Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: zjZbA79gxAX6ELyit27dR/XTGpnWZgJvdNlRmvKIKFg=
Subject key identifier: 87:A4:46:3F:3D:7F:35:F1:64:6C:2A:EF:AE:97:D6:6E:85:49:77:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62D48702D19E3979D8481834655C720101ABE813
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Tue 05 Aug 2025 20:30:32 +0000
ROA not before: Tue 05 Aug 2025 20:30:32 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:d4:87:02:d1:9e:39:79:d8:48:18:34:65:5c:72:01:01:ab:e8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:32 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b56f2f7d07708de32f8c63a8c76c3bdd3684d912002d66f4edb934684397b108, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1b:f1:43:9c:9f:1c:fb:64:1d:f2:08:a2:71:
21:6e:46:4a:30:4a:50:27:a7:e7:94:5b:70:3a:df:
08:87:37:92:79:21:5e:f4:c6:f4:df:2b:ba:98:12:
0b:35:b4:ee:46:f2:6a:91:9e:f8:01:54:bf:42:6f:
29:64:bc:59:14:b6:c3:0a:fa:2c:18:48:f0:99:24:
7f:b8:48:fc:db:26:01:bf:7d:37:e1:ee:70:3a:97:
3f:7a:8e:d3:b6:50:51:01:3b:80:bf:d1:4d:b9:a9:
c4:03:ce:62:fb:ef:5a:3c:5c:50:98:44:9d:6f:1f:
74:8b:53:f3:c0:df:46:16:9c:ef:c2:37:77:76:c3:
30:21:bb:ac:d5:70:14:99:3b:1d:f9:fa:48:34:fb:
24:40:8a:c2:64:56:bd:51:5e:e9:33:dc:7a:76:38:
e9:ed:c1:47:5a:c3:40:e6:e4:f1:e3:ed:c6:89:03:
6a:05:70:41:a3:23:9e:b4:38:a5:63:45:b5:33:b5:
16:dd:4b:67:80:c5:06:e8:39:37:af:07:da:2b:7f:
88:97:fd:69:ac:9c:5f:10:d2:79:eb:9b:1d:42:5a:
6b:0f:f8:79:88:5b:60:96:a9:6c:3a:cb:a6:55:99:
39:3e:71:7f:8b:23:33:38:79:86:9d:9d:47:69:03:
af:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A4:46:3F:3D:7F:35:F1:64:6C:2A:EF:AE:97:D6:6E:85:49:77:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:76:96:f6:f0:be:68:cd:4a:80:e2:0a:45:9f:0f:9e:ea:11:
19:ea:26:94:7e:e3:cc:6c:28:ce:cf:cc:37:99:9e:64:20:62:
d8:91:b3:67:25:4d:78:24:7a:b6:a9:14:4d:0b:95:3d:0c:a6:
07:91:42:8e:be:59:5d:d6:f3:b5:33:77:79:cc:a4:45:b4:44:
02:3a:8a:20:30:1c:56:3a:0c:71:e9:55:93:ab:04:3c:c5:dc:
06:c9:f4:91:ed:f9:1b:0b:a6:81:81:65:fb:b0:85:c3:b1:32:
fa:0c:0b:29:77:f6:59:9d:e7:6c:7a:23:ab:f3:dc:53:39:7e:
70:70:28:b7:b0:14:ad:45:c5:97:69:b6:30:16:fa:5e:7a:3d:
58:b5:26:c8:0c:5a:a9:76:8c:db:2b:bb:61:d0:6d:39:6d:06:
05:8c:da:58:e3:70:6c:85:55:1e:b5:65:3a:92:5a:ab:4c:bb:
5c:07:d5:3e:d4:16:21:56:2b:60:42:5a:c8:cf:8b:e8:0b:7b:
f3:e3:ce:84:6d:ba:27:30:50:34:fb:f8:e4:0c:9c:27:ea:8a:
48:1f:34:d4:30:00:f8:39:d8:89:16:68:f9:8c:ce:ef:7d:1a:
09:d8:83:65:bb:11:ee:53:fc:cb:ed:dd:b2:69:6c:20:32:57:
b9:14:9c:ce
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYtSHAtGeOXnYSBg0ZVxyAQGr6BMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMzJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NmYyZjdkMDc3MDhkZTMyZjhjNjNhOGM3NmMzYmRkMzY4NGQ5MTIwMDJk
NjZmNGVkYjkzNDY4NDM5N2IxMDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4b8UOcnxz7ZB3yCKJxIW5GSjBKUCen55RbcDrfCIc3knkhXvTG9N8rupgS
CzW07kbyapGe+AFUv0JvKWS8WRS2wwr6LBhI8Jkkf7hI/NsmAb99N+HucDqXP3qO
07ZQUQE7gL/RTbmpxAPOYvvvWjxcUJhEnW8fdItT88DfRhac78I3d3bDMCG7rNVw
FJk7Hfn6SDT7JECKwmRWvVFe6TPcenY46e3BR1rDQObk8ePtxokDagVwQaMjnrQ4
pWNFtTO1Ft1LZ4DFBug5N68H2it/iJf9aaycXxDSeeubHUJaaw/4eYhbYJapbDrL
plWZOT5xf4sjMzh5hp2dR2kDr/cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSHpEY/
PX818WRsKu+ul9ZuhUl3VjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQBsdpb28L5ozUqA4gpFnw+e6hEZ6iaUfuPMbCjOz8w3
mZ5kIGLYkbNnJU14JHq2qRRNC5U9DKYHkUKOvlld1vO1M3d5zKRFtEQCOoogMBxW
Ogxx6VWTqwQ8xdwGyfSR7fkbC6aBgWX7sIXDsTL6DAspd/ZZnedseiOr89xTOX5w
cCi3sBStRcWXabYwFvpeej1YtSbIDFqpdozbK7th0G05bQYFjNpY43BshVUetWU6
klqrTLtcB9U+1BYhVitgQlrIz4voC3vz486EbbonMFA0+/jkDJwn6opIHzTUMAD4
OdiJFmj5jM7vfRoJ2INluxHuU/zL7d2yaWwgMle5FJzO
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:33 2025 by rpki-client