Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
File: a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa (raw, json)
Hash identifier: u7st9/H9E3k7KkUW/J+rFOESh9c8yp/F3q6+Rz2j0jI=
Subject key identifier: 73:D4:65:D3:FB:53:29:C1:7D:8B:0A:37:79:F4:72:59:C1:64:77:61
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1815CA6AF830A163B4ACA47AE64255D0BAE6DDF9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
Signing time: Fri 08 Aug 2025 00:41:01 +0000
ROA not before: Fri 08 Aug 2025 00:41:01 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:15:ca:6a:f8:30:a1:63:b4:ac:a4:7a:e6:42:55:d0:ba:e6:dd:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:41:01 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=bfce4d035c5e76fb2e8824ba18269e57ed65bef882bbf799a4745b7c4b4cc503, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:bd:72:e7:6c:2e:cb:6d:23:2a:ab:6a:28:
ce:a8:fe:52:c2:74:00:28:5c:e5:bb:ba:d5:12:fe:
eb:5d:4c:e7:38:ce:01:da:bb:d3:44:5e:ec:99:96:
f1:35:5d:0c:fc:0c:bd:dd:8a:5e:26:68:2b:79:dc:
9e:63:9a:53:f7:36:03:6d:63:4d:87:a7:8f:56:fc:
ed:a1:4f:5c:15:80:06:e3:0a:17:42:45:9a:34:2d:
8d:cd:ae:30:19:35:cb:8f:e7:f1:83:31:31:df:ee:
1d:31:06:84:9f:aa:64:d8:8d:a7:c3:d4:17:dd:0f:
6d:a0:fc:68:b4:4e:c1:71:09:a1:c1:6a:ca:b6:e4:
86:80:53:e3:09:c2:14:b8:b8:3b:47:b2:98:5a:2d:
fd:58:06:22:64:a4:86:5f:26:3d:97:6f:99:a9:e6:
27:7d:05:54:d0:e9:fb:bc:e4:11:eb:b8:e9:31:a6:
b5:a3:3b:35:8b:93:47:32:a8:57:b5:f5:07:1b:3d:
45:bb:d9:65:75:d2:55:a3:cf:90:12:fa:56:c2:00:
9b:07:28:97:d0:0b:40:7b:90:30:c4:20:bd:aa:5f:
59:c7:99:4c:63:60:d9:63:9f:4a:d4:36:52:a6:3e:
0e:a0:76:b7:1c:91:c0:f9:2e:97:ee:07:b1:5d:89:
c0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D4:65:D3:FB:53:29:C1:7D:8B:0A:37:79:F4:72:59:C1:64:77:61
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a0:55:63:d1:76:64:a9:db:20:d0:13:52:ee:7e:03:c2:bc:19:
c9:67:14:70:b6:17:95:11:27:a1:9c:06:4c:08:f5:c3:03:dd:
27:a7:a5:2c:fc:c9:9f:87:76:11:92:d0:f8:d8:07:57:73:1f:
1d:4e:08:4b:76:31:db:9d:57:bf:07:97:b4:0a:d0:4d:a2:9e:
31:8c:5c:98:f9:e7:5e:5e:0f:ed:d0:c5:67:c9:15:27:08:4a:
5c:20:a1:a9:d3:19:b9:01:ef:75:89:c8:62:0d:d5:4a:88:e3:
d5:37:25:fc:ae:07:44:cb:8b:6b:14:4a:17:e4:f1:b8:ab:b6:
37:2f:4e:9f:ad:da:b1:d4:2a:6d:c3:c4:92:18:d7:98:c5:49:
0f:40:3d:3d:d0:52:83:0d:9d:6a:97:86:06:46:48:fb:7b:cb:
43:d1:aa:cd:b4:5a:93:0e:40:db:3d:f2:03:01:e5:1e:f0:b3:
e1:0b:77:ee:52:a1:2a:d8:2d:dc:1b:0e:77:3f:b9:9f:04:43:
6f:c3:3d:fc:88:17:d5:94:01:aa:a1:ef:7e:4d:e9:d3:7f:59:
56:fa:50:aa:80:be:32:d6:63:3c:16:b3:fc:27:71:25:3c:a3:
ee:42:fe:2c:31:f7:5b:7b:76:66:68:00:23:75:ab:e3:0b:d5:
2e:3d:48:24
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGBXKavgwoWO0rKR65kJV0Lrm3fkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQxMDFaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmY2U0ZDAzNWM1ZTc2ZmIyZTg4MjRiYTE4MjY5ZTU3ZWQ2NWJlZjg4MmJi
Zjc5OWE0NzQ1YjdjNGI0Y2M1MDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALl9vXLnbC7LbSMqq2oozqj+UsJ0AChc5bu61RL+611M5zjOAdq700Re7JmW
8TVdDPwMvd2KXiZoK3ncnmOaU/c2A21jTYenj1b87aFPXBWABuMKF0JFmjQtjc2u
MBk1y4/n8YMxMd/uHTEGhJ+qZNiNp8PUF90PbaD8aLROwXEJocFqyrbkhoBT4wnC
FLi4O0eymFot/VgGImSkhl8mPZdvmanmJ30FVNDp+7zkEeu46TGmtaM7NYuTRzKo
V7X1Bxs9RbvZZXXSVaPPkBL6VsIAmwcol9ALQHuQMMQgvapfWceZTGNg2WOfStQ2
UqY+DqB2txyRwPkul+4HsV2JwKECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRz1GXT
+1MpwX2LCjd59HJZwWR3YTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFiMjdlODctODAxZi00YzllLTk4YTItZjgxYjU0ZThiOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQCgVWPRdmSp2yDQE1LufgPCvBnJZxRwtheVESehnAZM
CPXDA90np6Us/Mmfh3YRktD42AdXcx8dTghLdjHbnVe/B5e0CtBNop4xjFyY+ede
Xg/t0MVnyRUnCEpcIKGp0xm5Ae91ichiDdVKiOPVNyX8rgdEy4trFEoX5PG4q7Y3
L06frdqx1Cptw8SSGNeYxUkPQD090FKDDZ1ql4YGRkj7e8tD0arNtFqTDkDbPfID
AeUe8LPhC3fuUqEq2C3cGw53P7mfBENvwz38iBfVlAGqoe9+TenTf1lW+lCqgL4y
1mM8FrP8J3ElPKPuQv4sMfdbe3ZmaAAjdavjC9UuPUgk
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:24 2025 by rpki-client