Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json)
Hash identifier: Ko7nY7FyxtyZ913PAd6ggrUnNM29Sn2F31QeoGWemFc=
Subject key identifier: 76:91:41:DF:34:78:8A:F2:AB:44:40:D4:D9:8E:5A:94:0A:10:43:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0BE386D43F559B20D73495EB477521DF75B912E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
Signing time: Fri 15 Aug 2025 15:50:48 +0000
ROA not before: Fri 15 Aug 2025 15:50:48 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:e3:86:d4:3f:55:9b:20:d7:34:95:eb:47:75:21:df:75:b9:12:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:48 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=be063b2a79f527c698bacc8e95e3070bde837df748ab3e9d1fdc1ac363a3607b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:93:66:2a:6f:64:f5:f3:41:a5:09:39:d5:d2:
5c:f4:13:b0:3a:57:86:c0:08:f6:88:45:6e:10:e5:
cc:24:a5:85:b4:07:0a:40:ff:69:aa:8f:ed:c3:5e:
ce:c7:cb:b4:08:92:10:7d:28:e1:d1:78:87:eb:56:
cd:b1:f8:93:66:93:19:06:4d:eb:2f:f9:0a:1f:88:
3f:5e:2c:a1:4a:d8:3d:85:cd:2a:61:1a:69:5c:86:
8a:40:d7:07:f2:5f:5d:e6:49:de:b2:b9:e3:4f:a4:
e4:4d:e9:63:6a:f2:7c:8a:9a:98:ca:8d:2c:61:7f:
83:a7:73:e0:a0:4b:3b:86:b6:5c:33:15:8a:b1:6f:
44:58:c9:0d:d4:1e:41:95:45:ce:78:7f:33:ed:23:
05:f3:30:bd:26:29:62:e4:0f:08:1d:dc:b5:cf:f6:
5e:61:ca:08:02:11:f4:30:fc:36:62:30:af:72:0a:
f0:80:56:da:77:d2:7c:2d:a1:ea:6a:b9:71:10:bc:
7c:ac:1e:5e:c8:fd:e9:bd:08:e4:9e:12:5e:4e:3e:
a9:f3:a3:53:2d:0a:52:60:ed:36:4b:7f:e8:90:1d:
97:27:17:2d:62:1d:fe:ab:ac:05:36:a7:c2:7a:ee:
49:2e:79:e5:83:c3:43:df:6e:63:e4:82:19:35:ca:
62:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:91:41:DF:34:78:8A:F2:AB:44:40:D4:D9:8E:5A:94:0A:10:43:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
94:cb:df:51:a1:3c:88:1d:93:f6:37:40:29:cc:1c:c9:c3:16:
b9:19:74:11:5b:d5:c2:6d:b5:ef:13:05:75:38:c2:44:9a:b9:
0b:f7:6c:5a:91:5e:da:d8:fb:97:7f:c4:a8:61:e0:17:19:9a:
f1:b1:cd:1e:d1:75:4a:71:d2:55:a3:fc:68:b2:d2:b0:fe:84:
58:1b:66:3b:fa:72:bc:17:00:96:3d:87:e5:d9:ba:b5:d3:bf:
27:1e:e3:4a:a3:ca:ea:53:c9:84:a1:5d:3f:1f:6e:c1:50:84:
29:c4:84:09:2c:ec:0d:07:75:e6:4c:a5:23:ab:07:6b:65:61:
cb:94:9a:0a:93:d3:00:b9:81:0b:b2:8f:3b:33:4b:55:a3:9e:
bb:93:11:e6:94:ce:32:ba:ce:60:e1:92:aa:73:9e:97:f9:b0:
c5:fc:0e:ed:e6:62:9e:1f:46:fc:77:e7:77:5b:5e:c1:c5:2e:
20:17:0e:e7:bc:e8:02:7b:4b:0a:e5:85:70:f7:8e:0e:74:f8:
5c:9a:de:b6:8a:ec:a0:bf:58:41:7e:32:6d:69:46:92:8c:01:
79:7d:36:dd:1e:79:97:0c:f0:d7:bc:f9:a8:89:ba:11:dc:13:
74:86:af:9d:7a:38:bb:d7:e1:1a:22:8a:b9:1a:dd:78:1d:3a:
0b:de:20:13
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC+OG1D9VmyDXNJXrR3Uh33W5EucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNDhaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlMDYzYjJhNzlmNTI3YzY5OGJhY2M4ZTk1ZTMwNzBiZGU4MzdkZjc0OGFi
M2U5ZDFmZGMxYWMzNjNhMzYwN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWTZipvZPXzQaUJOdXSXPQTsDpXhsAI9ohFbhDlzCSlhbQHCkD/aaqP7cNe
zsfLtAiSEH0o4dF4h+tWzbH4k2aTGQZN6y/5Ch+IP14soUrYPYXNKmEaaVyGikDX
B/JfXeZJ3rK540+k5E3pY2ryfIqamMqNLGF/g6dz4KBLO4a2XDMVirFvRFjJDdQe
QZVFznh/M+0jBfMwvSYpYuQPCB3ctc/2XmHKCAIR9DD8NmIwr3IK8IBW2nfSfC2h
6mq5cRC8fKweXsj96b0I5J4SXk4+qfOjUy0KUmDtNkt/6JAdlycXLWId/qusBTan
wnruSS555YPDQ99uY+SCGTXKYn0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR2kUHf
NHiK8qtEQNTZjlqUChBDLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQCUy99RoTyIHZP2N0ApzBzJwxa5GXQRW9XCbbXvEwV1
OMJEmrkL92xakV7a2PuXf8SoYeAXGZrxsc0e0XVKcdJVo/xostKw/oRYG2Y7+nK8
FwCWPYfl2bq1078nHuNKo8rqU8mEoV0/H27BUIQpxIQJLOwNB3XmTKUjqwdrZWHL
lJoKk9MAuYELso87M0tVo567kxHmlM4yus5g4ZKqc56X+bDF/A7t5mKeH0b8d+d3
W17BxS4gFw7nvOgCe0sK5YVw944OdPhcmt62iuygv1hBfjJtaUaSjAF5fTbdHnmX
DPDXvPmoiboR3BN0hq+deji71+EaIoq5Gt14HToL3iAT
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:16 2025 by rpki-client