Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: AE8F8ILyRdavzuSSsm2QjmF7MskjDGwguFZ2NhHmvwk=
Subject key identifier: C8:03:CB:04:0E:CC:2A:13:9C:3D:B0:8A:D3:C2:22:A6:54:53:9C:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B07F8DE4658211E04012E4C5E0A9EFE12291D2F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Mon 01 Sep 2025 21:31:21 +0000
ROA not before: Mon 01 Sep 2025 21:31:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Sep 2025 23:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:07:f8:de:46:58:21:1e:04:01:2e:4c:5e:0a:9e:fe:12:29:1d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:31:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=adaf5e1da36056d39fab4ebe58fd8f24996f973fa003c32a94ad87311d19b2e8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:af:71:c2:7b:ec:1f:f1:54:2d:a0:42:03:5e:
0e:3d:8d:63:56:c4:ca:c6:1a:ca:9d:3c:fe:b6:01:
d9:18:7f:3a:cd:57:e0:bc:25:ae:aa:6b:39:b4:62:
fc:c8:d3:e4:59:9c:c2:71:a0:a3:06:80:e8:26:35:
b7:5f:64:7e:ad:e7:ea:4e:93:1c:46:0b:2f:03:d7:
56:bb:67:54:0f:62:21:cf:01:ea:38:80:a3:52:cb:
f2:92:53:16:4d:a4:ba:3b:29:6e:35:b0:2c:d4:b8:
71:dd:2a:b7:c2:53:29:62:f1:7a:a8:54:5d:0f:e5:
57:8b:ef:c6:d7:b9:fa:86:03:0b:13:4a:8f:45:24:
45:99:8d:71:d1:cf:85:2f:76:13:7e:7b:ee:a5:60:
e3:54:92:02:60:ed:94:19:af:21:a7:8e:2d:60:62:
0d:5e:92:4c:94:b0:13:67:4b:84:af:23:ee:7f:e3:
f9:a5:fd:f6:80:5f:22:14:76:fa:91:98:c0:b6:63:
99:d5:7e:7b:1a:8e:4b:f9:9f:03:dc:c2:15:a1:78:
89:3b:62:cf:5f:a8:50:c7:f9:cc:d1:c6:c6:c3:31:
62:90:48:88:7f:32:46:1e:f6:41:ec:28:ab:d1:13:
32:53:8d:8e:4b:c3:18:21:c6:45:31:4d:af:49:ac:
e5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:03:CB:04:0E:CC:2A:13:9C:3D:B0:8A:D3:C2:22:A6:54:53:9C:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:69:10:6a:4a:8f:b4:be:99:8c:ad:81:49:a0:74:cc:88:64:
4f:07:6a:c7:96:01:87:15:57:7d:6e:96:89:3c:01:4c:bc:93:
2e:2e:4b:81:b2:d5:b6:c4:52:de:42:c7:72:04:a4:de:cb:e1:
fc:be:3c:b1:65:3b:77:51:23:8f:82:05:ba:f4:5b:55:0d:d9:
72:40:91:fc:11:e9:1e:2d:7a:df:02:65:36:a9:c6:82:a1:88:
e5:bc:67:1e:e9:43:7e:84:31:43:0e:65:77:02:62:ca:52:ad:
b8:75:a5:21:88:6b:f1:e8:26:8a:4b:d2:3d:2c:bc:47:01:e7:
83:df:cc:85:bc:61:3a:32:e6:ee:fa:7c:ce:ce:99:21:83:75:
d8:ef:53:91:99:27:5f:ec:73:c7:73:4c:3d:c6:85:4a:3c:dc:
f9:70:7c:d4:b8:30:8f:9c:d0:41:11:23:42:a9:92:30:7c:ee:
79:86:b9:d3:64:5f:2c:67:e6:3a:56:68:0a:75:a9:ff:c8:88:
0a:89:3d:48:4b:a1:16:2e:72:d1:6c:8b:46:74:e9:f9:31:8e:
75:06:33:94:82:29:f0:36:1d:af:1f:1e:94:35:a8:66:e9:09:
c6:db:04:ad:e8:2e:64:d1:9b:20:10:d7:ee:ca:f0:6e:9e:00:
9d:5f:bc:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSwf43kZYIR4EAS5MXgqe/hIpHS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMxMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkYWY1ZTFkYTM2MDU2ZDM5ZmFiNGViZTU4ZmQ4ZjI0OTk2Zjk3M2ZhMDAz
YzMyYTk0YWQ4NzMxMWQxOWIyZTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOvccJ77B/xVC2gQgNeDj2NY1bEysYayp08/rYB2Rh/Os1X4LwlrqprObRi
/MjT5FmcwnGgowaA6CY1t19kfq3n6k6THEYLLwPXVrtnVA9iIc8B6jiAo1LL8pJT
Fk2kujspbjWwLNS4cd0qt8JTKWLxeqhUXQ/lV4vvxte5+oYDCxNKj0UkRZmNcdHP
hS92E3577qVg41SSAmDtlBmvIaeOLWBiDV6STJSwE2dLhK8j7n/j+aX99oBfIhR2
+pGYwLZjmdV+exqOS/mfA9zCFaF4iTtiz1+oUMf5zNHGxsMxYpBIiH8yRh72Qewo
q9ETMlONjkvDGCHGRTFNr0ms5TcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTIA8sE
DswqE5w9sIrTwiKmVFOcpTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQBjaRBqSo+0vpmMrYFJoHTMiGRPB2rHlgGHFVd9bpaJ
PAFMvJMuLkuBstW2xFLeQsdyBKTey+H8vjyxZTt3USOPggW69FtVDdlyQJH8Eeke
LXrfAmU2qcaCoYjlvGce6UN+hDFDDmV3AmLKUq24daUhiGvx6CaKS9I9LLxHAeeD
38yFvGE6Mubu+nzOzpkhg3XY71ORmSdf7HPHc0w9xoVKPNz5cHzUuDCPnNBBESNC
qZIwfO55hrnTZF8sZ+Y6VmgKdan/yIgKiT1IS6EWLnLRbItGdOn5MY51BjOUginw
Nh2vHx6UNahm6QnG2wSt6C5k0ZsgENfuyvBungCdX7x+
-----END CERTIFICATE-----
Generated at Mon Sep 15 02:44:24 2025 by rpki-client