
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json)
Hash identifier: q8knwjgCM7Lf39MqbjRELFAFQhDmWq/wKBFFn8HJwqc=
Subject key identifier: 89:85:17:D6:E9:58:4F:CB:B0:2C:7F:4D:F8:20:8E:9B:CD:31:5C:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C21876BF01B52730B0D33D03111F37762A5DEBA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
Signing time: Mon 14 Jul 2025 15:40:08 +0000
ROA not before: Mon 14 Jul 2025 15:40:08 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:21:87:6b:f0:1b:52:73:0b:0d:33:d0:31:11:f3:77:62:a5:de:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:08 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=4a26cfa2d1219e50b3572967317165b78f03aa2d2d76b9472f03218aadbd0855, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:27:60:e0:a8:a5:95:cd:15:a1:2d:09:55:13:
46:ab:1f:98:97:34:ff:5e:3a:09:cd:0d:ea:5f:b6:
91:62:50:21:2e:c8:de:75:41:69:2d:3e:9f:d9:b5:
1c:61:24:24:ba:63:c4:99:1f:6b:35:31:b1:49:91:
90:c7:ca:04:71:f9:0c:7c:59:9e:83:6b:43:6d:d3:
6d:64:0c:7f:08:2f:4e:d2:b3:56:4a:09:f8:36:b3:
ca:bc:93:23:41:34:2a:2c:76:35:24:64:33:d8:03:
79:5a:a1:eb:b0:5f:2a:2c:10:95:85:43:e3:a3:e5:
f7:3c:94:b7:9b:4e:f0:8b:62:79:86:61:56:ad:c0:
49:75:54:38:15:6b:a6:0e:87:2a:e6:fe:3c:c8:4b:
b3:27:07:9b:62:c6:8a:8f:08:8d:fe:7d:50:27:88:
7d:09:3b:56:9b:55:23:15:f3:10:7b:10:d6:3c:22:
43:9e:ca:8a:3b:32:46:a8:8f:4c:60:64:05:01:a5:
c2:3f:51:01:1b:8c:00:d5:b8:f8:c4:d1:0a:75:b6:
4b:3d:27:1f:3d:25:ff:3b:f1:f7:62:82:4c:01:15:
02:e0:e0:4f:5b:3b:3f:07:35:61:a6:3f:41:01:ac:
49:58:9c:8e:bc:ee:77:65:67:04:d4:b6:f7:80:ee:
bf:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:85:17:D6:E9:58:4F:CB:B0:2C:7F:4D:F8:20:8E:9B:CD:31:5C:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.183.0/24
Signature Algorithm: sha256WithRSAEncryption
52:d7:c3:48:30:43:8f:a0:db:c4:ee:94:b7:73:b3:34:00:f8:
72:89:42:54:c8:93:ee:f0:54:d5:a7:5c:6c:8e:8f:27:6a:7d:
3d:2b:f1:36:ef:20:41:72:67:06:66:02:b2:21:cf:30:79:2a:
8c:06:90:c4:39:6b:7a:b3:f4:af:02:f4:d4:fb:4a:13:35:9e:
5c:3e:e8:b8:85:18:2b:1b:eb:f4:be:e5:3b:bd:de:5e:32:78:
70:84:ca:d4:ad:b4:ff:15:1e:de:3b:e0:2a:eb:f3:dc:a9:46:
90:ae:7c:09:91:fe:49:39:0b:53:75:29:af:fa:7a:d9:95:84:
8d:f2:0a:be:72:3a:66:fb:6a:1a:76:cc:ab:a9:a6:fc:75:31:
e6:ba:d6:92:93:f3:1c:f7:6d:20:f8:5d:95:63:01:5c:67:37:
f9:0f:f5:3e:16:7a:93:79:a7:b4:28:d9:cd:ca:2b:34:41:a2:
cf:40:ce:d3:39:73:1a:db:34:af:69:fd:40:45:89:d1:30:2c:
3c:97:bb:38:4a:7b:13:16:d6:34:85:78:1f:2b:61:a7:f9:7f:
5b:13:4d:11:03:59:23:6a:64:f7:f7:f7:5e:5e:ac:08:77:38:
a7:a6:8c:92:a2:15:92:7f:64:de:b9:c3:bb:c1:30:c6:74:33:
ce:64:51:e0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDCGHa/AbUnMLDTPQMRHzd2Kl3rowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMDhaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhMjZjZmEyZDEyMTllNTBiMzU3Mjk2NzMxNzE2NWI3OGYwM2FhMmQyZDc2
Yjk0NzJmMDMyMThhYWRiZDA4NTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJInYOCopZXNFaEtCVUTRqsfmJc0/146Cc0N6l+2kWJQIS7I3nVBaS0+n9m1
HGEkJLpjxJkfazUxsUmRkMfKBHH5DHxZnoNrQ23TbWQMfwgvTtKzVkoJ+DazyryT
I0E0Kix2NSRkM9gDeVqh67BfKiwQlYVD46Pl9zyUt5tO8ItieYZhVq3ASXVUOBVr
pg6HKub+PMhLsycHm2LGio8Ijf59UCeIfQk7VptVIxXzEHsQ1jwiQ57KijsyRqiP
TGBkBQGlwj9RARuMANW4+MTRCnW2Sz0nHz0l/zvx92KCTAEVAuDgT1s7Pwc1YaY/
QQGsSVicjrzud2VnBNS294Duv+kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSJhRfW
6VhPy7Asf034II6bzTFczjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN
BgkqhkiG9w0BAQsFAAOCAQEAUtfDSDBDj6DbxO6Ut3OzNAD4colCVMiT7vBU1adc
bI6PJ2p9PSvxNu8gQXJnBmYCsiHPMHkqjAaQxDlrerP0rwL01PtKEzWeXD7ouIUY
Kxvr9L7lO73eXjJ4cITK1K20/xUe3jvgKuvz3KlGkK58CZH+STkLU3Upr/p62ZWE
jfIKvnI6ZvtqGnbMq6mm/HUx5rrWkpPzHPdtIPhdlWMBXGc3+Q/1PhZ6k3mntCjZ
zcorNEGiz0DO0zlzGts0r2n9QEWJ0TAsPJe7OEp7ExbWNIV4Hythp/l/WxNNEQNZ
I2pk9/f3Xl6sCHc4p6aMkqIVkn9k3rnDu8EwxnQzzmRR4A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:37:29 2025 by rpki-client