Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: oZDglaLRSasjJ8Uy5sqTWbv9yZUj3A3q8ye+nX3Td1o=
Subject key identifier: FF:5C:E1:69:F8:47:02:64:23:54:F9:24:6C:8C:93:07:18:25:F2:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4136DC5ABD33FB20EFF662109349C025C215A930
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Fri 15 Aug 2025 15:50:47 +0000
ROA not before: Fri 15 Aug 2025 15:50:47 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:36:dc:5a:bd:33:fb:20:ef:f6:62:10:93:49:c0:25:c2:15:a9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:47 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=7af5da8dd71bfb601d70ebb44e60ec4f8becf9c15cad52abb4e1416e2db304c2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bc:f6:ca:7f:80:06:01:26:bb:2b:dd:b1:2d:
fc:ec:a8:7b:56:10:f9:5c:aa:f6:d1:57:39:5e:78:
87:9a:99:f3:8a:0f:d6:ab:9b:f6:19:cf:65:36:03:
73:e7:81:13:09:c3:e2:0a:b4:bd:44:41:2d:59:6e:
e4:1c:03:72:b6:db:7f:fa:c6:77:80:05:33:0a:dc:
1b:13:b4:ec:09:c9:b8:e7:09:b8:07:c5:d9:0a:8b:
b1:7e:c7:6f:75:e8:8e:8f:4e:8a:88:a6:18:96:f5:
85:95:5c:fc:1b:47:ea:6b:81:c3:e3:07:b9:3f:d6:
88:db:bf:79:2a:85:87:30:ed:8a:6c:b1:44:49:82:
f3:5c:08:a2:51:5c:56:53:22:5b:d8:e4:de:64:6d:
88:e3:aa:7e:c1:a0:b5:03:e5:b4:3d:ab:00:59:8c:
b1:4c:38:30:f1:52:b2:4e:03:d8:75:c3:7e:1c:5d:
d6:1c:08:48:07:8e:31:e0:0d:82:24:5d:3c:67:fe:
cb:ac:9d:b9:8b:c5:d2:45:ab:56:25:e7:fd:07:c7:
44:11:39:f3:5e:13:c9:01:60:2a:68:ec:22:77:28:
7e:27:40:35:52:6d:50:6a:e8:2d:6c:db:df:f4:7d:
f1:35:d0:f7:a0:2c:59:e5:29:74:74:ea:29:ba:77:
be:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5C:E1:69:F8:47:02:64:23:54:F9:24:6C:8C:93:07:18:25:F2:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
26:21:a9:5e:2c:8d:65:16:de:37:67:d7:67:f6:39:43:95:76:
42:89:d5:f8:8d:53:bc:75:69:fb:e9:bb:9e:1d:5e:50:ea:d0:
3f:ed:02:b9:55:61:d6:ad:6a:8b:21:56:64:45:be:0d:8f:fd:
69:55:8b:ac:23:1f:e0:38:b0:95:36:9e:7f:1f:46:90:4c:34:
9d:dd:ae:3f:77:c6:c1:e1:8b:b2:71:e5:f4:13:32:60:5f:7d:
c6:77:44:a3:1f:ba:bf:c4:9b:dc:76:51:7a:19:b2:a1:73:3c:
26:19:a8:9b:af:03:e5:d1:f9:fa:d9:b8:71:65:97:c8:41:4a:
b7:80:09:70:26:a7:f7:d4:ee:c1:32:34:bf:c9:ab:dd:f1:98:
4b:ec:32:91:45:93:85:38:a3:ae:19:97:4f:3e:19:5d:89:69:
07:d1:0e:c1:ef:be:71:9c:ed:32:27:48:9d:1c:7b:90:80:16:
a2:ee:5b:71:28:92:81:19:69:6b:66:da:a8:c8:e9:b3:ed:1c:
49:2f:c8:b0:21:64:e5:53:0c:b6:48:05:ca:59:c7:c4:26:98:
3f:1e:4d:9c:61:1c:db:3b:48:bc:bb:2c:d5:4e:9c:cd:81:a7:
a0:6c:52:31:70:6e:61:93:1c:39:eb:91:8c:79:e5:4e:eb:1f:
a6:5a:37:d8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQTbcWr0z+yDv9mIQk0nAJcIVqTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNDdaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZjVkYThkZDcxYmZiNjAxZDcwZWJiNDRlNjBlYzRmOGJlY2Y5YzE1Y2Fk
NTJhYmI0ZTE0MTZlMmRiMzA0YzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJG89sp/gAYBJrsr3bEt/Oyoe1YQ+Vyq9tFXOV54h5qZ84oP1qub9hnPZTYD
c+eBEwnD4gq0vURBLVlu5BwDcrbbf/rGd4AFMwrcGxO07AnJuOcJuAfF2QqLsX7H
b3Xojo9OioimGJb1hZVc/BtH6muBw+MHuT/WiNu/eSqFhzDtimyxREmC81wIolFc
VlMiW9jk3mRtiOOqfsGgtQPltD2rAFmMsUw4MPFSsk4D2HXDfhxd1hwISAeOMeAN
giRdPGf+y6yduYvF0kWrViXn/QfHRBE5814TyQFgKmjsIncofidANVJtUGroLWzb
3/R98TXQ96AsWeUpdHTqKbp3vjcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/XOFp
+EcCZCNU+SRsjJMHGCXySTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQAmIaleLI1lFt43Z9dn9jlDlXZCidX4jVO8dWn76bue
HV5Q6tA/7QK5VWHWrWqLIVZkRb4Nj/1pVYusIx/gOLCVNp5/H0aQTDSd3a4/d8bB
4YuyceX0EzJgX33Gd0SjH7q/xJvcdlF6GbKhczwmGaibrwPl0fn62bhxZZfIQUq3
gAlwJqf31O7BMjS/yavd8ZhL7DKRRZOFOKOuGZdPPhldiWkH0Q7B775xnO0yJ0id
HHuQgBai7ltxKJKBGWlrZtqoyOmz7RxJL8iwIWTlUwy2SAXKWcfEJpg/Hk2cYRzb
O0i8uyzVTpzNgaegbFIxcG5hkxw565GMeeVO6x+mWjfY
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:18 2025 by rpki-client