Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: IJg2tV6VPVZ21xNz7L8l08K1Jx5ljh/fWk6P4dpBkPY=
Subject key identifier: 3C:70:3A:CF:DE:9A:81:4D:4E:9F:AA:C2:C1:80:76:71:19:B1:FC:E8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 706C0128C6C8A1591741D573114338B15A00863D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Mon 01 Sep 2025 21:30:54 +0000
ROA not before: Mon 01 Sep 2025 21:30:54 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:6c:01:28:c6:c8:a1:59:17:41:d5:73:11:43:38:b1:5a:00:86:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:54 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=0b0c43f59d403bdecfd2f907033e3fcef739a8bb063fe34bae80bc9867a8796f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ab:88:3c:35:58:ea:16:66:f0:89:4b:53:f1:
ca:6c:6c:1d:e1:63:e1:1a:d2:7d:2d:26:ba:e6:68:
36:d0:d1:16:cd:02:ad:bd:42:c9:cf:9d:aa:87:f7:
67:e5:dc:10:b7:3b:16:69:03:83:8b:6f:57:37:cb:
93:af:8c:c0:74:9c:32:e4:93:c0:b6:c5:70:de:5b:
9d:a8:3b:4d:74:94:c3:b0:61:a2:9d:c6:22:38:a4:
d6:80:77:d4:b5:72:76:d7:36:5e:cb:bb:c4:dd:6a:
28:0f:09:a4:2e:fe:91:b2:e0:19:64:18:5c:86:2b:
44:71:f1:27:36:41:30:3b:8e:4f:94:40:cf:a6:21:
75:5b:48:4f:99:41:3f:bc:de:bf:99:c2:bf:4d:e7:
31:03:30:50:76:1a:21:47:96:28:8f:7f:c7:89:8f:
b9:4b:6d:d3:af:0e:f0:30:a3:b3:e0:89:6b:7f:33:
a0:e5:d0:e0:f2:65:99:09:79:eb:34:37:e3:2e:85:
42:6a:24:97:a6:9b:e3:c0:38:f3:05:28:27:1b:e3:
9f:03:29:21:35:36:f9:c5:a0:a1:b5:bf:0c:03:f1:
81:42:99:87:2d:54:f6:2b:b5:0c:5b:43:0b:49:2c:
00:19:43:fe:9d:56:66:b2:07:c3:b8:8a:6c:23:a2:
cf:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:70:3A:CF:DE:9A:81:4D:4E:9F:AA:C2:C1:80:76:71:19:B1:FC:E8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1a:89:5b:1b:1b:4f:3d:79:ef:db:45:20:1e:3b:1a:41:03:b0:
23:64:2e:fa:b8:26:19:6d:04:90:c2:21:93:81:97:8a:8e:17:
cc:f3:34:ef:bc:c0:f2:db:6e:a4:7e:a4:b7:8b:23:58:5e:1d:
42:93:31:92:44:f2:cf:c4:e8:cb:12:7e:8d:c7:0c:87:6c:25:
fa:39:ab:db:24:de:48:87:a7:8f:3f:46:66:85:3c:ba:c5:0c:
96:8e:63:c3:52:9b:3d:c4:aa:6c:9f:83:27:c9:ec:c9:1f:ad:
30:a8:dc:12:55:cb:10:4d:2a:5d:2d:b8:0c:2b:b4:bd:de:c0:
56:06:f4:90:45:06:f0:f3:f7:e3:21:63:e4:ff:59:ae:27:cf:
ce:1d:99:92:a9:a7:10:54:85:88:c3:d8:ad:47:f4:c1:df:9b:
f6:ba:9d:de:cb:4a:e3:91:aa:ea:62:d4:d8:8b:e7:17:d8:be:
59:68:d4:7b:a3:4d:e2:0b:5e:3f:9d:8d:3e:a8:3b:76:0b:4a:
66:38:7d:3b:e1:f7:5c:55:85:c9:d3:ce:1c:3b:02:d1:6e:90:
0f:d5:95:8d:69:ac:1c:49:8e:e1:f2:78:41:bf:4a:c8:c0:a0:
a8:bd:5d:f8:33:84:c1:fe:1a:0f:04:84:5d:6e:d7:1a:a3:a3:
58:e3:bc:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcGwBKMbIoVkXQdVzEUM4sVoAhj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwNTRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiMGM0M2Y1OWQ0MDNiZGVjZmQyZjkwNzAzM2UzZmNlZjczOWE4YmIwNjNm
ZTM0YmFlODBiYzk4NjdhODc5NmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKriDw1WOoWZvCJS1PxymxsHeFj4RrSfS0muuZoNtDRFs0Crb1Cyc+dqof3
Z+XcELc7FmkDg4tvVzfLk6+MwHScMuSTwLbFcN5bnag7TXSUw7Bhop3GIjik1oB3
1LVydtc2Xsu7xN1qKA8JpC7+kbLgGWQYXIYrRHHxJzZBMDuOT5RAz6YhdVtIT5lB
P7zev5nCv03nMQMwUHYaIUeWKI9/x4mPuUtt068O8DCjs+CJa38zoOXQ4PJlmQl5
6zQ34y6FQmokl6ab48A48wUoJxvjnwMpITU2+cWgobW/DAPxgUKZhy1U9iu1DFtD
C0ksABlD/p1WZrIHw7iKbCOiz9cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ8cDrP
3pqBTU6fqsLBgHZxGbH86DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQAaiVsbG089ee/bRSAeOxpBA7AjZC76uCYZbQSQwiGT
gZeKjhfM8zTvvMDy226kfqS3iyNYXh1CkzGSRPLPxOjLEn6NxwyHbCX6OavbJN5I
h6ePP0ZmhTy6xQyWjmPDUps9xKpsn4MnyezJH60wqNwSVcsQTSpdLbgMK7S93sBW
BvSQRQbw8/fjIWPk/1muJ8/OHZmSqacQVIWIw9itR/TB35v2up3ey0rjkarqYtTY
i+cX2L5ZaNR7o03iC14/nY0+qDt2C0pmOH074fdcVYXJ084cOwLRbpAP1ZWNaawc
SY7h8nhBv0rIwKCovV34M4TB/hoPBIRdbtcao6NY47zt
-----END CERTIFICATE-----
Generated at Thu Sep 18 06:51:49 2025 by rpki-client