Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: +77BpeDlr0OtF6r8WAH2ixKv2u6QlaFdJBZ04DjJVwA=
Subject key identifier: EA:D8:56:83:3D:C2:CF:8D:F3:14:44:6B:9C:59:1E:C5:4B:15:55:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F3E5B7B3CC3412CF84620007CDB98813C9CD62C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Tue 05 Aug 2025 20:20:08 +0000
ROA not before: Tue 05 Aug 2025 20:20:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:3e:5b:7b:3c:c3:41:2c:f8:46:20:00:7c:db:98:81:3c:9c:d6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b21c39c40698bb228965793b8fad84a6d97c6f508d019718dda607c853534a98, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c1:bf:f6:49:85:4f:94:77:bb:fc:df:55:5b:
69:ad:e7:27:b0:47:a7:38:6d:2f:6f:fa:71:e3:a3:
43:38:83:8c:4c:c9:46:b2:1c:b8:1b:55:ab:c9:16:
29:cd:c0:f4:7f:dd:52:22:00:37:7e:96:52:ae:e0:
ea:16:4e:64:e9:f6:c7:a6:3a:84:89:8b:2d:5b:7f:
dc:dd:ea:63:e3:f2:f0:bf:70:b0:75:eb:91:63:c3:
c3:cb:cb:35:08:97:45:f0:72:9a:89:fc:d8:d4:95:
71:01:40:ef:51:a2:d1:02:a6:d3:16:22:84:33:30:
22:0c:5f:cd:5e:c5:43:87:4f:9e:81:d3:43:7c:ac:
d3:e1:70:5b:ae:c0:e5:db:8f:dc:a1:51:57:25:45:
5e:31:80:fd:83:16:06:c0:65:a3:bb:ed:63:36:3d:
52:b3:61:4e:56:11:c8:aa:9c:3b:94:c6:7d:94:f2:
39:e0:4e:c8:bb:94:18:8e:52:4d:6c:bb:c3:60:f1:
ac:a2:15:8f:7b:e3:d7:68:48:af:5f:c6:83:ae:5a:
2b:02:cc:38:58:d8:71:8e:bd:7e:7b:07:b6:b1:75:
00:c4:bc:be:f9:44:35:be:71:57:a1:b8:19:13:7f:
a1:d7:dc:15:62:76:2d:6f:3b:fa:90:5f:11:5d:a4:
f7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D8:56:83:3D:C2:CF:8D:F3:14:44:6B:9C:59:1E:C5:4B:15:55:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c5:d2:b6:69:44:e3:f7:08:1c:a8:b7:8a:05:48:3d:1e:4b:77:
e6:5c:50:8e:fb:32:b4:2f:62:04:ea:58:e9:d7:e8:3d:45:79:
be:8b:e3:55:23:e7:b9:b9:f0:c3:19:3b:01:0b:d5:2b:67:9a:
1d:b9:a4:20:2a:54:2e:41:51:f3:ee:91:7e:91:24:aa:32:b3:
71:a9:7e:16:e2:b2:51:42:eb:61:80:34:c7:d0:2a:9c:ba:4e:
cd:dc:95:ba:1b:11:7c:7f:77:c2:0a:ba:95:14:ac:e2:b6:a7:
7a:c9:a4:0e:72:03:98:a4:31:ee:58:9b:1b:b2:3a:b0:9f:ee:
96:e4:1b:e4:f8:39:ed:01:70:d9:f2:ca:47:f6:13:80:3c:b3:
5d:77:f8:85:09:47:8c:87:5b:21:cf:4b:11:4e:42:66:c1:1f:
e3:c6:63:1d:08:f4:64:1c:a1:02:1c:67:43:99:43:f7:fa:88:
c1:e0:df:4a:cd:94:76:78:db:70:03:25:a4:07:ba:2e:63:50:
3c:80:ea:f2:2f:a4:b0:94:a2:58:95:14:b0:e5:32:d5:7b:cc:
49:c4:af:17:8c:8e:ac:89:19:6e:10:6c:a8:b6:eb:56:29:7d:
b4:54:a7:f0:d1:4e:eb:0d:17:f3:fe:61:71:41:ee:ef:53:ab:
10:88:38:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXz5bezzDQSz4RiAAfNuYgTyc1iwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyMWMzOWM0MDY5OGJiMjI4OTY1NzkzYjhmYWQ4NGE2ZDk3YzZmNTA4ZDAx
OTcxOGRkYTYwN2M4NTM1MzRhOTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLBv/ZJhU+Ud7v831Vbaa3nJ7BHpzhtL2/6ceOjQziDjEzJRrIcuBtVq8kW
Kc3A9H/dUiIAN36WUq7g6hZOZOn2x6Y6hImLLVt/3N3qY+Py8L9wsHXrkWPDw8vL
NQiXRfBymon82NSVcQFA71Gi0QKm0xYihDMwIgxfzV7FQ4dPnoHTQ3ys0+FwW67A
5duP3KFRVyVFXjGA/YMWBsBlo7vtYzY9UrNhTlYRyKqcO5TGfZTyOeBOyLuUGI5S
TWy7w2DxrKIVj3vj12hIr1/Gg65aKwLMOFjYcY69fnsHtrF1AMS8vvlENb5xV6G4
GRN/odfcFWJ2LW87+pBfEV2k9xECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTq2FaD
PcLPjfMURGucWR7FSxVVmDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQDF0rZpROP3CByot4oFSD0eS3fmXFCO+zK0L2IE6ljp
1+g9RXm+i+NVI+e5ufDDGTsBC9UrZ5oduaQgKlQuQVHz7pF+kSSqMrNxqX4W4rJR
QuthgDTH0Cqcuk7N3JW6GxF8f3fCCrqVFKzitqd6yaQOcgOYpDHuWJsbsjqwn+6W
5Bvk+DntAXDZ8spH9hOAPLNdd/iFCUeMh1shz0sRTkJmwR/jxmMdCPRkHKECHGdD
mUP3+ojB4N9KzZR2eNtwAyWkB7ouY1A8gOryL6SwlKJYlRSw5TLVe8xJxK8XjI6s
iRluEGyotutWKX20VKfw0U7rDRfz/mFxQe7vU6sQiDif
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:03 2025 by rpki-client