Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: kggYjCd5qddJ23AUTXw5Ud4+64iOBGh6eqeJiX1Nblc=
Subject key identifier: 16:7C:91:9F:3A:1A:AE:7C:BA:CA:F0:C0:C7:6D:17:7B:F3:1D:3B:A4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3CE795DCDBC63E69530090805107E1BD98B879D8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Fri 11 Jul 2025 20:50:15 +0000
ROA not before: Fri 11 Jul 2025 20:50:15 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:e7:95:dc:db:c6:3e:69:53:00:90:80:51:07:e1:bd:98:b8:79:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:15 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f7bf5a91c4646676d72139bc086ac754e63e7dfaa106d2a300467096f5426000, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4f:99:c6:7d:18:28:32:8b:97:83:19:45:fe:
a1:2c:33:ff:ac:8c:04:20:c9:3d:db:23:79:21:aa:
13:93:12:9b:26:6d:f5:b1:3d:8f:8a:8d:ca:1f:71:
4a:d9:d5:de:5d:19:c2:27:5e:73:d4:ad:79:02:f7:
bf:0f:1f:9c:77:28:68:37:ba:c6:ee:4e:d3:46:a1:
40:f4:fb:62:6f:e8:77:3f:d7:8f:71:d8:60:26:12:
ec:99:9b:d0:8a:53:05:62:af:6f:c5:83:bb:2e:2b:
c9:4a:db:b8:ad:63:ad:1f:0b:3e:da:3f:11:de:9c:
37:cf:2f:b0:e4:e7:b8:28:06:41:54:97:15:fe:74:
4d:72:8d:b9:27:f4:05:9e:c5:c1:cb:97:15:58:a1:
38:c4:a9:ac:2c:21:5b:1d:9d:26:90:31:c1:9a:56:
03:a0:14:ce:b3:91:08:3c:a1:cb:1d:30:ba:00:25:
76:13:46:dd:43:25:f1:73:07:43:4f:6a:98:04:99:
9f:ef:d8:1f:1f:6d:c8:08:8a:73:2a:81:83:f3:31:
cb:51:8a:bd:54:db:45:62:50:dd:2b:3b:44:63:e4:
fa:2b:16:7d:ac:9c:48:70:2a:47:f2:90:79:ed:02:
c7:be:eb:3d:bf:84:ad:8d:b6:0e:26:59:83:7b:9f:
8d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7C:91:9F:3A:1A:AE:7C:BA:CA:F0:C0:C7:6D:17:7B:F3:1D:3B:A4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:eb:0b:f5:f6:3b:54:35:fa:0e:ee:98:58:a7:3d:64:37:6e:
ef:a4:8b:63:65:30:e6:2e:d3:e8:15:cc:0b:d7:ad:4b:95:8d:
6d:a0:7f:2f:50:45:3b:a2:8d:5d:cb:8e:57:69:ee:86:11:0f:
a6:74:70:4d:7d:d0:59:86:4a:b4:e4:9c:e9:97:2b:59:30:53:
74:20:06:eb:df:c5:53:77:8c:7a:16:18:d6:50:20:2e:93:fb:
af:f6:4b:0d:cd:9c:9e:41:4d:39:3c:6f:b8:df:1b:a2:da:f5:
58:ad:7d:24:a6:eb:81:9f:2a:77:09:41:17:c6:05:8c:5d:31:
95:e4:e5:31:22:f9:b3:e1:59:0d:e2:4b:f6:a3:5b:e3:e7:99:
53:46:33:60:02:d4:e4:55:b2:5f:ce:f6:b7:d5:6e:49:08:05:
b1:3b:7d:5e:ed:07:85:b5:80:e1:8a:e1:88:a5:41:5a:56:a0:
f5:74:07:5a:35:31:d1:5a:13:72:49:ec:64:fe:59:df:39:cc:
d0:be:67:9f:34:3f:b5:da:4d:a7:0c:f0:0d:89:68:3f:b1:7c:
50:90:44:69:ae:81:27:c6:9f:eb:5a:08:84:69:cd:a8:4d:7f:
02:03:78:ad:ab:5a:d8:a2:f5:c3:a3:f4:8a:9d:e7:a8:56:85:
73:32:fb:af
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPOeV3NvGPmlTAJCAUQfhvZi4edgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3YmY1YTkxYzQ2NDY2NzZkNzIxMzliYzA4NmFjNzU0ZTYzZTdkZmFhMTA2
ZDJhMzAwNDY3MDk2ZjU0MjYwMDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpPmcZ9GCgyi5eDGUX+oSwz/6yMBCDJPdsjeSGqE5MSmyZt9bE9j4qNyh9x
StnV3l0Zwidec9SteQL3vw8fnHcoaDe6xu5O00ahQPT7Ym/odz/Xj3HYYCYS7Jmb
0IpTBWKvb8WDuy4ryUrbuK1jrR8LPto/Ed6cN88vsOTnuCgGQVSXFf50TXKNuSf0
BZ7FwcuXFVihOMSprCwhWx2dJpAxwZpWA6AUzrORCDyhyx0wugAldhNG3UMl8XMH
Q09qmASZn+/YHx9tyAiKcyqBg/Mxy1GKvVTbRWJQ3Ss7RGPk+isWfaycSHAqR/KQ
ee0Cx77rPb+ErY22DiZZg3ufjccCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQWfJGf
OhqufLrK8MDHbRd78x07pDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQCI6wv19jtUNfoO7phYpz1kN27vpItjZTDmLtPoFcwL
161LlY1toH8vUEU7oo1dy45Xae6GEQ+mdHBNfdBZhkq05JzplytZMFN0IAbr38VT
d4x6FhjWUCAuk/uv9ksNzZyeQU05PG+43xui2vVYrX0kpuuBnyp3CUEXxgWMXTGV
5OUxIvmz4VkN4kv2o1vj55lTRjNgAtTkVbJfzva31W5JCAWxO31e7QeFtYDhiuGI
pUFaVqD1dAdaNTHRWhNySexk/lnfOczQvmefND+12k2nDPANiWg/sXxQkERproEn
xp/rWgiEac2oTX8CA3itq1rYovXDo/SKneeoVoVzMvuv
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:36:48 2025 by rpki-client