Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
File: ef3e6945-57bf-41fe-9e98-2db6c2800547.roa (raw, json)
Hash identifier: wnjGVpFQEeCyAo3xKDpvQixrhBChbFEYz6T0Qs+MYKk=
Subject key identifier: 1C:CD:E4:CE:BF:A2:0A:FC:7E:91:AD:DA:A5:A8:CC:0C:CD:5E:12:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 12C41868A2F6888B50C36484BC4D52327FF66540
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
Signing time: Tue 05 Aug 2025 20:30:10 +0000
ROA not before: Tue 05 Aug 2025 20:30:10 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:c4:18:68:a2:f6:88:8b:50:c3:64:84:bc:4d:52:32:7f:f6:65:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:10 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=3fd101bf36cab2a45516328a00afa379371cef6c060d01a1d2074ee0814bfb53, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6b:55:da:c1:b0:95:88:81:55:99:a3:e8:42:
a2:29:74:49:cf:c9:c0:fc:49:40:50:29:b5:6b:44:
cd:aa:dd:1c:70:85:9d:84:24:c1:e9:14:f9:3b:1b:
07:4f:b0:7c:fa:ff:e0:7a:f8:73:e0:4f:8e:77:4f:
30:5d:c2:74:90:b3:9a:51:92:a4:ec:62:14:7f:1f:
bd:92:ec:14:21:e3:c5:28:91:ec:e9:b1:db:0b:64:
0b:91:32:43:9c:d1:d1:44:88:43:53:8d:ca:10:8a:
6c:a8:09:66:8b:46:98:52:5d:1e:99:ed:cd:3e:d3:
33:72:10:08:01:e5:46:4f:32:a4:13:a8:49:44:b4:
c9:ec:d0:0b:2f:33:d3:0d:9e:57:8e:3c:68:46:5d:
ac:4f:21:0f:06:d0:1c:79:6d:46:c3:05:d7:92:a7:
3e:fc:4a:15:41:e2:b1:89:e9:f9:ea:82:4c:a3:70:
94:f8:7e:3c:29:b1:0e:10:5f:59:9d:65:f3:2b:d8:
47:08:1f:77:6f:08:b9:74:ea:81:68:3e:15:b5:07:
94:4a:d9:31:5c:39:0c:98:b6:84:87:57:38:51:7f:
a7:14:aa:82:62:75:d7:da:55:f8:59:9a:21:6d:5d:
41:de:56:f8:5f:6b:07:d9:f1:87:98:60:18:d1:6f:
a3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CD:E4:CE:BF:A2:0A:FC:7E:91:AD:DA:A5:A8:CC:0C:CD:5E:12:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4f:1c:29:22:08:34:93:11:15:6d:c9:c5:dd:f3:04:dd:a5:2a:
f3:8d:db:b6:f3:2c:a2:2b:83:bb:d2:f9:a8:c9:e4:23:64:e9:
f4:28:25:00:51:cd:6b:dd:47:dd:16:59:df:39:20:e2:ac:c1:
37:69:b9:1d:46:3a:51:87:b9:06:fb:e0:68:be:86:71:21:b0:
5d:8d:21:f8:82:24:c4:7c:81:87:91:a4:03:0e:d2:a7:0d:13:
c0:2e:fb:88:96:54:e6:65:ad:d3:5e:8c:e0:01:6b:d7:29:08:
c7:3c:84:f3:ed:e6:59:69:77:8c:49:18:25:81:70:10:b3:f7:
e4:5d:30:6b:11:cf:18:c6:b1:5e:fe:28:ad:ff:b0:0b:09:a3:
2c:f0:12:c1:c0:31:88:d1:e1:ae:cc:e7:02:57:b5:86:fc:70:
47:68:4c:07:e4:ea:d1:50:4c:c4:e5:d0:a5:87:b9:49:65:74:
e2:45:31:fc:69:8f:e9:1a:c7:d4:d0:fd:8a:cf:e0:23:4c:b3:
86:8e:c9:ab:96:96:d0:28:11:a4:5b:3a:83:36:5e:f8:cf:27:
d1:f2:92:5a:64:d2:9b:1d:06:fc:01:51:77:dc:ad:f2:28:03:
3f:db:19:ec:0b:4d:f4:e7:1e:bb:33:3a:25:a5:6b:0a:0b:b3:
fa:5d:12:4c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEsQYaKL2iItQw2SEvE1SMn/2ZUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMTBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmZDEwMWJmMzZjYWIyYTQ1NTE2MzI4YTAwYWZhMzc5MzcxY2VmNmMwNjBk
MDFhMWQyMDc0ZWUwODE0YmZiNTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5rVdrBsJWIgVWZo+hCoil0Sc/JwPxJQFAptWtEzardHHCFnYQkwekU+Tsb
B0+wfPr/4Hr4c+BPjndPMF3CdJCzmlGSpOxiFH8fvZLsFCHjxSiR7Omx2wtkC5Ey
Q5zR0USIQ1ONyhCKbKgJZotGmFJdHpntzT7TM3IQCAHlRk8ypBOoSUS0yezQCy8z
0w2eV448aEZdrE8hDwbQHHltRsMF15KnPvxKFUHisYnp+eqCTKNwlPh+PCmxDhBf
WZ1l8yvYRwgfd28IuXTqgWg+FbUHlErZMVw5DJi2hIdXOFF/pxSqgmJ119pV+Fma
IW1dQd5W+F9rB9nxh5hgGNFvo9ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQczeTO
v6IK/H6RrdqlqMwMzV4SRjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYzZTY5NDUtNTdiZi00MWZlLTllOTgtMmRiNmMyODAwNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQBPHCkiCDSTERVtycXd8wTdpSrzjdu28yyiK4O70vmo
yeQjZOn0KCUAUc1r3UfdFlnfOSDirME3abkdRjpRh7kG++BovoZxIbBdjSH4giTE
fIGHkaQDDtKnDRPALvuIllTmZa3TXozgAWvXKQjHPITz7eZZaXeMSRglgXAQs/fk
XTBrEc8YxrFe/iit/7ALCaMs8BLBwDGI0eGuzOcCV7WG/HBHaEwH5OrRUEzE5dCl
h7lJZXTiRTH8aY/pGsfU0P2Kz+AjTLOGjsmrlpbQKBGkWzqDNl74zyfR8pJaZNKb
HQb8AVF33K3yKAM/2xnsC0305x67MzolpWsKC7P6XRJM
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:54 2025 by rpki-client