Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: JXT4IAhqME5Q91TRSwJgmjed3VMjskPMbrOERaRT3GQ=
Subject key identifier: FD:BE:E8:75:51:58:74:FF:54:CB:CA:70:B2:1F:D1:3F:FC:2A:E4:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7AF2A11C016F63D562A3A0A3A762422CBDC3A5A1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Fri 15 Aug 2025 15:50:50 +0000
ROA not before: Fri 15 Aug 2025 15:50:50 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:f2:a1:1c:01:6f:63:d5:62:a3:a0:a3:a7:62:42:2c:bd:c3:a5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:50 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=a5a4fb732e089b984aa5ffc9377d34718650e83a91a049b0154277339f8fb07b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:63:d0:3d:23:1e:84:05:24:21:d2:1a:d9:e8:
6b:53:d9:18:dc:11:c5:07:4c:c6:2b:cb:1a:3c:28:
76:66:c8:28:0e:13:16:0f:56:3e:8a:56:5e:3a:77:
f6:a8:f4:37:c1:00:f5:fb:2c:02:18:c8:a6:fd:f8:
17:75:42:4f:47:c4:c0:6d:ad:85:8c:aa:da:f5:82:
b9:9f:df:f9:b4:24:73:9b:8a:83:92:00:8b:e7:3b:
79:e3:cf:4d:21:90:bd:d4:49:a9:f8:b1:21:d4:bf:
ba:b5:12:1c:71:f5:eb:e4:dc:d7:51:15:14:52:f2:
e7:98:5b:c2:a5:92:b6:c0:9b:a8:a3:c5:37:bb:30:
f6:04:06:12:29:ba:5e:7f:81:d3:41:71:03:f0:58:
ce:88:e3:9a:eb:11:1e:c4:f5:07:0e:2f:a9:68:4a:
59:5b:d8:32:5d:92:48:d1:96:ce:81:c9:66:09:e6:
f7:7d:d7:f2:16:4c:a8:16:a9:dc:d6:85:87:0f:e3:
a0:0a:47:81:ae:f2:d0:8c:bc:85:0e:f5:26:d8:ee:
6c:a5:04:99:08:ea:2d:92:87:14:8e:e5:1f:df:72:
71:4f:e0:86:34:9c:de:d7:d4:58:95:9f:fe:29:45:
3d:54:b8:57:f7:a8:84:d3:28:df:61:2d:db:c9:d2:
13:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BE:E8:75:51:58:74:FF:54:CB:CA:70:B2:1F:D1:3F:FC:2A:E4:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:da:6e:70:1b:db:89:e9:ab:78:42:f6:dc:01:65:85:4d:10:
1b:02:68:c6:12:4b:06:ce:48:4d:cd:aa:45:00:9f:a3:5c:66:
e3:88:cc:4a:f9:52:d4:8b:8c:c1:83:1a:8d:9c:23:12:20:5c:
84:17:a0:e7:cb:99:87:6e:b6:eb:9a:bc:47:d0:ee:42:ba:e5:
f0:86:e9:77:85:cc:91:99:bf:5b:f3:65:c0:79:11:32:81:d5:
69:b7:b1:3e:4d:7e:13:33:69:2b:16:f4:11:6e:77:29:00:e6:
63:25:3d:29:b8:ef:24:23:c7:ba:02:da:0e:93:d3:cb:07:60:
13:f8:4d:83:e1:15:8b:ba:27:6a:cf:5f:34:29:7a:24:04:3e:
aa:99:6c:d8:4f:a5:d5:b1:c0:ad:42:0f:23:29:c0:b4:0a:a5:
b6:27:03:71:97:97:e1:bc:59:a2:a9:49:16:26:75:11:f5:e8:
1e:56:9f:55:93:cf:e3:c3:8e:74:af:43:36:6b:4f:ce:e3:35:
85:d4:d7:3e:fb:c8:f6:ba:31:67:d8:c3:25:c8:37:73:d4:e2:
cb:e4:7d:a1:a5:fd:e8:fb:e0:82:39:19:d2:80:5f:2c:a1:f5:
86:09:df:97:3c:fc:36:97:80:91:68:b1:9f:c0:d2:cb:e9:19:
0a:5d:48:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUevKhHAFvY9Vio6Cjp2JCLL3DpaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNTBaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1YTRmYjczMmUwODliOTg0YWE1ZmZjOTM3N2QzNDcxODY1MGU4M2E5MWEw
NDliMDE1NDI3NzMzOWY4ZmIwN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBj0D0jHoQFJCHSGtnoa1PZGNwRxQdMxivLGjwodmbIKA4TFg9WPopWXjp3
9qj0N8EA9fssAhjIpv34F3VCT0fEwG2thYyq2vWCuZ/f+bQkc5uKg5IAi+c7eePP
TSGQvdRJqfixIdS/urUSHHH16+Tc11EVFFLy55hbwqWStsCbqKPFN7sw9gQGEim6
Xn+B00FxA/BYzojjmusRHsT1Bw4vqWhKWVvYMl2SSNGWzoHJZgnm933X8hZMqBap
3NaFhw/joApHga7y0Iy8hQ71JtjubKUEmQjqLZKHFI7lH99ycU/ghjSc3tfUWJWf
/ilFPVS4V/eohNMo32Et28nSE60CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT9vuh1
UVh0/1TLynCyH9E//Crk+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQAo2m5wG9uJ6at4QvbcAWWFTRAbAmjGEksGzkhNzapF
AJ+jXGbjiMxK+VLUi4zBgxqNnCMSIFyEF6Dny5mHbrbrmrxH0O5CuuXwhul3hcyR
mb9b82XAeREygdVpt7E+TX4TM2krFvQRbncpAOZjJT0puO8kI8e6AtoOk9PLB2AT
+E2D4RWLuidqz180KXokBD6qmWzYT6XVscCtQg8jKcC0CqW2JwNxl5fhvFmiqUkW
JnUR9egeVp9Vk8/jw450r0M2a0/O4zWF1Nc++8j2ujFn2MMlyDdz1OLL5H2hpf3o
++CCORnSgF8sofWGCd+XPPw2l4CRaLGfwNLL6RkKXUgB
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:49:52 2025 by rpki-client