Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: pJzM/nMdMdVgwSi2E0U6N1SIzMSmrfSdyL514fFv22c=
Subject key identifier: B5:31:9A:D1:E5:B5:32:0A:3C:9B:28:06:3F:B2:88:18:B6:A4:72:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27853A91C5E3E6324009079B3038AA079D4A2E40
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Fri 08 Aug 2025 00:40:17 +0000
ROA not before: Fri 08 Aug 2025 00:40:17 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:85:3a:91:c5:e3:e6:32:40:09:07:9b:30:38:aa:07:9d:4a:2e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:17 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=84df30205a1f25ea99809c89f00f9e8deb7dba225cf7fa44041c6b69802a0c82, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a0:e8:50:f8:2d:c1:5c:38:2c:03:06:23:c0:
9d:81:9b:d6:16:56:cf:78:b9:fc:17:ec:41:64:b4:
d4:0f:30:04:f7:61:8a:f3:55:b4:37:a8:91:4a:af:
b2:47:d3:3c:d1:ac:77:36:51:98:cd:71:68:2f:28:
60:aa:d4:8b:44:cc:13:b1:9e:7f:63:ba:fb:39:7a:
51:1b:21:ea:7c:bb:07:6f:54:e0:93:19:bd:0b:d9:
63:99:73:11:21:86:a8:6d:e2:64:fa:2c:85:ac:21:
5d:c5:9a:44:ff:b2:3b:66:ad:2f:51:68:57:76:f4:
90:ad:84:fa:da:50:83:ce:a2:da:7b:00:8b:94:15:
fd:50:39:df:9e:46:3d:9a:be:38:ab:0c:d5:ac:ee:
cc:9c:74:5b:fa:d6:64:0f:bd:eb:05:0c:a7:2c:29:
0c:1c:a4:16:38:b7:e5:6f:ec:5b:bd:86:4f:9d:91:
7f:52:a7:ec:18:7c:73:68:a0:99:c3:eb:5f:7b:6c:
59:89:6e:ac:e3:15:af:63:82:75:f6:81:87:f7:d8:
19:0b:59:ac:4c:b3:3a:b3:a3:43:80:8f:a1:bd:ec:
af:e3:01:e2:f4:cd:0d:6e:a0:58:02:09:b9:a5:ff:
47:82:ba:07:e1:a8:b2:5d:06:cd:45:cd:11:37:a7:
5e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:31:9A:D1:E5:B5:32:0A:3C:9B:28:06:3F:B2:88:18:B6:A4:72:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:c6:46:21:1b:81:00:8e:e5:0f:b3:62:af:07:42:17:36:bd:
1a:54:57:ec:33:5b:6d:72:e0:ea:a2:78:f9:ad:dd:18:d2:1f:
57:b1:ee:68:41:35:7e:2c:03:06:1c:3d:f7:38:7f:a9:3c:66:
1e:ec:28:24:66:77:37:3e:8c:99:c7:fa:de:26:2f:2d:40:63:
e2:62:98:8c:3b:4e:e3:c0:1f:3e:79:be:46:66:a6:4d:ac:a4:
38:c9:90:74:ff:89:4b:e8:c9:96:84:19:d7:be:e0:03:69:b1:
fe:35:15:54:7b:2e:ec:00:5c:37:e3:4a:74:31:6e:c4:3c:c5:
50:d6:e8:6b:85:86:e0:1f:50:e6:5e:9f:ef:7c:ee:1a:a0:4f:
6b:13:6a:00:ef:e3:a6:c8:99:d5:93:d8:b8:c3:51:82:67:eb:
10:fd:31:f9:1f:6c:76:98:e0:76:ae:2f:41:ee:34:87:d2:a0:
2d:fb:5e:ca:41:b2:4f:df:73:6a:47:88:ce:a0:81:98:c1:eb:
dd:52:2e:61:6b:59:c4:b9:bd:f9:3c:4b:75:98:ac:2c:38:80:
35:42:c8:92:7f:58:2d:2a:15:b5:9a:ad:ae:d4:74:fa:1c:ce:
12:da:b0:49:f8:ac:18:64:3c:3c:fb:0c:88:b7:79:af:d2:64:
08:0c:f5:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ4U6kcXj5jJACQebMDiqB51KLkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMTdaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ZGYzMDIwNWExZjI1ZWE5OTgwOWM4OWYwMGY5ZThkZWI3ZGJhMjI1Y2Y3
ZmE0NDA0MWM2YjY5ODAyYTBjODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeg6FD4LcFcOCwDBiPAnYGb1hZWz3i5/BfsQWS01A8wBPdhivNVtDeokUqv
skfTPNGsdzZRmM1xaC8oYKrUi0TME7Gef2O6+zl6URsh6ny7B29U4JMZvQvZY5lz
ESGGqG3iZPoshawhXcWaRP+yO2atL1FoV3b0kK2E+tpQg86i2nsAi5QV/VA5355G
PZq+OKsM1azuzJx0W/rWZA+96wUMpywpDBykFji35W/sW72GT52Rf1Kn7Bh8c2ig
mcPrX3tsWYlurOMVr2OCdfaBh/fYGQtZrEyzOrOjQ4CPob3sr+MB4vTNDW6gWAIJ
uaX/R4K6B+Gosl0GzUXNETenXuECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1MZrR
5bUyCjybKAY/sogYtqRy/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQCxxkYhG4EAjuUPs2KvB0IXNr0aVFfsM1ttcuDqonj5
rd0Y0h9Xse5oQTV+LAMGHD33OH+pPGYe7CgkZnc3PoyZx/reJi8tQGPiYpiMO07j
wB8+eb5GZqZNrKQ4yZB0/4lL6MmWhBnXvuADabH+NRVUey7sAFw340p0MW7EPMVQ
1uhrhYbgH1DmXp/vfO4aoE9rE2oA7+OmyJnVk9i4w1GCZ+sQ/TH5H2x2mOB2ri9B
7jSH0qAt+17KQbJP33NqR4jOoIGYwevdUi5ha1nEub35PEt1mKwsOIA1QsiSf1gt
KhW1mq2u1HT6HM4S2rBJ+KwYZDw8+wyIt3mv0mQIDPU6
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:22 2025 by rpki-client