Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: HsCYS7Y084XlbwSDOKUrmWXXl7eKg7hli7a7k5pVL3k=
Subject key identifier: 46:0B:46:A2:B8:0E:C1:E9:48:9F:71:9D:51:61:EB:AC:7C:A9:14:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 796F2D2612F192A257652E951D41CE0DE7A1C8C9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Fri 15 Aug 2025 15:50:53 +0000
ROA not before: Fri 15 Aug 2025 15:50:53 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:6f:2d:26:12:f1:92:a2:57:65:2e:95:1d:41:ce:0d:e7:a1:c8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:53 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=62c9719f984db16bb2c33159df99be6dea680417515912cca184b6816115a48a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:50:1f:5b:0b:2e:ca:52:8a:df:41:f8:d4:25:
62:77:37:2f:00:9b:1a:8d:7a:8d:6b:73:2f:14:03:
a6:d3:ac:9f:75:49:65:dd:9b:75:f9:5e:39:2b:8e:
f6:e3:a6:0b:53:b8:38:01:fc:3f:31:1a:79:15:a2:
44:64:f4:ec:51:32:76:dd:6e:e4:7f:31:0b:65:35:
27:5d:50:80:eb:ae:f1:14:1f:ae:dc:c3:16:d6:90:
5c:2f:07:dd:38:e5:60:0e:c2:5a:03:bb:b7:7c:bc:
03:6c:61:aa:be:64:c8:18:3a:71:1d:d8:8f:de:c9:
76:ec:a5:a7:f5:72:08:6e:13:08:d2:36:0a:ec:92:
8f:5e:ee:6f:4e:d9:f8:b3:ce:53:e3:29:f4:47:f0:
7a:97:97:a7:3a:90:6a:77:10:19:df:f7:1b:ee:2c:
94:9d:60:4c:dd:d5:60:83:f1:da:78:ed:b6:4e:86:
83:eb:44:50:e5:93:6c:17:45:79:62:6c:cd:b5:5b:
59:e2:c0:8d:49:fc:89:a8:d0:8d:e4:d5:c0:24:a9:
bc:82:e0:24:8e:e3:d5:4d:58:b9:38:52:e6:09:3e:
8a:9b:ea:d5:3f:3a:a4:6d:31:46:1b:e4:2f:8c:4b:
da:7f:c6:98:87:b6:8b:31:c0:58:fa:e4:4b:29:57:
ab:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:0B:46:A2:B8:0E:C1:E9:48:9F:71:9D:51:61:EB:AC:7C:A9:14:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:ed:bd:42:08:b3:64:82:36:4e:1d:72:4b:a9:80:e3:57:8b:
10:42:a6:12:2d:59:e4:ed:d9:0f:c7:9e:70:ce:15:74:2f:4a:
da:9a:14:18:eb:91:e0:b5:fc:e8:a7:9d:9a:c0:92:ea:6c:6b:
35:99:99:c4:bd:1e:96:91:f5:ff:a4:2a:c9:84:50:51:e2:40:
07:aa:53:54:a9:df:9b:b3:a9:49:cc:23:43:44:53:42:9a:fa:
5a:8d:a4:64:80:b1:63:56:e8:d9:d2:38:32:d2:2a:f6:98:64:
89:f0:d4:2e:bd:6d:03:4a:17:3e:86:55:3f:aa:09:b4:fb:c7:
25:50:77:2c:e9:0a:35:c6:78:b6:75:36:3e:c1:fb:81:99:9a:
d3:bb:38:5e:b9:2d:15:55:ba:b2:ac:ad:10:f5:a3:04:b2:fc:
5c:3d:a2:66:56:2a:16:1d:15:3c:27:d3:dc:f5:50:bc:89:59:
1c:cb:4f:00:18:77:6d:ad:1b:42:4b:47:50:72:a1:d2:aa:d2:
8a:ed:10:56:ca:6a:32:7c:b2:ef:8d:0a:b9:3f:2d:fb:45:01:
57:7a:19:0c:5a:61:05:1e:e8:65:1c:a3:08:65:5d:91:02:81:
c8:9b:f5:80:db:dd:37:11:22:45:5e:30:15:53:18:14:ea:14:
09:f8:87:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeW8tJhLxkqJXZS6VHUHODeehyMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNTNaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyYzk3MTlmOTg0ZGIxNmJiMmMzMzE1OWRmOTliZTZkZWE2ODA0MTc1MTU5
MTJjY2ExODRiNjgxNjExNWE0OGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtQH1sLLspSit9B+NQlYnc3LwCbGo16jWtzLxQDptOsn3VJZd2bdfleOSuO
9uOmC1O4OAH8PzEaeRWiRGT07FEydt1u5H8xC2U1J11QgOuu8RQfrtzDFtaQXC8H
3TjlYA7CWgO7t3y8A2xhqr5kyBg6cR3Yj97Jduylp/VyCG4TCNI2CuySj17ub07Z
+LPOU+Mp9EfwepeXpzqQancQGd/3G+4slJ1gTN3VYIPx2njttk6Gg+tEUOWTbBdF
eWJszbVbWeLAjUn8iajQjeTVwCSpvILgJI7j1U1YuThS5gk+ipvq1T86pG0xRhvk
L4xL2n/GmIe2izHAWPrkSylXqxUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGC0ai
uA7B6UifcZ1RYeusfKkUfDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQCl7b1CCLNkgjZOHXJLqYDjV4sQQqYSLVnk7dkPx55w
zhV0L0ramhQY65Hgtfzop52awJLqbGs1mZnEvR6WkfX/pCrJhFBR4kAHqlNUqd+b
s6lJzCNDRFNCmvpajaRkgLFjVujZ0jgy0ir2mGSJ8NQuvW0DShc+hlU/qgm0+8cl
UHcs6Qo1xni2dTY+wfuBmZrTuzheuS0VVbqyrK0Q9aMEsvxcPaJmVioWHRU8J9Pc
9VC8iVkcy08AGHdtrRtCS0dQcqHSqtKK7RBWymoyfLLvjQq5Py37RQFXehkMWmEF
HuhlHKMIZV2RAoHIm/WA2903ESJFXjAVUxgU6hQJ+Icr
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:01 2025 by rpki-client