Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: GKKpa+Smr3QzN82kEgYVAba8ODKu1AMDtH8F/mNvNws=
Subject key identifier: 68:E6:69:A6:91:84:F9:6B:C8:E8:33:2B:F0:B3:7C:84:DB:F4:B4:EF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26B157198A7E7760F28332118C3DC23BC9C27CEE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Fri 08 Aug 2025 00:40:11 +0000
ROA not before: Fri 08 Aug 2025 00:40:11 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:b1:57:19:8a:7e:77:60:f2:83:32:11:8c:3d:c2:3b:c9:c2:7c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:11 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=8eaeaec3ffccb78a39b3d67fbf3b18a4f6ccfcee6363c66342b47b915c408d23, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bb:db:36:b1:e0:c9:56:12:be:50:62:0c:42:
b8:e6:37:78:5b:7f:77:23:32:c5:7e:24:8f:fc:d0:
93:75:f1:4c:ab:c3:dc:5e:29:4e:a2:62:96:a9:9f:
5d:0c:3a:b8:9d:8d:da:1e:8e:69:c5:4b:67:6f:0f:
28:06:36:1f:e8:59:c4:32:ea:e0:22:9b:37:5a:4d:
5c:54:93:dc:13:10:85:09:f0:ff:df:6d:44:c7:b8:
16:40:6e:e9:72:2a:01:4a:30:f6:d9:c5:04:e9:9d:
f3:24:50:4c:03:79:2a:e7:8f:c6:cf:31:59:a3:b4:
e9:1f:1c:43:44:5d:b6:82:52:5c:52:78:8c:54:63:
9f:07:32:05:a9:e0:8a:8f:03:5c:68:e3:fc:e7:13:
e0:21:db:40:b1:66:af:6f:4a:f8:95:f4:34:80:db:
bc:82:d8:fd:ff:d9:c3:86:fb:0c:23:ed:47:b3:e8:
c2:1a:52:cf:ed:c4:08:3f:51:94:6d:1a:df:51:76:
55:63:90:86:1f:e8:26:cc:22:59:80:c7:64:f6:d7:
65:18:f2:22:e6:02:c9:42:ab:1a:d3:da:e2:95:ef:
d4:63:a2:58:64:ce:df:8a:0a:72:3e:1f:07:19:a6:
90:20:3a:5a:fc:14:12:b4:86:33:a0:b7:86:ee:57:
b7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E6:69:A6:91:84:F9:6B:C8:E8:33:2B:F0:B3:7C:84:DB:F4:B4:EF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
be:5e:da:94:a4:df:45:67:88:d4:6e:9a:30:04:1f:85:fd:b2:
fc:54:d6:f3:99:eb:67:eb:d8:16:be:e2:cf:11:1f:04:ce:87:
08:c9:0e:ce:09:7d:ed:7e:23:77:ef:ca:5e:48:96:65:37:bc:
17:f1:89:d3:0f:35:56:ec:5d:ff:72:fc:5c:cf:f7:82:2a:e7:
83:cc:9d:53:5b:01:44:51:98:83:3a:42:c7:d6:1c:27:84:b3:
e3:42:b0:04:31:7f:9e:4f:77:8d:56:64:ec:9d:9e:9a:08:17:
12:42:c9:78:bd:77:ea:ee:4b:15:33:8f:1d:18:bf:f0:01:ed:
41:6c:67:28:a2:75:a1:85:10:db:1d:17:e4:0b:0a:28:66:9b:
6d:82:5e:b9:b1:83:cc:cf:d8:78:28:81:0d:1f:d5:3d:24:1a:
dd:89:a6:22:aa:a8:50:00:29:0d:16:91:0e:c1:78:27:30:1d:
4e:4a:3d:ab:b0:e1:a0:7f:13:24:53:d5:2d:ee:a2:20:f7:4f:
d5:c0:47:cf:0e:cd:67:9c:77:21:00:67:3e:bc:44:9a:fc:41:
0a:9a:f5:9b:2d:5c:ee:cc:c8:47:92:18:a2:7b:63:a2:93:1c:
2e:57:bd:a8:e2:e3:96:1b:f1:a4:b1:cc:a1:02:8f:0d:c4:15:
27:e1:1d:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJrFXGYp+d2DygzIRjD3CO8nCfO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMTFaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlYWVhZWMzZmZjY2I3OGEzOWIzZDY3ZmJmM2IxOGE0ZjZjY2ZjZWU2MzYz
YzY2MzQyYjQ3YjkxNWM0MDhkMjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq72zax4MlWEr5QYgxCuOY3eFt/dyMyxX4kj/zQk3XxTKvD3F4pTqJilqmf
XQw6uJ2N2h6OacVLZ28PKAY2H+hZxDLq4CKbN1pNXFST3BMQhQnw/99tRMe4FkBu
6XIqAUow9tnFBOmd8yRQTAN5KuePxs8xWaO06R8cQ0RdtoJSXFJ4jFRjnwcyBang
io8DXGjj/OcT4CHbQLFmr29K+JX0NIDbvILY/f/Zw4b7DCPtR7PowhpSz+3ECD9R
lG0a31F2VWOQhh/oJswiWYDHZPbXZRjyIuYCyUKrGtPa4pXv1GOiWGTO34oKcj4f
BxmmkCA6WvwUErSGM6C3hu5XtwkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRo5mmm
kYT5a8joMyvws3yE2/S07zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQC+XtqUpN9FZ4jUbpowBB+F/bL8VNbzmetn69gWvuLP
ER8EzocIyQ7OCX3tfiN378peSJZlN7wX8YnTDzVW7F3/cvxcz/eCKueDzJ1TWwFE
UZiDOkLH1hwnhLPjQrAEMX+eT3eNVmTsnZ6aCBcSQsl4vXfq7ksVM48dGL/wAe1B
bGcoonWhhRDbHRfkCwooZpttgl65sYPMz9h4KIENH9U9JBrdiaYiqqhQACkNFpEO
wXgnMB1OSj2rsOGgfxMkU9Ut7qIg90/VwEfPDs1nnHchAGc+vESa/EEKmvWbLVzu
zMhHkhiie2OikxwuV72o4uOWG/GkscyhAo8NxBUn4R2Z
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:15 2025 by rpki-client