Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: gtB5R14H/PDKB2DgGnYK6/b3Xp2neB3uDJXMPpsqeUo=
Subject key identifier: A5:67:7C:D4:24:01:40:5F:3C:3B:9D:C7:AB:B4:71:47:DF:37:C1:4C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2098F4D87780FAFF91BBE057A43D328C86E13039
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Fri 11 Jul 2025 20:50:12 +0000
ROA not before: Fri 11 Jul 2025 20:50:12 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:98:f4:d8:77:80:fa:ff:91:bb:e0:57:a4:3d:32:8c:86:e1:30:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:12 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7f94d2c439972931ca90aa73e15131eb6310b80a25acab62d69c25549527359c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e1:63:54:20:6f:49:83:46:11:56:91:a1:74:
8d:d2:51:8a:d1:65:91:54:ee:6c:09:0c:9a:95:a8:
64:94:e3:57:ac:ba:57:3a:5e:3b:51:30:7e:9c:9b:
42:2b:9e:d0:60:fa:2e:91:9b:38:42:0d:98:e3:55:
88:86:4c:8e:57:2e:d0:ff:5d:8c:4d:7c:89:5e:71:
97:38:36:d2:8d:97:68:3a:8b:6c:ca:28:2e:1d:a6:
9b:77:35:f9:4f:aa:27:d4:78:90:3d:5d:c6:78:22:
06:8c:84:0e:b1:91:3f:25:a7:56:d4:84:d3:42:9b:
8c:7a:ce:04:9b:de:be:7c:63:52:22:a2:7b:29:8a:
5e:25:4d:40:55:58:88:6c:43:6a:c6:70:1c:32:68:
6a:ff:65:20:c2:ac:fd:28:14:5e:b5:bd:8e:c9:f2:
0a:d9:69:d7:3a:09:04:a1:b6:9c:6a:40:3d:9d:0b:
05:fd:f5:00:43:bb:19:56:cf:e9:73:3e:66:b3:6f:
59:e3:c8:b1:19:22:3f:a1:35:4a:47:9c:23:75:f5:
60:52:93:c0:8e:1e:76:a7:fd:37:e7:92:e0:3b:46:
79:39:44:29:14:66:42:e5:29:8c:b2:8a:f0:e2:30:
a7:e4:d2:65:01:32:cc:81:15:8e:3d:75:89:d9:01:
14:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:67:7C:D4:24:01:40:5F:3C:3B:9D:C7:AB:B4:71:47:DF:37:C1:4C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ce:b5:08:f3:f2:82:43:dd:2e:d6:94:a8:e7:47:74:8e:65:53:
6a:1b:ab:49:57:6a:c9:6f:e6:4c:4e:63:a6:69:0d:b6:77:0d:
5f:2c:08:2c:da:cb:60:a2:e5:ce:53:10:96:24:4b:cb:01:20:
a5:78:c6:38:a2:49:53:3a:49:e0:1f:e4:9f:46:ef:d7:1c:a9:
92:e5:4e:78:ba:cd:64:7f:cb:b9:11:a7:8b:df:eb:5b:4f:58:
30:48:d9:ba:53:2c:76:6f:bc:e3:47:88:ef:31:8c:f3:51:83:
33:55:dc:02:71:a2:f7:f3:bc:32:06:9a:87:9f:0e:8c:fe:82:
81:16:7c:bf:2c:e5:72:0c:94:1f:2a:42:29:74:3d:98:7e:5f:
89:54:11:52:ef:aa:0c:a0:af:42:7e:a3:d7:cc:be:97:c2:e4:
0d:30:85:89:b8:02:0b:a2:f7:24:67:94:0f:fc:fe:56:61:76:
98:d3:cf:27:24:bd:06:ab:7f:bc:5c:c7:20:1d:40:f1:05:92:
90:79:26:e7:ef:61:f4:bb:73:fc:3a:47:b5:ee:d1:e6:2c:62:
86:91:6e:9a:04:ab:0e:c0:90:6b:64:a2:0f:90:47:0b:2b:27:
4f:7f:fb:95:61:b4:e3:da:9f:22:db:ad:c5:1e:c6:1d:fa:71:
d5:f7:a8:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIJj02HeA+v+Ru+BXpD0yjIbhMDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmOTRkMmM0Mzk5NzI5MzFjYTkwYWE3M2UxNTEzMWViNjMxMGI4MGEyNWFj
YWI2MmQ2OWMyNTU0OTUyNzM1OWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHhY1Qgb0mDRhFWkaF0jdJRitFlkVTubAkMmpWoZJTjV6y6VzpeO1Ewfpyb
Qiue0GD6LpGbOEINmONViIZMjlcu0P9djE18iV5xlzg20o2XaDqLbMooLh2mm3c1
+U+qJ9R4kD1dxngiBoyEDrGRPyWnVtSE00KbjHrOBJvevnxjUiKieymKXiVNQFVY
iGxDasZwHDJoav9lIMKs/SgUXrW9jsnyCtlp1zoJBKG2nGpAPZ0LBf31AEO7GVbP
6XM+ZrNvWePIsRkiP6E1SkecI3X1YFKTwI4edqf9N+eS4DtGeTlEKRRmQuUpjLKK
8OIwp+TSZQEyzIEVjj11idkBFD0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSlZ3zU
JAFAXzw7ncertHFH3zfBTDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQDOtQjz8oJD3S7WlKjnR3SOZVNqG6tJV2rJb+ZMTmOm
aQ22dw1fLAgs2stgouXOUxCWJEvLASCleMY4oklTOkngH+SfRu/XHKmS5U54us1k
f8u5EaeL3+tbT1gwSNm6Uyx2b7zjR4jvMYzzUYMzVdwCcaL387wyBpqHnw6M/oKB
Fny/LOVyDJQfKkIpdD2Yfl+JVBFS76oMoK9CfqPXzL6XwuQNMIWJuAILovckZ5QP
/P5WYXaY088nJL0Gq3+8XMcgHUDxBZKQeSbn72H0u3P8Oke17tHmLGKGkW6aBKsO
wJBrZKIPkEcLKydPf/uVYbTj2p8i263FHsYd+nHV96jZ
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:24 2025 by rpki-client