Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
File: 16466217-dced-4a5a-a70d-36ae6ab6acbe.roa (raw, json)
Hash identifier: kiQIf4g06JV0W5WvK4fCdrZaLhsFJ9vG5naoveIcyKc=
Subject key identifier: FC:FF:FE:12:03:A5:57:98:27:6F:E9:DA:2B:FB:54:35:E0:B9:EA:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25863088A23892DC6A6CE10D9A97A9E5AC3268D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
Signing time: Mon 14 Jul 2025 15:40:47 +0000
ROA not before: Mon 14 Jul 2025 15:40:47 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:86:30:88:a2:38:92:dc:6a:6c:e1:0d:9a:97:a9:e5:ac:32:68:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:47 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=89c59e813c9d3fbab5ac84eae71fc49c05976d2ee691ba02ebcb8de16f2b23b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8c:1d:f6:f3:eb:e5:0c:d0:02:c3:32:41:c9:
1a:ee:72:3c:fb:97:ec:5c:00:59:3b:86:b5:d5:c1:
72:2d:37:9b:e9:ac:73:a0:96:3d:75:95:79:4a:bd:
ed:6d:6b:46:c1:25:fe:ac:ef:8f:a9:c7:11:82:38:
47:fb:00:ac:cd:a0:dc:62:10:69:e5:c8:f4:bc:7e:
f8:1a:5a:14:dd:95:91:e3:78:f8:a9:85:5d:04:05:
7b:ea:47:ae:d5:be:1c:bd:af:31:43:cf:99:06:a5:
90:6f:83:33:01:c4:85:32:62:a9:0e:27:80:54:bd:
f0:eb:5f:5f:10:17:d1:d0:2b:26:73:e8:bd:28:ca:
92:c7:f6:01:36:8f:ba:8d:00:b9:01:91:28:bd:b3:
47:b5:49:7d:ad:2f:8d:61:fd:07:8e:19:c0:1d:f0:
1f:66:69:1e:4e:38:08:f2:4b:8f:d9:05:9f:89:e4:
14:62:8e:4e:b1:47:2b:c4:df:62:9f:30:15:62:45:
30:5b:6d:f0:38:e4:89:7a:3a:23:95:29:85:e8:6c:
14:31:b6:1b:65:af:69:ab:66:33:83:cf:b3:a5:57:
b9:21:e4:36:97:ac:17:f0:2e:99:9f:af:28:53:3e:
72:62:a4:1c:02:d0:3c:7a:20:98:53:8d:f8:42:f0:
c8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:FF:FE:12:03:A5:57:98:27:6F:E9:DA:2B:FB:54:35:E0:B9:EA:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
5e:4f:13:16:2f:b0:c1:92:dc:82:2e:56:0b:67:30:a7:92:e4:
26:f4:d4:5c:13:df:3d:65:d1:af:b0:f0:ac:e2:38:eb:e8:e3:
7e:ee:2d:d1:7b:c8:c6:ff:57:13:ac:c2:d3:d2:2d:6d:8f:f7:
69:fd:37:24:0e:83:ae:0d:16:16:8c:1b:56:03:30:5e:ff:bc:
a4:5e:5c:da:f3:2a:72:25:31:d8:0b:31:61:d1:70:89:3b:1a:
da:ef:a0:19:cb:53:4e:95:1e:b3:15:4a:a3:0a:57:89:a5:3a:
e8:38:fa:fc:19:a5:d4:29:2b:98:c3:32:34:e5:ca:1e:28:7d:
97:4c:02:70:a0:9e:67:d3:28:0f:a5:19:50:48:09:c2:3b:14:
fd:aa:22:90:00:f2:aa:2f:6f:4d:a5:b2:eb:35:8a:81:bd:85:
8e:cd:9c:cc:64:09:66:36:22:e2:64:f9:97:7e:7e:61:a2:42:
87:4b:96:e0:a3:8e:c6:e8:ea:a6:55:20:9f:ce:1a:21:ec:7b:
f4:a0:0f:51:ca:65:b0:33:89:70:41:02:d0:76:c4:62:b0:24:
f4:d0:ba:e3:c4:b1:ec:ba:83:60:c4:d3:d9:47:5f:53:b9:fe:
bd:2f:b4:18:d5:99:31:96:6c:70:5f:5f:37:77:9f:c5:85:5b:
a5:01:a0:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJYYwiKI4ktxqbOENmpep5awyaNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwNDdaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YzU5ZTgxM2M5ZDNmYmFiNWFjODRlYWU3MWZjNDljMDU5NzZkMmVlNjkx
YmEwMmViY2I4ZGUxNmYyYjIzYjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeMHfbz6+UM0ALDMkHJGu5yPPuX7FwAWTuGtdXBci03m+msc6CWPXWVeUq9
7W1rRsEl/qzvj6nHEYI4R/sArM2g3GIQaeXI9Lx++BpaFN2VkeN4+KmFXQQFe+pH
rtW+HL2vMUPPmQalkG+DMwHEhTJiqQ4ngFS98OtfXxAX0dArJnPovSjKksf2ATaP
uo0AuQGRKL2zR7VJfa0vjWH9B44ZwB3wH2ZpHk44CPJLj9kFn4nkFGKOTrFHK8Tf
Yp8wFWJFMFtt8DjkiXo6I5UphehsFDG2G2WvaatmM4PPs6VXuSHkNpesF/AumZ+v
KFM+cmKkHALQPHogmFON+ELwyO8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8//4S
A6VXmCdv6dor+1Q14LnqQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY0NjYyMTctZGNlZC00YTVhLWE3MGQtMzZhZTZhYjZhY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQBeTxMWL7DBktyCLlYLZzCnkuQm9NRcE989ZdGvsPCs
4jjr6ON+7i3Re8jG/1cTrMLT0i1tj/dp/TckDoOuDRYWjBtWAzBe/7ykXlza8ypy
JTHYCzFh0XCJOxra76AZy1NOlR6zFUqjCleJpTroOPr8GaXUKSuYwzI05coeKH2X
TAJwoJ5n0ygPpRlQSAnCOxT9qiKQAPKqL29NpbLrNYqBvYWOzZzMZAlmNiLiZPmX
fn5hokKHS5bgo47G6OqmVSCfzhoh7Hv0oA9RymWwM4lwQQLQdsRisCT00LrjxLHs
uoNgxNPZR19Tuf69L7QY1ZkxlmxwX183d5/FhVulAaB3
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:47:12 2025 by rpki-client