Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: 7/NxUt5gcsxdaYuddnQbBiQ4jLXm38nLObx3M4GmVnQ=
Subject key identifier: 04:8C:DA:79:32:83:95:8D:73:A2:71:F3:D9:1A:97:14:6E:EF:0E:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7226908F6FF9F49372F167E58B0644D937437329
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Tue 05 Aug 2025 20:30:34 +0000
ROA not before: Tue 05 Aug 2025 20:30:34 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:26:90:8f:6f:f9:f4:93:72:f1:67:e5:8b:06:44:d9:37:43:73:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:34 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2509b265a68ca3b2ded17a2c540e9bdb39a7d949d3f3561317bcc14a84d3e16b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f8:99:fe:30:c2:55:f4:23:e2:6f:0d:d9:56:
e3:19:1c:f0:74:3f:42:81:7e:df:9d:57:9c:95:15:
59:8e:b8:a9:b5:e5:11:ca:d8:fb:17:12:69:dc:54:
31:b9:ae:08:33:18:e2:b0:b8:00:c4:09:36:64:f3:
db:c0:3f:9e:f8:b5:ec:7f:ee:6b:da:3c:9e:b1:bf:
b8:eb:49:eb:6f:92:c1:e0:48:6a:68:a6:dd:9c:6c:
fe:bd:da:26:07:ac:5e:f2:fd:35:5d:49:0f:a2:ad:
96:3d:b0:1b:a4:98:4e:f8:a5:33:64:c8:67:06:51:
92:39:a2:d7:88:1c:17:a9:bd:f9:57:6f:5a:3a:27:
a3:5a:74:05:7e:7b:b3:22:37:b3:5e:80:a1:26:92:
47:aa:88:67:e2:2a:3e:aa:3e:11:66:ad:50:b0:45:
36:77:8b:b9:f8:a4:67:d7:50:65:48:a9:4a:be:b3:
99:75:46:07:a1:cc:23:18:f8:c7:1b:4f:09:e0:81:
b9:b2:58:72:40:a7:81:a5:4e:62:c2:e9:26:b4:87:
01:7b:5e:e3:08:23:5b:5e:3d:37:9e:b4:2e:06:94:
b9:c8:ad:35:53:c4:df:f4:27:4b:6c:f5:78:71:87:
2c:c4:5e:bc:69:4a:78:a7:04:ac:59:57:e3:97:fe:
b9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8C:DA:79:32:83:95:8D:73:A2:71:F3:D9:1A:97:14:6E:EF:0E:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:b0:df:3a:fa:45:94:90:3f:13:c1:36:57:98:b3:9c:80:f2:
da:f1:a3:50:fe:8f:06:27:1c:21:0d:a3:9f:b2:a2:14:ed:6a:
e6:19:bc:2a:a0:f7:3e:0e:02:81:13:69:3c:ec:b8:58:b0:cf:
db:48:f9:8f:0c:4a:5e:6b:00:57:2b:c0:ce:fd:fd:7b:b6:24:
8f:27:38:21:72:44:19:06:af:4c:7f:9f:a4:31:5a:1d:98:f4:
1e:42:91:22:90:76:bc:02:59:5c:cf:44:a1:2e:d4:06:2c:70:
2e:3e:54:5f:03:02:46:b7:6e:13:d6:58:c6:f0:d0:81:fa:a3:
80:4c:ea:d5:b3:91:52:ed:e8:88:f6:da:1d:6c:f5:5c:b1:3a:
c3:2b:50:f0:52:c4:d6:3e:b8:30:70:b1:ba:f7:73:6d:ef:d7:
f4:0f:e7:72:35:66:e9:ee:45:24:7e:c2:e0:9f:15:69:2b:11:
4d:8f:4b:7c:6d:08:ab:85:b3:0a:08:0b:68:71:11:b1:3e:08:
3f:93:35:f0:81:6c:d0:d5:2b:80:88:6a:af:a4:74:c0:1a:a4:
a9:35:df:67:ee:5d:fb:6b:6c:c2:8a:b7:a8:55:ff:c1:ef:3a:
57:72:c6:57:4c:0f:cd:cf:db:b9:b4:47:f3:3c:27:52:0e:eb:
f7:93:fe:98
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUciaQj2/59JNy8WfliwZE2TdDcykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMzRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MDliMjY1YTY4Y2EzYjJkZWQxN2EyYzU0MGU5YmRiMzlhN2Q5NDlkM2Yz
NTYxMzE3YmNjMTRhODRkM2UxNmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALP4mf4wwlX0I+JvDdlW4xkc8HQ/QoF+351XnJUVWY64qbXlEcrY+xcSadxU
MbmuCDMY4rC4AMQJNmTz28A/nvi17H/ua9o8nrG/uOtJ62+SweBIamim3Zxs/r3a
JgesXvL9NV1JD6Ktlj2wG6SYTvilM2TIZwZRkjmi14gcF6m9+VdvWjono1p0BX57
syI3s16AoSaSR6qIZ+IqPqo+EWatULBFNneLufikZ9dQZUipSr6zmXVGB6HMIxj4
xxtPCeCBubJYckCngaVOYsLpJrSHAXte4wgjW149N560LgaUucitNVPE3/QnS2z1
eHGHLMRevGlKeKcErFlX45f+uSECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQEjNp5
MoOVjXOicfPZGpcUbu8OUTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQA7sN86+kWUkD8TwTZXmLOcgPLa8aNQ/o8GJxwhDaOf
sqIU7WrmGbwqoPc+DgKBE2k87LhYsM/bSPmPDEpeawBXK8DO/f17tiSPJzghckQZ
Bq9Mf5+kMVodmPQeQpEikHa8Allcz0ShLtQGLHAuPlRfAwJGt24T1ljG8NCB+qOA
TOrVs5FS7eiI9todbPVcsTrDK1DwUsTWPrgwcLG693Nt79f0D+dyNWbp7kUkfsLg
nxVpKxFNj0t8bQirhbMKCAtocRGxPgg/kzXwgWzQ1SuAiGqvpHTAGqSpNd9n7l37
a2zCireoVf/B7zpXcsZXTA/Nz9u5tEfzPCdSDuv3k/6Y
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:12 2025 by rpki-client