Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: 6WUMyu4epnxEXsYl9IL5erObM3kd6ssnjXBtUo32t+M=
Subject key identifier: CF:18:AB:24:65:9F:FD:E7:EF:06:35:29:AC:AC:A9:40:4B:D6:AC:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54EDEF9F9E9A664B84D13E78996472674E812065
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Tue 05 Aug 2025 20:20:18 +0000
ROA not before: Tue 05 Aug 2025 20:20:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ed:ef:9f:9e:9a:66:4b:84:d1:3e:78:99:64:72:67:4e:81:20:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fe1d9bdaf5f232d6f7c9b6af9d75a5512fee78e879aa5ed2ad404f60c551c4bb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:33:d0:19:49:e6:bd:ae:50:71:02:a7:01:
70:87:f7:b7:82:1e:8d:84:60:38:ff:79:0d:ac:1d:
69:db:0b:02:b0:5e:7d:71:36:72:eb:27:52:94:12:
41:57:26:d3:66:b6:b3:66:0e:94:7d:99:2c:db:b1:
70:a5:66:e3:b9:97:f4:0f:0a:3b:33:81:55:38:62:
e4:a1:f2:32:17:44:c9:42:00:2f:b5:d2:a9:fb:76:
65:e9:61:74:08:1c:bb:aa:3d:24:58:3f:85:f8:aa:
d3:91:57:94:08:f6:22:6e:1c:cf:d1:54:55:bb:e2:
62:18:d6:0f:d9:34:27:c2:5d:e6:d2:ec:4c:d6:f4:
54:58:29:60:29:4b:f5:f0:ca:6c:96:1c:6f:e2:87:
6b:61:9f:06:14:a5:a9:af:dd:cd:df:73:6d:a6:7f:
32:88:0c:ce:80:c3:ad:58:1e:26:b3:62:d5:01:72:
d8:3b:92:73:35:42:81:a3:2f:fb:a7:52:f5:20:bf:
dd:f8:c2:0a:dd:35:2c:66:4e:c0:9d:20:62:17:92:
d8:97:67:66:b6:66:5e:ae:22:68:74:31:b3:9b:16:
05:cf:a8:01:ee:bd:1a:74:45:e3:73:c8:8c:3d:90:
cd:d4:a1:20:db:46:1d:93:75:08:4e:34:89:36:54:
fb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:18:AB:24:65:9F:FD:E7:EF:06:35:29:AC:AC:A9:40:4B:D6:AC:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
06:4c:e7:06:f8:1d:60:7d:fe:98:bd:2e:23:6e:14:b8:e3:15:
be:48:94:4d:69:23:fa:88:79:e9:9f:95:85:5f:d5:ae:b9:51:
a2:ef:df:8e:8d:a0:3a:79:02:c1:d0:2d:8a:97:3a:66:a0:19:
8d:48:85:e1:cf:cc:23:60:ec:47:84:20:97:65:ee:c5:ac:17:
1e:23:c3:05:76:88:7b:3c:ee:f0:92:2d:63:0e:08:55:6f:67:
2e:03:f0:f9:ef:48:45:96:f0:5f:73:ac:07:6c:21:f5:e5:cc:
52:6e:bd:65:83:c0:c9:93:e3:15:ff:48:a7:5a:e4:45:e4:0c:
7c:99:85:00:b9:1a:36:c7:8b:be:2c:80:42:9a:1d:29:53:06:
7b:a6:44:d7:f0:e4:19:59:3f:5b:e4:89:35:6e:fa:2a:46:31:
c7:f2:6f:15:cd:53:4c:cb:29:15:f4:5d:74:53:ff:08:fd:61:
70:38:75:de:89:cd:e1:f9:76:5d:72:c9:2e:56:5a:ed:5c:fe:
d1:92:ac:b8:ba:9b:a9:c1:90:13:36:9f:72:fa:21:46:e7:3b:
1f:81:da:40:df:52:aa:38:5c:71:28:26:3f:c3:0f:3f:17:3c:
84:10:d8:4d:2b:b8:80:34:b6:50:37:39:ab:46:c2:07:26:e9:
75:0c:d7:26
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVO3vn56aZkuE0T54mWRyZ06BIGUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlMWQ5YmRhZjVmMjMyZDZmN2M5YjZhZjlkNzVhNTUxMmZlZTc4ZTg3OWFh
NWVkMmFkNDA0ZjYwYzU1MWM0YmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJp+M9AZSea9rlBxAqcBcIf3t4IejYRgOP95DawdadsLArBefXE2cusnUpQS
QVcm02a2s2YOlH2ZLNuxcKVm47mX9A8KOzOBVThi5KHyMhdEyUIAL7XSqft2Zelh
dAgcu6o9JFg/hfiq05FXlAj2Im4cz9FUVbviYhjWD9k0J8Jd5tLsTNb0VFgpYClL
9fDKbJYcb+KHa2GfBhSlqa/dzd9zbaZ/MogMzoDDrVgeJrNi1QFy2DuSczVCgaMv
+6dS9SC/3fjCCt01LGZOwJ0gYheS2JdnZrZmXq4iaHQxs5sWBc+oAe69GnRF43PI
jD2QzdShINtGHZN1CE40iTZU+4cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTPGKsk
ZZ/95+8GNSmsrKlAS9asijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQAGTOcG+B1gff6YvS4jbhS44xW+SJRNaSP6iHnpn5WF
X9WuuVGi79+OjaA6eQLB0C2KlzpmoBmNSIXhz8wjYOxHhCCXZe7FrBceI8MFdoh7
PO7wki1jDghVb2cuA/D570hFlvBfc6wHbCH15cxSbr1lg8DJk+MV/0inWuRF5Ax8
mYUAuRo2x4u+LIBCmh0pUwZ7pkTX8OQZWT9b5Ik1bvoqRjHH8m8VzVNMyykV9F10
U/8I/WFwOHXeic3h+XZdcskuVlrtXP7Rkqy4upupwZATNp9y+iFG5zsfgdpA31Kq
OFxxKCY/ww8/FzyEENhNK7iANLZQNzmrRsIHJul1DNcm
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:18 2025 by rpki-client