Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: y8MLAnW3//MXquODFtbQj3vRPQCq/sH9XEqEOtcNo1Y=
Subject key identifier: F2:F4:BE:8B:83:1F:49:EB:50:EF:81:88:DF:FE:C5:42:19:A2:EC:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69D5AC6970B5195B3340476FECA2C91D642FEDA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Tue 05 Aug 2025 20:30:15 +0000
ROA not before: Tue 05 Aug 2025 20:30:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d5:ac:69:70:b5:19:5b:33:40:47:6f:ec:a2:c9:1d:64:2f:ed:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9c8eab1758de6f8660c816df93b56f5a9113f640223cd05d4a8fa8aca6f2ae73, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c3:35:69:0c:33:0b:af:25:87:00:27:f8:da:
c3:bc:e3:5b:5d:5d:21:84:9c:a6:7a:34:16:a2:d3:
d1:7a:60:01:1a:a6:0c:91:8c:fa:16:15:0a:e5:90:
bd:9b:77:62:40:4e:ee:c2:c4:88:72:35:40:2a:a8:
58:f8:e1:9c:fe:df:84:f9:b3:dd:4d:92:9f:69:73:
9c:17:4d:99:0a:af:95:f2:53:52:f9:e2:33:ca:96:
d9:55:e2:48:b9:16:a6:58:ff:a3:37:fd:57:90:9a:
18:54:6a:22:09:d6:92:d9:d5:75:19:da:c1:4d:09:
66:a6:5c:a2:6a:68:89:0b:fa:36:02:e0:0f:4c:82:
9d:58:cf:47:4d:30:56:4e:53:b1:8b:7d:a9:4e:99:
40:61:d8:53:91:06:33:13:a6:61:e2:89:1a:a8:48:
24:92:b6:ea:6d:39:ec:c6:a7:05:4f:5f:37:37:03:
1d:04:08:d5:21:77:bb:c4:7c:2d:51:15:02:1c:8e:
bd:58:57:5a:74:b4:89:e9:d4:d4:7a:13:4f:37:bb:
75:dc:a4:71:01:84:7f:f4:a5:19:80:0e:0d:38:f6:
6d:1b:c1:43:72:7d:4e:2f:c5:25:2f:0d:1e:8a:26:
97:5c:a3:bc:39:02:e4:9d:31:41:91:62:eb:88:0b:
6e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F4:BE:8B:83:1F:49:EB:50:EF:81:88:DF:FE:C5:42:19:A2:EC:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8e:71:70:63:59:d2:00:20:33:cc:27:ab:94:7e:c9:4a:a5:0e:
1c:ce:7b:d4:33:76:5f:3d:9f:a8:a0:72:26:34:c4:74:ff:ab:
66:c1:9f:9b:4a:a9:6f:47:25:c5:0c:37:55:fc:f4:d2:c0:62:
17:a4:ab:6f:7d:06:3f:1e:04:be:9c:40:70:77:1a:eb:95:f3:
57:63:36:30:2c:13:3a:97:83:99:45:93:58:14:78:18:12:0a:
cb:68:6d:9d:75:bd:ef:b6:ce:70:fe:4a:da:a4:6f:19:c9:9b:
bc:eb:c2:41:ea:ec:be:d7:5f:ad:3d:f5:37:55:7d:b8:74:aa:
3c:20:04:de:b5:be:b6:ab:3b:9c:15:ce:75:55:d2:a4:c0:1b:
20:19:66:33:2f:94:77:7a:0f:ac:f9:25:7c:c5:49:07:9f:7b:
87:02:61:83:62:4f:1e:ef:42:ed:2b:d3:c0:ae:e7:d4:0c:db:
7e:34:25:fc:52:47:5a:e6:35:0d:a7:6d:ee:ad:92:1a:7f:56:
57:4b:c7:ec:ab:34:7a:d1:31:b0:2c:8e:2d:82:26:73:9a:5d:
fa:76:e3:89:b6:c9:3a:da:f1:fd:13:74:59:56:68:5b:4a:56:
96:fc:91:66:37:2b:6c:9d:ab:39:2f:e8:ed:9f:62:56:af:8b:
1c:31:bd:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUadWsaXC1GVszQEdv7KLJHWQv7aEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDljOGVhYjE3NThkZTZmODY2MGM4MTZkZjkzYjU2ZjVhOTExM2Y2NDAyMjNj
ZDA1ZDRhOGZhOGFjYTZmMmFlNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTDNWkMMwuvJYcAJ/jaw7zjW11dIYScpno0FqLT0XpgARqmDJGM+hYVCuWQ
vZt3YkBO7sLEiHI1QCqoWPjhnP7fhPmz3U2Sn2lznBdNmQqvlfJTUvniM8qW2VXi
SLkWplj/ozf9V5CaGFRqIgnWktnVdRnawU0JZqZcompoiQv6NgLgD0yCnVjPR00w
Vk5TsYt9qU6ZQGHYU5EGMxOmYeKJGqhIJJK26m057ManBU9fNzcDHQQI1SF3u8R8
LVEVAhyOvVhXWnS0ienU1HoTTze7ddykcQGEf/SlGYAODTj2bRvBQ3J9Ti/FJS8N
Hooml1yjvDkC5J0xQZFi64gLbgkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTy9L6L
gx9J61DvgYjf/sVCGaLsHDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQCOcXBjWdIAIDPMJ6uUfslKpQ4cznvUM3ZfPZ+ooHIm
NMR0/6tmwZ+bSqlvRyXFDDdV/PTSwGIXpKtvfQY/HgS+nEBwdxrrlfNXYzYwLBM6
l4OZRZNYFHgYEgrLaG2ddb3vts5w/krapG8ZyZu868JB6uy+11+tPfU3VX24dKo8
IATetb62qzucFc51VdKkwBsgGWYzL5R3eg+s+SV8xUkHn3uHAmGDYk8e70LtK9PA
rufUDNt+NCX8Ukda5jUNp23urZIaf1ZXS8fsqzR60TGwLI4tgiZzml36duOJtsk6
2vH9E3RZVmhbSlaW/JFmNytsnas5L+jtn2JWr4scMb03
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:29 2025 by rpki-client