Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
File: 97585122-fbed-4029-849a-162097054103.roa (raw, json)
Hash identifier: B2XivndvYMafhArYyMQCUwQl1uPcPbxtF7pRnRAi8QA=
Subject key identifier: 1E:BE:C1:42:54:34:61:53:14:55:97:5D:D8:21:F8:FA:3D:52:99:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1133BD6E6504D6895C2584FD154C148935C11DD6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
Signing time: Fri 15 Aug 2025 15:50:55 +0000
ROA not before: Fri 15 Aug 2025 15:50:55 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:33:bd:6e:65:04:d6:89:5c:25:84:fd:15:4c:14:89:35:c1:1d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:55 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=0d2861b79e80b405cad1305c88e3cabf166fbffc80ae0cb06518a4dc47155348, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ca:4d:22:a4:70:06:f2:e5:b0:d0:26:9f:00:
97:3e:07:de:f8:a8:60:b6:02:c7:59:ee:e9:1c:57:
27:9e:75:2a:4d:2f:7c:39:f8:5f:d4:23:57:de:f4:
83:f7:13:43:00:05:26:6b:16:89:72:19:4f:5c:72:
b8:a0:03:c6:65:51:bc:5e:19:f6:4c:5e:35:2c:52:
5f:1b:60:25:2d:6c:b5:98:7f:01:d1:6f:34:d7:43:
14:09:6b:3c:76:14:6d:f9:6c:ba:22:a7:d1:88:b3:
46:10:f8:eb:47:81:39:bf:ea:25:22:31:cf:4b:c3:
73:67:0a:87:47:a6:02:6b:e4:2e:f1:ee:40:42:12:
a7:54:5e:1a:cd:96:d3:03:eb:58:56:9a:fc:85:24:
98:e6:3e:63:78:5c:a7:db:45:c7:f5:dc:cc:b1:60:
1f:f0:c0:ac:de:84:85:bb:9b:e0:ee:25:b9:fa:ff:
0e:71:0c:9f:28:d9:9e:94:93:4b:b7:d8:d3:f9:f0:
35:c2:47:60:e8:cf:36:0f:fd:4e:a1:8d:b5:e8:dc:
b6:d9:98:e5:64:43:52:4a:42:7b:cf:b2:f0:ca:27:
f4:44:22:ce:40:a1:67:58:e9:ba:4e:21:76:1e:18:
c1:2d:88:91:e9:e3:2c:50:84:f8:73:d0:59:40:fa:
95:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BE:C1:42:54:34:61:53:14:55:97:5D:D8:21:F8:FA:3D:52:99:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
69:31:68:8e:f3:62:e3:d6:fd:94:36:25:cc:8d:ba:09:6b:1b:
d5:6d:05:ee:d3:3a:f3:58:78:05:e4:41:9c:7b:ca:0a:6c:45:
94:32:cf:6f:19:3f:f4:c0:ef:a4:4f:1c:b9:c1:24:8b:4a:3d:
5d:06:72:8f:d2:bb:5f:99:49:9d:14:6e:16:49:40:49:9d:6b:
e9:52:c6:5d:d8:17:d0:80:cb:93:d7:a0:9c:be:59:2b:de:66:
f5:b7:d7:65:a8:63:95:3c:41:55:92:be:7e:b7:2b:46:d0:46:
4e:15:7e:0f:8c:65:36:e9:96:32:ea:55:84:99:6d:9e:3b:c2:
0b:92:47:ad:1c:71:c8:39:2d:94:34:3b:19:51:a2:11:5f:ef:
13:65:1d:f6:6e:cd:fb:af:b3:6b:23:82:6d:43:54:73:19:a2:
2e:cb:f7:d1:77:dc:51:a3:c9:13:d4:c7:ad:99:ae:a2:8a:5a:
06:3b:21:88:e3:ae:16:a8:c2:13:0e:a2:47:86:d3:dd:30:ac:
b2:cc:25:05:ef:13:6c:ed:f5:3c:cb:4f:e3:92:66:9d:ec:8b:
de:22:2f:2d:df:b8:67:8d:c0:22:46:c4:62:e3:c1:1b:b3:29:
a0:93:41:1d:70:68:ec:c6:6a:68:d2:bf:33:7e:71:1e:94:1a:
52:da:74:26
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUETO9bmUE1olcJYT9FUwUiTXBHdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNTVaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkMjg2MWI3OWU4MGI0MDVjYWQxMzA1Yzg4ZTNjYWJmMTY2ZmJmZmM4MGFl
MGNiMDY1MThhNGRjNDcxNTUzNDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzKTSKkcAby5bDQJp8Alz4H3vioYLYCx1nu6RxXJ551Kk0vfDn4X9QjV970
g/cTQwAFJmsWiXIZT1xyuKADxmVRvF4Z9kxeNSxSXxtgJS1stZh/AdFvNNdDFAlr
PHYUbflsuiKn0YizRhD460eBOb/qJSIxz0vDc2cKh0emAmvkLvHuQEISp1ReGs2W
0wPrWFaa/IUkmOY+Y3hcp9tFx/XczLFgH/DArN6Ehbub4O4lufr/DnEMnyjZnpST
S7fY0/nwNcJHYOjPNg/9TqGNtejcttmY5WRDUkpCe8+y8Mon9EQizkChZ1jpuk4h
dh4YwS2IkenjLFCE+HPQWUD6ldMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQevsFC
VDRhUxRVl13YIfj6PVKZxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTc1ODUxMjItZmJlZC00MDI5LTg0OWEtMTYyMDk3MDU0MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQBpMWiO82Lj1v2UNiXMjboJaxvVbQXu0zrzWHgF5EGc
e8oKbEWUMs9vGT/0wO+kTxy5wSSLSj1dBnKP0rtfmUmdFG4WSUBJnWvpUsZd2BfQ
gMuT16Ccvlkr3mb1t9dlqGOVPEFVkr5+tytG0EZOFX4PjGU26ZYy6lWEmW2eO8IL
kketHHHIOS2UNDsZUaIRX+8TZR32bs37r7NrI4JtQ1RzGaIuy/fRd9xRo8kT1Met
ma6iiloGOyGI464WqMITDqJHhtPdMKyyzCUF7xNs7fU8y0/jkmad7IveIi8t37hn
jcAiRsRi48Ebsymgk0EdcGjsxmpo0r8zfnEelBpS2nQm
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:45:54 2025 by rpki-client