Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: FtPLf/vS1Hn3/GaMpxd3fny2eso9ciQ/U2LQT2zc+f0=
Subject key identifier: EC:D1:66:20:3C:3A:E6:4A:F4:B8:71:D0:87:AC:FC:8A:3A:33:D2:ED
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 541FFE8E3CD45EFD922FF7898F115F609087A07E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Mon 01 Sep 2025 21:40:17 +0000
ROA not before: Mon 01 Sep 2025 21:40:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 22:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:1f:fe:8e:3c:d4:5e:fd:92:2f:f7:89:8f:11:5f:60:90:87:a0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:40:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=4311631a702aa09fdf40640689a343e93df6ef6fd90ce34d82fb687aabed457f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cb:b5:38:7c:64:35:98:22:7f:20:86:82:b9:
a1:a9:2a:4c:07:92:b7:1d:42:16:76:cb:a5:7b:33:
6d:fd:8a:28:ae:a1:20:36:b0:e8:48:bf:3b:f0:4a:
fc:e5:83:eb:8f:d0:0a:8c:7e:48:90:fb:a5:d1:e9:
66:8f:1e:49:b8:94:98:53:0a:88:23:39:1b:7d:b4:
88:4e:ce:e6:a6:f1:59:13:05:1d:2d:d1:48:8d:4c:
3e:c3:a8:65:f0:2a:86:7d:73:d5:26:11:2b:69:4e:
ea:2b:ee:c4:b6:c1:6c:93:a4:d5:c7:5d:c4:ed:53:
67:65:23:3a:c1:14:e8:8f:ad:bd:a5:9b:6f:9e:bd:
e6:d0:bc:c8:4d:9a:13:4a:de:72:67:a5:45:4c:d6:
00:10:9f:86:82:a7:fe:d3:0e:58:f2:83:9d:48:a7:
7f:73:0e:7b:5a:1d:90:59:cc:07:86:0a:5e:2b:a1:
3b:df:d8:34:eb:67:b0:fd:64:50:fe:1c:9c:8b:e3:
21:81:95:44:6a:9d:c8:a7:7d:76:e4:63:14:8a:78:
a1:66:0a:86:fa:d3:cb:6d:6a:82:7a:96:c9:8f:d7:
ca:07:6c:13:fa:45:26:34:35:cc:8e:a9:c9:fc:f1:
11:2d:60:a0:59:83:23:fc:04:b1:62:3f:1b:22:aa:
da:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D1:66:20:3C:3A:E6:4A:F4:B8:71:D0:87:AC:FC:8A:3A:33:D2:ED
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:57:38:91:c7:f0:c4:3a:9b:88:cf:f6:81:f3:f1:2e:64:65:
53:1c:6e:d4:8a:aa:44:a3:76:d9:53:06:d3:6c:ff:4f:c5:ba:
a6:9f:22:ff:9f:0a:78:30:cb:59:0d:6f:3c:57:ff:95:f5:76:
f6:73:2e:f6:e8:d8:1f:50:06:e6:eb:65:4a:eb:29:88:0b:b8:
ad:25:9a:16:12:13:a1:97:7e:3b:01:1d:c9:06:df:ec:df:eb:
f2:97:b3:40:d7:cc:32:84:65:83:ff:f2:8a:39:c4:fb:fe:41:
4b:35:b3:27:a5:42:2b:29:f4:54:55:07:8f:78:b5:f8:cd:61:
82:b6:ba:d2:1b:e7:46:53:80:3f:f9:77:1e:dd:e5:c5:fb:47:
31:a1:be:f1:9a:7b:28:10:de:4e:a6:26:dd:9b:bb:4a:ca:41:
e0:89:ea:99:b2:3f:94:16:0b:9b:35:7e:15:59:e5:5f:75:30:
31:92:72:4b:b1:4c:30:45:c5:26:1b:9e:a5:20:e0:56:0d:98:
fb:b2:fc:8c:eb:16:c4:92:53:20:c9:57:bd:03:6d:b6:b1:e0:
81:66:38:88:12:c3:36:5e:1e:df:9d:f6:18:40:e1:e6:5d:11:
71:4d:ef:f8:26:52:78:82:f9:7e:e2:e0:5f:a6:76:84:ee:85:
57:db:56:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVB/+jjzUXv2SL/eJjxFfYJCHoH4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTQwMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzMTE2MzFhNzAyYWEwOWZkZjQwNjQwNjg5YTM0M2U5M2RmNmVmNmZkOTBj
ZTM0ZDgyZmI2ODdhYWJlZDQ1N2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7LtTh8ZDWYIn8ghoK5oakqTAeStx1CFnbLpXszbf2KKK6hIDaw6Ei/O/BK
/OWD64/QCox+SJD7pdHpZo8eSbiUmFMKiCM5G320iE7O5qbxWRMFHS3RSI1MPsOo
ZfAqhn1z1SYRK2lO6ivuxLbBbJOk1cddxO1TZ2UjOsEU6I+tvaWbb5695tC8yE2a
E0recmelRUzWABCfhoKn/tMOWPKDnUinf3MOe1odkFnMB4YKXiuhO9/YNOtnsP1k
UP4cnIvjIYGVRGqdyKd9duRjFIp4oWYKhvrTy21qgnqWyY/XygdsE/pFJjQ1zI6p
yfzxES1goFmDI/wEsWI/GyKq2rUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTs0WYg
PDrmSvS4cdCHrPyKOjPS7TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQAdVziRx/DEOpuIz/aB8/EuZGVTHG7UiqpEo3bZUwbT
bP9PxbqmnyL/nwp4MMtZDW88V/+V9Xb2cy726NgfUAbm62VK6ymIC7itJZoWEhOh
l347AR3JBt/s3+vyl7NA18wyhGWD//KKOcT7/kFLNbMnpUIrKfRUVQePeLX4zWGC
trrSG+dGU4A/+Xce3eXF+0cxob7xmnsoEN5Opibdm7tKykHgieqZsj+UFgubNX4V
WeVfdTAxknJLsUwwRcUmG56lIOBWDZj7svyM6xbEklMgyVe9A222seCBZjiIEsM2
Xh7fnfYYQOHmXRFxTe/4JlJ4gvl+4uBfpnaE7oVX21Zn
-----END CERTIFICATE-----
Generated at Tue Sep 16 04:14:31 2025 by rpki-client