
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: gBBma7vubyNpbeeGP2zfRXVtQ1gWOntNm6QnerdG0kI=
Subject key identifier: A2:02:0E:A7:1E:CE:21:95:13:B6:52:3E:14:61:66:7B:67:BE:D9:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0452E06A661BF3FDAFF4E7ABF80A5E7A7954C35E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Fri 11 Jul 2025 20:50:17 +0000
ROA not before: Fri 11 Jul 2025 20:50:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:52:e0:6a:66:1b:f3:fd:af:f4:e7:ab:f8:0a:5e:7a:79:54:c3:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=51766e580f7b458542cac79c397301fe885813a21fc2560451fedc5b6c966f49, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5a:97:8d:9e:57:97:cb:3c:42:44:3f:59:c5:
b2:2e:18:a4:6d:86:00:d7:2b:06:24:2c:ab:7c:91:
37:9f:94:01:c7:b1:16:62:48:8d:1a:e7:92:0c:f1:
35:a4:eb:8d:18:12:7a:4f:7a:be:c0:78:e8:c8:8a:
58:a2:79:eb:53:fc:9e:4d:5f:b4:df:05:dc:fb:ca:
8b:7c:86:0c:57:74:ca:5f:a4:7a:c9:d0:35:28:58:
4b:6c:9c:c6:e3:15:25:9e:79:b0:3b:e4:04:d1:79:
b6:d1:06:b1:34:43:c0:42:f4:b4:f0:1d:83:a3:43:
fa:46:44:0e:2c:e1:f0:84:03:1b:d5:21:c7:3e:91:
b9:de:92:f2:ea:9e:77:ab:13:4e:f5:ee:28:30:cb:
92:6a:b8:2e:17:a5:d0:3a:81:ac:a1:bf:c9:38:5e:
84:4a:8c:9b:87:4c:8b:00:8d:a5:56:4b:e2:5a:61:
01:db:6d:e8:b7:56:67:ee:e3:ff:3a:3d:04:f0:56:
ee:10:fd:14:ba:47:44:2d:f2:ab:b9:7c:f2:9e:c8:
7c:09:ee:0f:1f:e2:e8:2f:de:a9:4a:f1:e6:c7:ca:
73:43:15:53:5f:2c:60:6f:10:68:2a:67:d9:d1:45:
9f:25:ed:aa:ed:d1:d9:15:f4:b1:61:02:31:f2:7f:
0d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:02:0E:A7:1E:CE:21:95:13:B6:52:3E:14:61:66:7B:67:BE:D9:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4f:dc:95:6e:cb:77:3c:f9:a7:11:09:1c:91:bd:af:10:a0:02:
1e:af:ef:81:85:0d:e0:96:f7:fd:e2:a5:14:14:f2:c3:e2:e5:
5d:89:2a:4f:60:b0:03:f9:56:c3:22:8d:5b:8e:a2:34:37:01:
a9:ab:87:6b:ce:12:3b:2c:dc:81:08:79:a5:e1:eb:13:ff:a6:
72:87:69:db:ac:3b:2f:2a:0b:58:ba:cc:45:9b:6b:f1:f3:74:
a1:5e:22:73:9b:9e:b4:56:57:e8:2e:8b:f4:29:f0:9b:94:8f:
41:53:7f:13:2c:f0:81:ba:42:c9:12:06:f0:e5:5a:1f:8c:b1:
d4:e4:45:30:ee:31:cc:29:ac:f5:ca:ed:e1:75:b2:a6:8e:f3:
d8:c7:7a:7e:e7:87:5d:20:55:32:09:e6:e7:d6:40:b8:0c:bb:
c5:2c:93:70:70:0b:5f:c6:b4:13:aa:94:6c:30:ac:05:68:51:
56:2e:8d:5d:49:ae:39:23:9e:0e:f0:5a:d0:04:24:fc:c0:4c:
c3:0f:9b:ef:90:ad:e1:d2:35:9b:f5:41:7f:e8:dc:10:2d:7c:
c5:10:23:84:80:74:ff:d2:ba:2d:09:63:30:52:3b:1b:1e:f5:
4b:9d:c5:e8:ca:bd:69:57:d2:36:33:36:2c:2d:bc:b6:ba:58:
23:ab:ee:5c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBFLgamYb8/2v9Oer+ApeenlUw14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNzY2ZTU4MGY3YjQ1ODU0MmNhYzc5YzM5NzMwMWZlODg1ODEzYTIxZmMy
NTYwNDUxZmVkYzViNmM5NjZmNDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVal42eV5fLPEJEP1nFsi4YpG2GANcrBiQsq3yRN5+UAcexFmJIjRrnkgzx
NaTrjRgSek96vsB46MiKWKJ561P8nk1ftN8F3PvKi3yGDFd0yl+kesnQNShYS2yc
xuMVJZ55sDvkBNF5ttEGsTRDwEL0tPAdg6ND+kZEDizh8IQDG9Uhxz6Rud6S8uqe
d6sTTvXuKDDLkmq4Lhel0DqBrKG/yThehEqMm4dMiwCNpVZL4lphAdtt6LdWZ+7j
/zo9BPBW7hD9FLpHRC3yq7l88p7IfAnuDx/i6C/eqUrx5sfKc0MVU18sYG8QaCpn
2dFFnyXtqu3R2RX0sWECMfJ/DTkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSiAg6n
Hs4hlRO2Uj4UYWZ7Z77ZgjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQBP3JVuy3c8+acRCRyRva8QoAIer++BhQ3glvf94qUU
FPLD4uVdiSpPYLAD+VbDIo1bjqI0NwGpq4drzhI7LNyBCHml4esT/6Zyh2nbrDsv
KgtYusxFm2vx83ShXiJzm560VlfoLov0KfCblI9BU38TLPCBukLJEgbw5VofjLHU
5EUw7jHMKaz1yu3hdbKmjvPYx3p+54ddIFUyCebn1kC4DLvFLJNwcAtfxrQTqpRs
MKwFaFFWLo1dSa45I54O8FrQBCT8wEzDD5vvkK3h0jWb9UF/6NwQLXzFECOEgHT/
0rotCWMwUjsbHvVLncXoyr1pV9I2MzYsLby2ulgjq+5c
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:44:18 2025 by rpki-client