Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
File: ef3e6945-57bf-41fe-9e98-2db6c2800547.roa (raw, json)
Hash identifier: h6yuYJBPWNwlIGbFawPeZYTETP15JmBlG2edGpt97wI=
Subject key identifier: 3C:E7:16:70:46:31:87:FC:E5:F1:50:D1:B2:21:15:F6:5E:3B:86:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 01E780963974419622FC451AE01CFCEE8F060289
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
Signing time: Mon 01 Sep 2025 21:30:47 +0000
ROA not before: Mon 01 Sep 2025 21:30:47 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:e7:80:96:39:74:41:96:22:fc:45:1a:e0:1c:fc:ee:8f:06:02:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:47 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=159eea9c09322bc26f50416844b08223db83c554374127e8115321a04ccdbd56, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ca:2a:e5:bb:d6:80:09:30:68:dd:26:74:a2:
c6:02:69:fe:96:06:42:be:b1:b6:b2:8c:c6:10:12:
8f:8b:21:ed:24:3f:1b:51:3f:2e:79:bb:fe:13:24:
3c:54:59:fb:e4:56:6a:48:16:c5:d9:96:fe:52:45:
ca:3c:8f:c9:7f:4f:13:05:17:36:c7:b8:19:8c:ae:
c7:48:37:05:41:89:e9:58:6f:05:2a:4d:04:68:c6:
a0:b2:75:df:1b:54:5f:95:e8:23:0c:0d:59:67:00:
2e:4a:2a:c7:c9:aa:f6:03:3a:3a:ed:e6:6c:5c:c8:
00:4b:ac:aa:71:5c:3e:55:4d:9e:97:83:ab:f6:41:
c4:86:21:13:4d:13:c1:92:f7:18:ae:12:71:52:96:
eb:3b:2d:6e:02:6b:0e:2f:d7:c8:48:69:cd:dd:24:
fc:46:02:40:47:6b:c7:41:3b:c9:20:d6:d3:c3:e8:
bc:6c:87:a2:85:96:e4:4a:85:93:06:6f:91:f3:8b:
f6:86:5c:ad:ae:3d:8c:2d:29:c9:6e:7e:15:72:27:
bf:28:a3:75:ba:fa:7e:19:15:fe:b2:eb:a8:f6:cc:
1b:6d:12:b1:97:24:13:92:5a:c7:07:e2:2d:e6:19:
a4:c7:be:12:d8:21:b9:67:4c:5f:5c:85:13:24:ad:
c5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E7:16:70:46:31:87:FC:E5:F1:50:D1:B2:21:15:F6:5E:3B:86:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
56:34:7a:39:bd:7c:90:06:ad:66:fe:4d:12:e1:8e:b1:5e:12:
3b:fc:ad:38:8d:a1:7b:e3:1a:fd:41:8d:c0:33:99:e6:b5:b4:
6a:49:70:5c:5b:57:29:6c:0a:69:70:1e:fa:8d:dd:d9:ac:1f:
85:0f:c8:e5:ce:36:fe:49:14:5b:2e:dc:9e:0d:41:b5:92:25:
da:17:6a:9c:bb:49:fa:45:7a:6f:c0:01:4c:ce:bb:11:d6:99:
ed:ac:cb:85:b9:97:aa:af:de:dc:65:fe:09:b8:88:35:6b:9f:
8a:f8:1a:b0:ce:3f:ce:55:90:bf:7f:0d:9c:76:d0:a2:43:e3:
9b:f8:29:f7:e4:85:79:21:86:61:ab:36:41:89:98:84:a9:14:
ff:1e:5f:96:22:6e:0d:01:81:60:0b:2b:26:77:3a:d2:b4:7e:
18:93:cb:35:16:c5:63:93:e3:34:f1:90:cc:2e:fd:0e:a7:ed:
36:1e:f6:74:5b:4c:66:c8:36:f0:78:3a:2a:5b:01:c0:cc:f1:
d3:ad:16:2a:84:91:7e:cc:49:91:14:77:14:a3:99:50:16:d0:
64:dd:22:dd:af:a8:bc:fe:f5:d7:23:9f:a1:e0:db:c1:e3:ca:
6a:c0:4c:99:1f:40:ba:c6:e1:03:57:a8:4c:6c:eb:68:41:c2:
4f:08:55:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAeeAljl0QZYi/EUa4Bz87o8GAokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwNDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1OWVlYTljMDkzMjJiYzI2ZjUwNDE2ODQ0YjA4MjIzZGI4M2M1NTQzNzQx
MjdlODExNTMyMWEwNGNjZGJkNTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/KKuW71oAJMGjdJnSixgJp/pYGQr6xtrKMxhASj4sh7SQ/G1E/Lnm7/hMk
PFRZ++RWakgWxdmW/lJFyjyPyX9PEwUXNse4GYyux0g3BUGJ6VhvBSpNBGjGoLJ1
3xtUX5XoIwwNWWcALkoqx8mq9gM6Ou3mbFzIAEusqnFcPlVNnpeDq/ZBxIYhE00T
wZL3GK4ScVKW6zstbgJrDi/XyEhpzd0k/EYCQEdrx0E7ySDW08PovGyHooWW5EqF
kwZvkfOL9oZcra49jC0pyW5+FXInvyijdbr6fhkV/rLrqPbMG20SsZckE5Jaxwfi
LeYZpMe+EtghuWdMX1yFEyStxcECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ85xZw
RjGH/OXxUNGyIRX2XjuGxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYzZTY5NDUtNTdiZi00MWZlLTllOTgtMmRiNmMyODAwNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQBWNHo5vXyQBq1m/k0S4Y6xXhI7/K04jaF74xr9QY3A
M5nmtbRqSXBcW1cpbAppcB76jd3ZrB+FD8jlzjb+SRRbLtyeDUG1kiXaF2qcu0n6
RXpvwAFMzrsR1pntrMuFuZeqr97cZf4JuIg1a5+K+Bqwzj/OVZC/fw2cdtCiQ+Ob
+Cn35IV5IYZhqzZBiZiEqRT/Hl+WIm4NAYFgCysmdzrStH4Yk8s1FsVjk+M08ZDM
Lv0Op+02HvZ0W0xmyDbweDoqWwHAzPHTrRYqhJF+zEmRFHcUo5lQFtBk3SLdr6i8
/vXXI5+h4NvB48pqwEyZH0C6xuEDV6hMbOtoQcJPCFWP
-----END CERTIFICATE-----
Generated at Mon Sep 15 09:35:20 2025 by rpki-client