Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
File: fd04a54b-459a-491a-a013-59d0ed55825f.roa (raw, json)
Hash identifier: 6N4Yn0zWAYGcSOK6FvIF+q0Tl0VnXW8TpPiN0Jlbefw=
Subject key identifier: 11:F0:75:DE:FF:9C:13:A1:06:C4:82:E4:72:F5:0E:29:DB:9F:68:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 06F9EAF9DF208137E887F2AF9DBBAC33DF18A0D6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
Signing time: Tue 05 Aug 2025 20:20:07 +0000
ROA not before: Tue 05 Aug 2025 20:20:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:f9:ea:f9:df:20:81:37:e8:87:f2:af:9d:bb:ac:33:df:18:a0:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d71144e6227fa3d339acc394ae0c28a740a287dc3fef33d9b6700500324b94c9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cc:6f:70:e6:e0:38:5f:95:d3:7e:38:36:46:
42:17:0b:37:38:0d:a0:ae:ec:46:7e:a7:2e:1e:f3:
9b:34:33:4c:16:07:d0:92:29:60:c8:f7:8f:f4:f4:
bf:c1:39:c6:34:9b:8a:20:4a:5f:90:70:34:57:de:
ec:ce:25:ef:66:ca:6b:3c:e4:9f:db:69:87:33:cf:
37:07:b5:cf:01:4d:74:52:82:73:21:3f:f6:ec:18:
9f:de:4e:23:51:0c:b1:c5:77:f4:66:04:d2:3d:7f:
6c:c0:67:56:5a:ec:d3:a8:5a:68:2c:07:d2:30:5e:
1b:c7:d7:9c:76:5b:ca:ae:93:64:e5:ff:26:cf:e3:
50:2a:86:99:5f:a0:62:2a:0b:16:3b:76:52:ad:19:
16:58:b5:34:9b:c4:53:b4:8e:03:8a:1c:3f:35:aa:
bd:e1:3c:b6:73:88:7b:59:69:cc:65:b9:aa:f4:09:
fc:ba:34:c4:62:7e:d5:5c:dc:c3:ef:72:c6:16:6b:
54:3b:7c:00:68:90:cb:f1:9a:12:de:28:ed:cc:6b:
ed:47:33:c2:50:4d:3d:32:85:d1:7e:11:1f:6b:4f:
46:c7:33:ab:23:83:06:27:db:1f:61:bc:d8:a5:68:
f3:2b:b4:c4:d9:1e:8b:6c:4a:9e:35:62:c6:1f:ee:
c0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F0:75:DE:FF:9C:13:A1:06:C4:82:E4:72:F5:0E:29:DB:9F:68:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:0d:4a:d3:56:65:0a:cc:3c:59:02:22:0b:77:43:80:e8:33:
21:38:16:a9:b0:11:f4:4a:e8:3e:0d:c7:70:b9:94:2d:7f:52:
f4:4a:3a:00:a6:36:86:ff:e0:17:73:00:cc:76:9b:bb:be:86:
c5:df:78:81:86:9a:35:d5:a4:f7:fb:48:af:44:65:cd:4d:da:
c0:d1:ad:9d:6b:7e:c9:c8:27:e0:00:4d:fe:b1:72:2a:2d:38:
e2:29:73:25:93:7c:38:eb:d7:99:24:4a:ab:b3:7a:32:f9:cd:
0d:3f:84:c6:b9:63:37:b6:0e:37:3e:8a:8e:50:02:f2:7e:e4:
59:19:55:07:8d:3c:c2:66:f2:d8:a3:0b:cf:c8:4a:c0:9a:c3:
52:39:d0:f5:7e:a3:e5:3b:de:fe:02:80:cf:b3:b2:fd:71:86:
0b:89:12:b6:65:cf:ed:d5:17:e5:bd:51:36:3b:41:f9:f5:04:
63:ff:d2:0b:6f:cb:07:22:a9:fb:a3:15:d0:1c:72:ae:96:27:
db:1d:15:47:a7:2a:7d:a6:ca:a5:45:20:95:66:8b:da:e9:c3:
6e:32:88:29:87:fb:98:e9:f4:d1:cf:42:13:6e:8f:5f:3e:50:
64:81:ab:1b:2d:af:e7:7f:5f:21:7a:2f:70:09:8d:4b:d3:98:
d0:7a:c1:54
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBvnq+d8ggTfoh/KvnbusM98YoNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3MTE0NGU2MjI3ZmEzZDMzOWFjYzM5NGFlMGMyOGE3NDBhMjg3ZGMzZmVm
MzNkOWI2NzAwNTAwMzI0Yjk0YzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOLMb3Dm4DhfldN+ODZGQhcLNzgNoK7sRn6nLh7zmzQzTBYH0JIpYMj3j/T0
v8E5xjSbiiBKX5BwNFfe7M4l72bKazzkn9tphzPPNwe1zwFNdFKCcyE/9uwYn95O
I1EMscV39GYE0j1/bMBnVlrs06haaCwH0jBeG8fXnHZbyq6TZOX/Js/jUCqGmV+g
YioLFjt2Uq0ZFli1NJvEU7SOA4ocPzWqveE8tnOIe1lpzGW5qvQJ/Lo0xGJ+1Vzc
w+9yxhZrVDt8AGiQy/GaEt4o7cxr7UczwlBNPTKF0X4RH2tPRsczqyODBifbH2G8
2KVo8yu0xNkei2xKnjVixh/uwJECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQR8HXe
/5wToQbEguRy9Q4p259o8DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmQwNGE1NGItNDU5YS00OTFhLWEwMTMtNTlkMGVkNTU4MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQB9DUrTVmUKzDxZAiILd0OA6DMhOBapsBH0Sug+Dcdw
uZQtf1L0SjoApjaG/+AXcwDMdpu7vobF33iBhpo11aT3+0ivRGXNTdrA0a2da37J
yCfgAE3+sXIqLTjiKXMlk3w469eZJEqrs3oy+c0NP4TGuWM3tg43PoqOUALyfuRZ
GVUHjTzCZvLYowvPyErAmsNSOdD1fqPlO97+AoDPs7L9cYYLiRK2Zc/t1RflvVE2
O0H59QRj/9ILb8sHIqn7oxXQHHKulifbHRVHpyp9psqlRSCVZova6cNuMogph/uY
6fTRz0ITbo9fPlBkgasbLa/nf18hei9wCY1L05jQesFU
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:12 2025 by rpki-client