94:b8:6d:02:b2:ab:61:53:86:d1:b4:5c:8b:9e:20:92:d4:
c1:4f:9e:25:98:69:88:f8:b4:d5:a5:af:b1:ce:37:9b:e5:33:
49:de:5f:47:51:09:fc:d1:82:a2:8e:ad:18:0c:52:a8:54:15:
33:a0:f0:ad:bb:be:05:c9:25:bb:75:3a:f2:e5:77:04:c0:22:
2e:ca:b4:c6:04:5e:bb:95:2d:10:5f:cb:d1:b6:84:5c:b3:b2:
aa:c5:db:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQPQR03Sntknm70sXb+88a69fdcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwMzZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3YjA5ZGMzOGQ4Y2E3OThkYzY5N2Q4YTJiN2MxODJjYmFkODY2NDBlYjYx
YTNkZmFkNTI5NzAzNzc0MmE0OGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDCpWBDnqIHogPaTz5Q+5l2bTEvhJyNEx8x5LKy4oE2yR87mpk4UwLnBGNk
7OtzNzDZDoCqrzszEY/VcwMzQY7fbKMS50ktz3bqpwzqPMXHPhKxe9PgXi0DKHek
KHqoky05hlUdh2ZTpXmlguStEGXPMNxu3owmb3kXhLbTJnzQWGRXtOuiupMPBdXj
lkwUokb1AXWdIDcdZfSEKm1DzoR4Rgedfvr0V+YICCYkbRIuxJ/8dVl+pLrWCCW3
eA/wdSFRnl0ipBgHs9jz7vzcELGRttv4pW0SLls57WSoN/VEtT8SRxx5BTvua11s
L5nP2UzO+Rv1BxaxAQ6jxypJTHUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQAUr3O
2YLewzojFgVxYxOtVGpu4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQAKrDvNf5wOD9/zJ34mKuT+V+R9R7DWDf4AqzoWAn2b
DvCSJqCQexYKKswZRl9k2MjE3EMOc8EatkT00FmrAC2T5tVTdHFLezKMMefq8/OQ
sScmrsR0g7BuDCcHyOnJpxk1xSDTmC7CHPMeSdDJmDfYxLAEVsNQYAnGIIjOzuA2
LftK9jQVVQ5B4puJc8SanZcKkTxFW/8XmqJ0bOSXgazxoXBblLhtArKrYVOG0bRc
i54gktTBT54lmGmI+LTVpa+xzjeb5TNJ3l9HUQn80YKijq0YDFKoVBUzoPCtu74F
ySW7dTry5XcEwCIuyrTGBF67lS0QX8vRtoRcs7Kqxdvb
-----END CERTIFICATE-----
Generated at Fri Sep 19 12:08:53 2025 by rpki-client