Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: AuUIrrMvtl9fvYB67PF4EMFJwPBZGTIR4+mba1FJ0Ik=
Subject key identifier: EB:86:B6:61:51:6F:E3:41:60:CC:97:2E:99:57:3D:E0:A9:84:2E:D0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24EDC3FB4F6307A269FA9BBCBE9CD18773D2B967
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Tue 05 Aug 2025 20:20:59 +0000
ROA not before: Tue 05 Aug 2025 20:20:59 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:ed:c3:fb:4f:63:07:a2:69:fa:9b:bc:be:9c:d1:87:73:d2:b9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:59 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c82306c6ef2f94693999d49fcba539ef48271e76c8c3167b603d1af89c3f8de9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ae:c5:e1:4e:bc:ec:b1:3a:13:d4:a7:00:57:
49:2d:a4:93:68:1b:36:df:8e:f5:20:f8:6b:4e:eb:
6e:2f:61:73:11:d8:57:c0:00:0b:ab:e4:d1:01:21:
80:07:fe:ad:52:15:a6:65:49:6f:c4:a9:fb:7f:69:
e7:e2:86:a7:09:93:c9:c0:40:6c:6a:54:ea:a3:cb:
ad:3a:dd:e5:f3:f1:7f:06:de:12:93:b3:c0:17:5f:
e8:46:18:65:5b:03:a7:bf:49:8f:1b:82:38:6d:81:
ad:76:24:40:51:4f:46:5a:3b:97:50:45:33:b0:5d:
62:61:35:95:6f:21:83:4f:b2:1b:17:1d:fb:09:bd:
0d:e1:b5:91:55:23:21:71:9d:68:36:26:c4:7f:b7:
58:5e:43:2a:4e:06:80:81:5c:7b:93:56:11:cb:6b:
51:4b:3b:9f:31:69:49:3c:d1:a1:5f:48:c5:d2:69:
7e:69:68:6c:df:d7:86:b1:c3:fa:ff:b8:d2:21:9f:
5c:c5:cd:57:15:cf:e1:4e:f6:8a:78:71:14:a1:d3:
9a:c6:38:c4:29:70:33:fc:5a:98:2e:cb:96:84:6c:
33:a8:5d:ad:13:34:04:05:96:17:d9:ec:76:c5:7e:
f1:03:40:da:66:42:ef:9a:5a:38:51:f4:b0:3c:98:
e5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:86:B6:61:51:6F:E3:41:60:CC:97:2E:99:57:3D:E0:A9:84:2E:D0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:2e:61:8f:2b:a7:fd:95:d9:47:d6:8e:af:e0:c4:7f:ca:9f:
50:15:ba:99:6c:5d:ea:e0:d7:bc:db:1b:06:5c:95:2a:90:59:
1e:cd:38:3f:f7:f9:d6:7e:3e:74:3f:91:e8:47:9e:a5:ac:5b:
6d:e1:5b:24:fe:48:da:98:d5:d4:4a:c9:ea:40:2b:0d:e4:90:
8d:96:88:43:ac:f1:dd:53:b4:56:66:ac:8d:c8:d7:e1:eb:9e:
a6:5a:eb:c6:7f:e3:97:f7:b4:9e:29:7f:d7:91:3d:6d:ed:79:
d1:3e:8f:6b:b2:42:e2:5d:f4:7f:53:b2:b7:92:f7:2c:71:2d:
90:69:b4:22:c3:dc:02:7c:7f:0d:d6:c8:cb:ff:2d:00:5d:02:
e2:5a:54:f4:01:7b:6b:47:12:e1:a4:c1:11:82:69:5c:4f:91:
d9:92:88:20:2a:39:cf:2c:42:ca:8f:8c:db:31:77:6f:cd:d5:
28:0e:1f:1d:5c:13:5b:38:0a:5b:94:d1:28:27:58:f3:07:bb:
3a:22:73:59:78:c6:04:a6:29:a5:c3:d5:d4:ac:42:5c:c5:c8:
ad:0b:04:12:01:e6:07:9b:11:cb:de:13:65:41:6f:ba:89:da:
77:ca:d7:ed:d1:1b:96:77:7e:6d:13:33:bb:b7:8c:aa:46:41:
73:1b:c3:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJO3D+09jB6Jp+pu8vpzRh3PSuWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4MjMwNmM2ZWYyZjk0NjkzOTk5ZDQ5ZmNiYTUzOWVmNDgyNzFlNzZjOGMz
MTY3YjYwM2QxYWY4OWMzZjhkZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmuxeFOvOyxOhPUpwBXSS2kk2gbNt+O9SD4a07rbi9hcxHYV8AAC6vk0QEh
gAf+rVIVpmVJb8Sp+39p5+KGpwmTycBAbGpU6qPLrTrd5fPxfwbeEpOzwBdf6EYY
ZVsDp79JjxuCOG2BrXYkQFFPRlo7l1BFM7BdYmE1lW8hg0+yGxcd+wm9DeG1kVUj
IXGdaDYmxH+3WF5DKk4GgIFce5NWEctrUUs7nzFpSTzRoV9IxdJpfmlobN/XhrHD
+v+40iGfXMXNVxXP4U72inhxFKHTmsY4xClwM/xamC7LloRsM6hdrRM0BAWWF9ns
dsV+8QNA2mZC75paOFH0sDyY5VcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTrhrZh
UW/jQWDMly6ZVz3gqYQu0DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQCCLmGPK6f9ldlH1o6v4MR/yp9QFbqZbF3q4Ne82xsG
XJUqkFkezTg/9/nWfj50P5HoR56lrFtt4Vsk/kjamNXUSsnqQCsN5JCNlohDrPHd
U7RWZqyNyNfh656mWuvGf+OX97SeKX/XkT1t7XnRPo9rskLiXfR/U7K3kvcscS2Q
abQiw9wCfH8N1sjL/y0AXQLiWlT0AXtrRxLhpMERgmlcT5HZkoggKjnPLELKj4zb
MXdvzdUoDh8dXBNbOApblNEoJ1jzB7s6InNZeMYEpimlw9XUrEJcxcitCwQSAeYH
mxHL3hNlQW+6idp3ytft0RuWd35tEzO7t4yqRkFzG8Px
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:57 2025 by rpki-client