Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: 5qr0FynuB8QD5IfWSFOwAxUTCoOGMMPrvxMcmB6p+l8=
Subject key identifier: 6D:48:F7:62:F7:5E:80:A3:7C:2B:D7:57:75:0D:DB:39:CE:1F:0D:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6533E774827EB1569BAA82710BF3182E4DEEDEEC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Tue 05 Aug 2025 20:30:17 +0000
ROA not before: Tue 05 Aug 2025 20:30:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:33:e7:74:82:7e:b1:56:9b:aa:82:71:0b:f3:18:2e:4d:ee:de:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b274a136bee2263be40876f69459d75f18e9650dc19b92a8a6602bb528295606, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:af:20:88:d3:8a:bb:ad:41:96:1f:59:2c:d9:
f9:22:9e:e0:77:32:cb:a0:c5:b8:a9:fd:f9:6f:44:
5f:9d:26:97:95:b3:9b:d8:da:a5:36:cb:76:23:35:
a2:5d:b0:07:d1:4c:e5:c1:f9:88:96:04:88:bb:3f:
2c:b5:45:0b:b0:9b:7f:ba:19:b3:49:18:97:fe:62:
5d:38:e3:b5:20:9e:27:e0:2a:39:2b:67:c2:cf:1d:
d3:f6:fc:e8:a8:ca:f3:51:e7:32:a4:b6:4c:1f:5a:
e3:3a:43:d3:8c:70:00:66:66:22:83:1d:d2:9b:0c:
6c:39:c0:cc:a2:b5:01:d2:ff:3c:3c:72:0a:4c:ec:
09:87:fc:32:51:5a:10:df:18:60:2c:1c:23:a4:f9:
19:89:df:1c:1f:33:f8:c4:6c:0f:d3:32:48:16:09:
b6:c5:08:2e:6c:36:a7:02:0a:df:24:ac:31:26:05:
25:54:61:1c:db:8a:86:09:48:f8:6e:23:af:a9:e4:
eb:0a:b6:78:24:a1:4b:3d:b6:a6:26:cc:bd:44:0b:
dd:4f:32:2a:89:89:e0:60:c0:85:ce:dd:30:af:6b:
5c:51:98:b3:9f:37:16:81:6a:51:b6:c4:a4:f3:67:
6c:f1:77:0a:f9:50:12:ef:f5:13:6b:9d:1b:ee:e1:
92:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:48:F7:62:F7:5E:80:A3:7C:2B:D7:57:75:0D:DB:39:CE:1F:0D:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8a:c5:b6:50:8d:fb:81:38:40:b7:91:3c:13:f1:a4:88:a9:46:
81:fe:f8:ec:6d:ed:ef:81:dd:b8:a2:93:fc:c7:14:ca:4b:20:
ef:42:72:50:94:fb:07:5d:7b:fb:83:08:81:ab:49:d9:57:6d:
16:29:4b:9e:98:fa:38:f9:27:84:89:79:e9:d6:80:2c:07:c9:
c3:03:e5:7b:13:b9:fc:9d:57:3b:c5:91:1b:44:f5:fa:5a:1d:
35:73:34:d1:e0:06:5b:9d:c2:4a:75:e1:e7:cc:98:88:3b:68:
b1:1e:72:0c:ca:75:34:69:f3:4b:7c:d3:fe:53:46:04:26:01:
f3:00:7b:c6:34:ca:14:14:b4:c7:0e:57:f2:3b:3f:a8:dc:0a:
ae:9e:ba:17:de:53:a3:f9:30:12:e6:cc:17:98:c3:c7:89:3c:
97:34:36:46:ed:16:dc:6b:05:3a:32:cd:55:2a:89:1d:4c:fd:
62:7a:4d:a5:a6:fa:1f:0f:0a:e6:21:56:a1:1c:0c:f5:b2:76:
3b:63:69:93:1a:57:83:6f:8a:93:ec:fe:36:db:ba:4f:cd:42:
2c:49:5c:37:6a:ea:41:91:b7:12:52:42:6d:9c:ab:35:3e:c9:
52:e8:c1:d7:e0:cf:3b:f1:47:aa:fb:05:62:60:be:5f:55:a3:
1c:f2:b5:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZTPndIJ+sVabqoJxC/MYLk3u3uwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyNzRhMTM2YmVlMjI2M2JlNDA4NzZmNjk0NTlkNzVmMThlOTY1MGRjMTli
OTJhOGE2NjAyYmI1MjgyOTU2MDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMavIIjTirutQZYfWSzZ+SKe4Hcyy6DFuKn9+W9EX50ml5Wzm9japTbLdiM1
ol2wB9FM5cH5iJYEiLs/LLVFC7Cbf7oZs0kYl/5iXTjjtSCeJ+AqOStnws8d0/b8
6KjK81HnMqS2TB9a4zpD04xwAGZmIoMd0psMbDnAzKK1AdL/PDxyCkzsCYf8MlFa
EN8YYCwcI6T5GYnfHB8z+MRsD9MySBYJtsUILmw2pwIK3ySsMSYFJVRhHNuKhglI
+G4jr6nk6wq2eCShSz22pibMvUQL3U8yKomJ4GDAhc7dMK9rXFGYs583FoFqUbbE
pPNnbPF3CvlQEu/1E2udG+7hksMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRtSPdi
916Ao3wr11d1Dds5zh8NDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQCKxbZQjfuBOEC3kTwT8aSIqUaB/vjsbe3vgd24opP8
xxTKSyDvQnJQlPsHXXv7gwiBq0nZV20WKUuemPo4+SeEiXnp1oAsB8nDA+V7E7n8
nVc7xZEbRPX6Wh01czTR4AZbncJKdeHnzJiIO2ixHnIMynU0afNLfNP+U0YEJgHz
AHvGNMoUFLTHDlfyOz+o3AqunroX3lOj+TAS5swXmMPHiTyXNDZG7RbcawU6Ms1V
KokdTP1iek2lpvofDwrmIVahHAz1snY7Y2mTGleDb4qT7P4227pPzUIsSVw3aupB
kbcSUkJtnKs1PslS6MHX4M878Ueq+wViYL5fVaMc8rXb
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:12 2025 by rpki-client