Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: YOm5i3tbgga7KgOy/TgSVuG8N+ONYxSgZXCZbN727Y8=
Subject key identifier: 09:86:3E:60:CB:0D:62:B1:8C:F8:2B:7B:5A:7F:A3:02:B2:84:F0:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2056D86F7765F7FB3049A2F8BFA5D0385AD29F28
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Tue 05 Aug 2025 20:21:04 +0000
ROA not before: Tue 05 Aug 2025 20:21:04 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:56:d8:6f:77:65:f7:fb:30:49:a2:f8:bf:a5:d0:38:5a:d2:9f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:04 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c173b3d4fb11b9e1d2fcfd0f4d4d5c8ee34681a32913b2434cd01190fa0c7900, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b1:1f:b2:6d:22:7b:92:2d:14:43:bd:6f:65:
55:e5:f9:e7:66:81:0c:c7:56:8f:80:dd:d6:d2:ee:
4a:7c:f3:0d:60:09:7f:20:45:72:ea:a6:0b:13:ec:
3b:9a:6b:f7:a8:9e:ff:39:d5:26:2f:5e:b9:7f:05:
f1:7c:23:37:8b:02:31:0d:de:f8:5e:d3:7f:73:61:
a6:81:48:a9:d5:83:b4:c9:b5:69:61:b3:50:f6:f5:
f5:11:47:1c:c3:1d:61:86:e3:fc:33:c7:07:4c:9c:
34:a7:52:57:e7:78:35:d7:d1:ac:01:bc:f7:7f:fd:
1d:76:f2:c5:70:74:7e:cc:55:5b:97:68:2d:24:8d:
16:ac:56:13:34:21:b2:e2:e6:66:ab:9f:35:2a:c4:
60:e7:47:36:9c:6d:1e:7e:71:fd:83:0c:0a:0f:a3:
49:a3:ef:91:c3:0c:d2:43:5e:eb:b4:f0:f3:74:72:
9e:00:b9:28:68:7e:aa:d4:25:44:b4:2a:88:97:7b:
ef:6e:6d:60:24:c9:ec:a8:0b:65:03:8d:fd:95:34:
c2:b4:d6:dc:98:73:0d:c7:c2:84:e6:9b:f7:1f:af:
1a:7c:61:b9:6d:1f:3e:41:6f:4d:69:cd:55:34:39:
50:d1:43:09:a5:3e:14:57:94:f9:7c:c9:aa:4b:95:
9a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:86:3E:60:CB:0D:62:B1:8C:F8:2B:7B:5A:7F:A3:02:B2:84:F0:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:71:9f:86:2c:83:2f:82:76:d1:58:d0:05:0f:ed:13:e0:52:
eb:52:72:43:89:3e:4c:a4:d3:77:46:29:76:d4:56:23:72:5e:
dc:99:7b:eb:43:00:9c:8e:5e:f5:fe:83:5f:10:8a:01:92:5e:
03:c9:63:30:0b:cc:ff:dd:a9:0e:e8:71:dd:46:72:86:54:8d:
a1:e9:e2:e1:6c:ab:5c:f7:52:55:2b:e4:e3:dc:b4:18:b6:20:
84:14:a1:cf:a4:fc:ea:2b:4c:f8:c7:6d:f1:2e:93:92:80:9e:
77:4a:ea:41:68:74:75:87:22:59:8d:5f:b1:4e:c7:b4:fa:4c:
a2:81:bc:0e:04:57:ec:8b:07:0c:d3:06:8a:e8:62:5f:f8:d1:
3f:5f:2f:e9:6b:3d:48:bd:c5:4a:66:fe:b6:49:b8:30:b4:e5:
2e:c1:65:5f:95:15:ab:ab:1b:2d:93:42:0e:a2:b2:bb:01:5d:
79:41:98:8f:20:8f:10:71:0a:01:c7:66:2b:4b:2d:5a:7e:df:
86:b9:27:ff:86:a8:01:47:1a:f1:40:f2:bb:40:b9:72:cb:43:
56:0f:eb:92:91:16:0a:5f:eb:88:97:b5:6b:39:dd:12:fa:00:
26:1b:02:82:88:ad:51:3f:ce:c7:72:7a:d3:b4:ea:4c:e1:b8:
a2:31:1e:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIFbYb3dl9/swSaL4v6XQOFrSnygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMDRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxNzNiM2Q0ZmIxMWI5ZTFkMmZjZmQwZjRkNGQ1YzhlZTM0NjgxYTMyOTEz
YjI0MzRjZDAxMTkwZmEwYzc5MDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOxH7JtInuSLRRDvW9lVeX552aBDMdWj4Dd1tLuSnzzDWAJfyBFcuqmCxPs
O5pr96ie/znVJi9euX8F8XwjN4sCMQ3e+F7Tf3NhpoFIqdWDtMm1aWGzUPb19RFH
HMMdYYbj/DPHB0ycNKdSV+d4NdfRrAG893/9HXbyxXB0fsxVW5doLSSNFqxWEzQh
suLmZqufNSrEYOdHNpxtHn5x/YMMCg+jSaPvkcMM0kNe67Tw83RyngC5KGh+qtQl
RLQqiJd7725tYCTJ7KgLZQON/ZU0wrTW3JhzDcfChOab9x+vGnxhuW0fPkFvTWnN
VTQ5UNFDCaU+FFeU+XzJqkuVmm0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJhj5g
yw1isYz4K3taf6MCsoTwYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQBocZ+GLIMvgnbRWNAFD+0T4FLrUnJDiT5MpNN3Ril2
1FYjcl7cmXvrQwCcjl71/oNfEIoBkl4DyWMwC8z/3akO6HHdRnKGVI2h6eLhbKtc
91JVK+Tj3LQYtiCEFKHPpPzqK0z4x23xLpOSgJ53SupBaHR1hyJZjV+xTse0+kyi
gbwOBFfsiwcM0waK6GJf+NE/Xy/paz1IvcVKZv62SbgwtOUuwWVflRWrqxstk0IO
orK7AV15QZiPII8QcQoBx2YrSy1aft+GuSf/hqgBRxrxQPK7QLlyy0NWD+uSkRYK
X+uIl7VrOd0S+gAmGwKCiK1RP87HcnrTtOpM4biiMR7d
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:48 2025 by rpki-client