Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: fhzsSapoFsS1f6yRI7LdV2mA1FCUyW3g3FyIxe3Qve4=
Subject key identifier: A5:02:D2:35:A2:BE:55:06:BA:6D:18:24:42:AB:1C:28:3F:F8:AC:83
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 17145CFD6AE9F4FF8F2BBAFD1399F64552E6EF13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Fri 08 Aug 2025 00:40:18 +0000
ROA not before: Fri 08 Aug 2025 00:40:18 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:14:5c:fd:6a:e9:f4:ff:8f:2b:ba:fd:13:99:f6:45:52:e6:ef:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:18 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=cf7528167fed6f1e691564430a4a7f55d1cc837db83ad45071273fd9b0b03e44, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f7:b6:e9:7c:e0:d3:23:21:bf:76:f0:14:49:
b3:62:90:82:ee:cd:fd:7b:b9:91:d2:26:85:31:af:
43:47:73:dd:87:ef:0e:4b:ae:a5:73:db:0b:79:90:
14:31:01:81:c4:c7:19:44:90:f9:9e:25:04:09:59:
80:e1:40:63:65:1f:56:49:dd:3a:b7:08:3b:cb:5b:
bd:e7:0b:d1:41:c4:2c:89:08:43:43:b3:2b:5e:6c:
91:f3:d7:8f:74:a1:95:6b:5c:7f:85:d2:6c:d5:3c:
bb:09:58:64:17:6b:2d:a0:cb:47:ed:41:99:2b:72:
f7:f1:20:d7:80:20:6a:5e:80:bc:38:f2:80:91:96:
a9:9c:2a:cb:3b:8f:2c:c5:83:40:25:3e:a0:be:15:
7d:93:42:cd:eb:94:f5:b2:7b:72:66:bc:a0:0a:25:
e9:b6:a4:ab:ad:da:d8:1a:74:c0:82:43:94:00:e4:
c8:62:a4:26:90:9e:6f:81:9c:0d:c5:6d:8a:5b:13:
21:cb:5b:f2:a7:a7:f3:9f:cf:ee:fe:e5:c3:61:f0:
7f:55:b0:a7:a7:fc:3f:30:fa:b4:11:40:72:ad:4b:
8b:b2:17:c1:11:af:dd:dd:53:20:f4:56:91:7f:9e:
de:b0:7a:37:35:dd:53:d7:6f:f2:08:2b:d2:2b:90:
17:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:02:D2:35:A2:BE:55:06:BA:6D:18:24:42:AB:1C:28:3F:F8:AC:83
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:a0:1c:14:45:ae:3f:1a:ac:10:cb:37:43:4a:44:72:f8:88:
53:ad:6c:a0:99:b5:1a:6b:de:15:0d:f8:01:82:a8:aa:3d:99:
50:74:e4:69:de:72:f9:55:bb:f3:53:7a:4d:71:72:6c:d0:94:
35:7a:77:e5:15:ed:f0:b7:2e:e7:b7:e8:60:69:a6:ae:95:b4:
d0:c3:48:95:ec:0e:fd:b6:7a:8d:4f:05:41:43:5f:7a:96:f6:
5e:53:6b:90:08:04:e4:ca:c0:46:8e:ed:75:d2:ab:52:48:50:
bf:bb:60:8f:b1:54:d2:a4:5f:05:48:55:50:8a:a3:e5:df:ce:
19:27:7d:bd:1a:46:8c:23:f3:36:83:0a:26:33:a6:1b:02:dc:
eb:b3:85:94:d6:a6:33:fa:33:8d:b3:45:b8:3c:ed:7c:92:f6:
d2:bf:54:7d:d5:36:0a:69:1c:16:37:70:7b:0f:33:72:28:96:
a9:c8:3e:b0:96:2a:e6:72:67:c9:bb:0f:e1:c2:22:e2:60:c8:
98:32:85:09:7b:c1:04:30:76:8c:7d:be:fe:6c:4b:26:a7:b1:
ba:a0:d8:fb:72:80:b9:2c:da:fc:5b:d7:29:84:15:ea:1f:d6:
8b:da:b4:d1:02:7e:de:2f:5f:77:4a:3b:f4:16:59:1f:2d:a6:
a8:55:76:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFxRc/Wrp9P+PK7r9E5n2RVLm7xMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMThaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNzUyODE2N2ZlZDZmMWU2OTE1NjQ0MzBhNGE3ZjU1ZDFjYzgzN2RiODNh
ZDQ1MDcxMjczZmQ5YjBiMDNlNDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIr3tul84NMjIb928BRJs2KQgu7N/Xu5kdImhTGvQ0dz3YfvDkuupXPbC3mQ
FDEBgcTHGUSQ+Z4lBAlZgOFAY2UfVkndOrcIO8tbvecL0UHELIkIQ0OzK15skfPX
j3ShlWtcf4XSbNU8uwlYZBdrLaDLR+1BmSty9/Eg14Agal6AvDjygJGWqZwqyzuP
LMWDQCU+oL4VfZNCzeuU9bJ7cma8oAol6bakq63a2Bp0wIJDlADkyGKkJpCeb4Gc
DcVtilsTIctb8qen85/P7v7lw2Hwf1Wwp6f8PzD6tBFAcq1Li7IXwRGv3d1TIPRW
kX+e3rB6NzXdU9dv8ggr0iuQF1cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSlAtI1
or5VBrptGCRCqxwoP/isgzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQBroBwURa4/GqwQyzdDSkRy+IhTrWygmbUaa94VDfgB
gqiqPZlQdORp3nL5VbvzU3pNcXJs0JQ1enflFe3wty7nt+hgaaaulbTQw0iV7A79
tnqNTwVBQ196lvZeU2uQCATkysBGju110qtSSFC/u2CPsVTSpF8FSFVQiqPl384Z
J329GkaMI/M2gwomM6YbAtzrs4WU1qYz+jONs0W4PO18kvbSv1R91TYKaRwWN3B7
DzNyKJapyD6wlirmcmfJuw/hwiLiYMiYMoUJe8EEMHaMfb7+bEsmp7G6oNj7coC5
LNr8W9cphBXqH9aL2rTRAn7eL193Sjv0FlkfLaaoVXaG
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:08 2025 by rpki-client