Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: Pvv0k5QR2L5vhnBdudz0ZGkuszPUCBuFZLT9geMGPGU=
Subject key identifier: 60:E6:E9:56:94:9E:98:55:72:11:47:A5:C5:BD:CF:03:B0:57:6D:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 127318F2CB92C1FC39A3850F595B6D4ED2ECD152
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Tue 05 Aug 2025 20:30:42 +0000
ROA not before: Tue 05 Aug 2025 20:30:42 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:73:18:f2:cb:92:c1:fc:39:a3:85:0f:59:5b:6d:4e:d2:ec:d1:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:42 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9cff8115dbc2370cd58d71943d646fc130fa3176e17a3439c6cced69f3e93e37, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d4:46:d0:69:c0:fc:0e:4e:19:65:d0:8f:2a:
6e:9e:69:c1:aa:82:73:1f:b8:06:07:f3:b0:50:5a:
77:8e:ec:1b:f3:de:ae:6b:a0:29:5a:fe:73:61:93:
e9:0a:43:de:b6:4d:20:95:4e:22:0f:ba:87:0e:23:
cd:21:3d:7b:fe:0b:70:d9:6f:be:7e:b2:86:61:b4:
39:40:dd:58:25:b9:b5:a1:98:d1:1e:59:17:87:31:
30:f3:b7:45:a9:29:04:41:cb:fd:aa:d2:9f:73:45:
b0:28:66:2e:c2:cc:a9:53:e5:f8:2d:4c:cd:1a:4b:
89:db:6c:8f:a1:54:92:0f:94:aa:99:0a:cd:b3:25:
46:b7:2b:8a:d5:92:b1:e5:54:7e:18:fa:e4:79:04:
42:d9:5c:d1:e4:e3:52:f3:98:25:6f:65:55:60:75:
c5:91:56:bf:f0:db:da:89:06:17:55:eb:3b:a2:01:
37:6f:4a:a3:fd:93:76:f4:3a:d3:5c:57:5d:2e:2a:
b8:e9:bd:e7:32:3c:b4:09:bb:94:eb:85:f0:80:7a:
16:3f:6b:f7:82:ad:a7:a1:c3:a7:f7:d5:50:1e:4b:
13:e6:df:97:a6:f2:44:f5:9f:ac:7c:30:10:3d:bd:
d7:8b:1b:b5:ff:43:98:f8:d0:78:94:5b:c3:5b:f4:
e3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E6:E9:56:94:9E:98:55:72:11:47:A5:C5:BD:CF:03:B0:57:6D:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c8:40:4e:84:c3:05:3c:e9:ce:96:be:e6:05:ff:de:b9:b2:fe:
85:da:ed:0f:1e:19:81:fb:8d:59:69:7e:56:e4:97:9f:92:fa:
4d:31:07:f9:f3:c9:a0:a7:7d:d0:9d:a7:67:11:32:b9:2b:ba:
61:d6:5d:af:f9:b7:e1:04:fc:52:7a:85:62:c1:b9:a5:a5:27:
98:b0:4c:6b:b6:b9:1e:7e:29:c7:12:7f:44:2e:60:6c:f5:de:
4c:9b:1e:ea:4c:a2:20:1a:82:c6:c7:d5:72:72:12:c3:6e:f4:
bb:c5:be:61:b3:30:eb:08:01:d7:03:d1:da:28:d3:74:8d:90:
d4:34:b9:a4:12:00:38:1d:b5:79:5b:54:af:28:7c:a9:8a:c9:
85:9d:87:7b:a9:b9:e5:ff:bf:3b:bc:d5:db:ee:8f:7f:6e:83:
9e:0d:4f:58:12:e8:f1:36:9f:6f:05:9a:6a:f8:e7:da:20:33:
bb:fb:34:e6:08:74:33:41:b7:62:84:d5:2b:50:f9:67:63:31:
0c:ec:d3:ac:ec:90:f6:be:54:b1:c1:ea:0e:b0:8f:2e:1b:d6:
ff:29:4e:c4:e2:07:3e:c8:7e:ec:fc:f7:8c:76:76:92:2a:11:
71:8e:11:4a:f0:57:bd:48:62:e7:a0:90:5d:95:33:57:f9:75:
d0:64:6a:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEnMY8suSwfw5o4UPWVttTtLs0VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwNDJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZmY4MTE1ZGJjMjM3MGNkNThkNzE5NDNkNjQ2ZmMxMzBmYTMxNzZlMTdh
MzQzOWM2Y2NlZDY5ZjNlOTNlMzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLURtBpwPwOThll0I8qbp5pwaqCcx+4BgfzsFBad47sG/PermugKVr+c2GT
6QpD3rZNIJVOIg+6hw4jzSE9e/4LcNlvvn6yhmG0OUDdWCW5taGY0R5ZF4cxMPO3
RakpBEHL/arSn3NFsChmLsLMqVPl+C1MzRpLidtsj6FUkg+UqpkKzbMlRrcritWS
seVUfhj65HkEQtlc0eTjUvOYJW9lVWB1xZFWv/Db2okGF1XrO6IBN29Ko/2TdvQ6
01xXXS4quOm95zI8tAm7lOuF8IB6Fj9r94Ktp6HDp/fVUB5LE+bfl6byRPWfrHww
ED2914sbtf9DmPjQeJRbw1v04+MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRg5ulW
lJ6YVXIRR6XFvc8DsFdtHDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQDIQE6EwwU86c6WvuYF/965sv6F2u0PHhmB+41ZaX5W
5JefkvpNMQf588mgp33QnadnETK5K7ph1l2v+bfhBPxSeoViwbmlpSeYsExrtrke
finHEn9ELmBs9d5Mmx7qTKIgGoLGx9VychLDbvS7xb5hszDrCAHXA9HaKNN0jZDU
NLmkEgA4HbV5W1SvKHypismFnYd7qbnl/787vNXb7o9/boOeDU9YEujxNp9vBZpq
+OfaIDO7+zTmCHQzQbdihNUrUPlnYzEM7NOs7JD2vlSxweoOsI8uG9b/KU7E4gc+
yH7s/PeMdnaSKhFxjhFK8Fe9SGLnoJBdlTNX+XXQZGp1
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:56 2025 by rpki-client