Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: 7oKx3D17g/5Jjn05Rhp1xhUrcBtTUkxj0n2yQ74bDsk=
Subject key identifier: 9F:AE:21:F3:6B:58:57:AC:CD:02:0B:66:BD:7F:B3:23:D8:12:ED:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2381E72E75764C8EC660623239DF9C84643B6A45
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Tue 05 Aug 2025 20:20:06 +0000
ROA not before: Tue 05 Aug 2025 20:20:06 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:81:e7:2e:75:76:4c:8e:c6:60:62:32:39:df:9c:84:64:3b:6a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:06 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e6f5a6a031e1fe6f0f5048e0c212bf7ba1ba2ff8b57deff7a40db1bad5b2f887, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:5f:eb:60:91:35:12:f6:b6:61:44:0f:40:
cc:03:62:62:05:d0:5c:eb:df:1a:a4:2a:41:4e:30:
78:05:9e:28:c1:a3:db:2d:12:b4:4d:6f:06:7b:a6:
8f:98:c5:98:0b:09:cd:de:2b:95:4c:75:c1:11:0c:
31:dc:01:02:c2:df:7b:e8:90:c3:23:76:b9:6f:eb:
67:3e:53:e8:53:32:e5:30:aa:6e:1e:8f:b7:5c:7a:
98:5c:7b:29:ef:cc:75:e1:44:fd:0b:16:2d:ec:72:
ca:1b:c1:2b:f5:c2:aa:51:48:02:a5:e6:38:34:b6:
19:87:e2:fd:b1:ae:9f:28:71:e9:0f:88:b6:95:c2:
4c:c6:f6:43:49:ba:c7:98:40:15:50:26:36:bb:84:
d1:5c:39:ad:1d:7c:1b:53:0c:9c:dd:45:82:32:4f:
7e:97:2c:86:85:a6:b1:9d:6a:58:e9:af:4f:d3:1f:
bd:1e:1f:47:2b:cd:52:c8:54:51:7c:25:6f:75:a6:
6e:7f:80:93:0c:0e:ca:5a:a3:9e:16:ce:6a:18:04:
f5:21:0d:c0:0d:a2:24:22:04:40:cb:f9:65:da:ec:
de:e6:17:ca:bb:da:ee:e2:71:b2:36:b7:51:7e:b5:
03:b1:7c:ba:67:25:2d:78:fb:f7:99:26:e4:eb:1a:
24:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:AE:21:F3:6B:58:57:AC:CD:02:0B:66:BD:7F:B3:23:D8:12:ED:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:78:11:4c:de:a3:b2:58:2f:6e:c4:e5:90:38:f3:77:c2:46:
55:e6:41:0e:e7:fd:c2:f3:f7:b3:4b:df:3d:1b:35:3c:06:ea:
35:44:ad:6e:a6:01:92:47:5b:39:e1:37:0b:bc:1f:8a:90:7d:
e1:b5:4d:ad:48:e0:07:ba:de:c4:c3:06:bf:f5:5f:6a:1e:52:
10:64:f1:ca:cc:c1:8b:c5:7c:16:f8:e4:1d:6a:01:e0:a4:de:
be:db:b7:8b:e3:17:e5:bd:a9:6b:18:48:01:2e:14:b7:87:1b:
4c:37:ad:76:6c:94:67:42:0c:a1:3d:41:33:52:d6:26:0b:0e:
cd:da:93:5b:2f:b1:56:ea:b5:91:c5:40:0c:3d:65:14:bf:aa:
47:87:36:31:be:1d:34:c8:c1:c3:8c:2f:fc:7d:87:48:25:2e:
88:ec:33:62:0c:f2:58:61:0a:42:03:93:b0:5b:58:fa:1c:fb:
e3:66:e5:45:4c:f9:b6:8e:fb:6d:ae:61:92:e3:61:f1:49:88:
98:10:4f:21:42:97:55:1c:df:0b:44:b5:97:e9:0d:7c:b4:7e:
05:da:89:96:d9:48:45:86:9d:91:95:d8:1d:bc:3f:31:a2:08:
c6:bd:01:b7:a1:6c:ac:00:ce:84:4d:e4:e2:97:42:ae:08:5d:
d4:6e:00:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI4HnLnV2TI7GYGIyOd+chGQ7akUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZjVhNmEwMzFlMWZlNmYwZjUwNDhlMGMyMTJiZjdiYTFiYTJmZjhiNTdk
ZWZmN2E0MGRiMWJhZDViMmY4ODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTVX+tgkTUS9rZhRA9AzANiYgXQXOvfGqQqQU4weAWeKMGj2y0StE1vBnum
j5jFmAsJzd4rlUx1wREMMdwBAsLfe+iQwyN2uW/rZz5T6FMy5TCqbh6Pt1x6mFx7
Ke/MdeFE/QsWLexyyhvBK/XCqlFIAqXmODS2GYfi/bGunyhx6Q+ItpXCTMb2Q0m6
x5hAFVAmNruE0Vw5rR18G1MMnN1FgjJPfpcshoWmsZ1qWOmvT9MfvR4fRyvNUshU
UXwlb3Wmbn+AkwwOylqjnhbOahgE9SENwA2iJCIEQMv5Zdrs3uYXyrva7uJxsja3
UX61A7F8umclLXj795km5OsaJM0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSfriHz
a1hXrM0CC2a9f7Mj2BLtHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBCeBFM3qOyWC9uxOWQOPN3wkZV5kEO5/3C8/ezS989
GzU8Buo1RK1upgGSR1s54TcLvB+KkH3htU2tSOAHut7Ewwa/9V9qHlIQZPHKzMGL
xXwW+OQdagHgpN6+27eL4xflvalrGEgBLhS3hxtMN612bJRnQgyhPUEzUtYmCw7N
2pNbL7FW6rWRxUAMPWUUv6pHhzYxvh00yMHDjC/8fYdIJS6I7DNiDPJYYQpCA5Ow
W1j6HPvjZuVFTPm2jvttrmGS42HxSYiYEE8hQpdVHN8LRLWX6Q18tH4F2omW2UhF
hp2RldgdvD8xogjGvQG3oWysAM6ETeTil0KuCF3UbgDj
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:13 2025 by rpki-client