Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: q+5YM734QOanuo7hTQVxclWyQE3ne+1S9blQ4U92/0E=
Subject key identifier: 6A:4C:EA:8C:C7:9F:C7:02:B3:03:6F:D7:3F:63:69:AF:C9:E6:61:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E8A87F525D44B558C9DDA285BF465FA486EFD84
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Mon 01 Sep 2025 21:40:16 +0000
ROA not before: Mon 01 Sep 2025 21:40:16 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:8a:87:f5:25:d4:4b:55:8c:9d:da:28:5b:f4:65:fa:48:6e:fd:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:40:16 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a61484bfbe0255fc781d1f9013721b81aa2a099f3849f7649cf4d0b164eca7bf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e4:7f:14:e9:65:ce:4f:fd:76:b5:b0:ad:80:
1b:a3:6b:2a:34:fd:fd:62:ad:0f:d9:90:81:d8:be:
92:af:e8:93:1a:7c:4f:4a:f2:e9:a6:36:ae:ff:78:
3f:27:30:32:7c:f9:8d:9b:57:eb:97:5b:19:6a:53:
4d:f8:2d:11:03:b9:99:b8:10:a7:3c:77:f8:63:4f:
ec:fc:4a:ba:a3:66:4e:67:25:c5:23:89:b3:e3:e0:
14:85:5a:3e:3e:0f:62:a1:76:19:0b:07:e8:52:bc:
b5:66:00:92:60:39:c4:d0:d5:ae:51:a0:bd:80:71:
85:f4:59:92:c6:bb:51:0d:07:88:4c:54:5b:65:b0:
31:eb:15:a6:a0:b1:f4:f9:29:3f:5c:3c:be:12:98:
85:ba:65:10:e2:3f:18:23:1e:77:b9:13:1a:d7:c1:
a3:67:6f:28:55:76:7f:9b:49:93:a4:65:bc:d8:57:
68:dc:a9:a5:f9:ca:6f:63:12:b2:7f:a9:f3:27:11:
46:61:94:b2:0b:ab:66:5a:bc:da:3b:ac:2d:8d:34:
70:62:9c:ca:db:81:f6:5b:4e:6a:5c:f0:e2:6a:1f:
b9:8c:1e:59:f3:2f:aa:64:68:e9:19:70:84:e8:f4:
89:a4:bd:00:4b:0b:f1:e2:49:14:0f:49:69:98:42:
a5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4C:EA:8C:C7:9F:C7:02:B3:03:6F:D7:3F:63:69:AF:C9:E6:61:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:62:da:e8:43:83:48:37:df:6a:ed:3c:ab:d0:77:7e:0b:73:
24:dc:8b:c9:10:c3:5f:01:a8:5d:f4:1f:9e:97:e2:7a:9f:14:
cf:28:07:fc:e2:f9:0b:dc:40:63:75:1b:3f:ff:54:d5:59:3e:
ff:b0:7c:59:ec:e2:4c:dc:35:cf:88:de:e9:5b:36:1f:85:dd:
3f:47:50:cb:15:9e:ed:28:9c:3d:6c:21:02:d6:38:4e:43:2d:
a7:b1:bb:fc:e9:8b:3f:db:61:87:06:49:67:bf:91:09:1a:49:
cb:a7:32:19:41:98:3a:64:0b:bd:87:e8:ed:e1:2a:14:e8:13:
ed:b0:e1:ba:80:b7:0e:45:23:ce:b7:58:16:dd:5b:ab:4c:83:
10:c6:57:0e:86:ea:7b:04:41:88:2f:5b:2f:5c:9f:27:53:4e:
c1:80:6b:83:d3:41:54:69:d6:38:41:74:d3:f3:ee:01:ea:19:
01:7d:b4:b8:6c:80:43:70:bc:48:02:18:42:dd:ce:22:da:44:
b9:c1:85:e6:f5:f0:fd:fa:80:fd:63:39:76:87:b9:e5:0c:b7:
6f:9d:1c:4c:09:2b:ba:c4:fc:a1:88:4f:2a:3a:bf:29:0d:e0:
57:bc:8e:a2:28:d1:21:9b:7d:c3:0e:11:b1:23:c8:f6:c4:a1:
bd:99:2b:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHoqH9SXUS1WMndooW/Rl+khu/YQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTQwMTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2MTQ4NGJmYmUwMjU1ZmM3ODFkMWY5MDEzNzIxYjgxYWEyYTA5OWYzODQ5
Zjc2NDljZjRkMGIxNjRlY2E3YmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTkfxTpZc5P/Xa1sK2AG6NrKjT9/WKtD9mQgdi+kq/okxp8T0ry6aY2rv94
PycwMnz5jZtX65dbGWpTTfgtEQO5mbgQpzx3+GNP7PxKuqNmTmclxSOJs+PgFIVa
Pj4PYqF2GQsH6FK8tWYAkmA5xNDVrlGgvYBxhfRZksa7UQ0HiExUW2WwMesVpqCx
9PkpP1w8vhKYhbplEOI/GCMed7kTGtfBo2dvKFV2f5tJk6RlvNhXaNyppfnKb2MS
sn+p8ycRRmGUsgurZlq82jusLY00cGKcytuB9ltOalzw4mofuYweWfMvqmRo6Rlw
hOj0iaS9AEsL8eJJFA9JaZhCpWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqTOqM
x5/HArMDb9c/Y2mvyeZhATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQCUYtroQ4NIN99q7Tyr0Hd+C3Mk3IvJEMNfAahd9B+e
l+J6nxTPKAf84vkL3EBjdRs//1TVWT7/sHxZ7OJM3DXPiN7pWzYfhd0/R1DLFZ7t
KJw9bCEC1jhOQy2nsbv86Ys/22GHBklnv5EJGknLpzIZQZg6ZAu9h+jt4SoU6BPt
sOG6gLcORSPOt1gW3VurTIMQxlcOhup7BEGIL1svXJ8nU07BgGuD00FUadY4QXTT
8+4B6hkBfbS4bIBDcLxIAhhC3c4i2kS5wYXm9fD9+oD9Yzl2h7nlDLdvnRxMCSu6
xPyhiE8qOr8pDeBXvI6iKNEhm33DDhGxI8j2xKG9mStt
-----END CERTIFICATE-----
Generated at Tue Sep 16 09:46:10 2025 by rpki-client