Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: DWITdjr1zLyg/ftDRc9OcveazKkxu5rjmvXyaqlBV0Q=
Subject key identifier: D0:5B:C5:C8:C7:9C:83:D1:5F:F3:65:D4:CE:72:44:D3:07:E4:35:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0479984219830B0D3D0423B802C0B3BF4FBAAA12
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Mon 14 Jul 2025 15:30:49 +0000
ROA not before: Mon 14 Jul 2025 15:30:49 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:79:98:42:19:83:0b:0d:3d:04:23:b8:02:c0:b3:bf:4f:ba:aa:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:49 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=5770a6001cbe9968391014fed3c22c050dfe82b2679c48c3a9e848dd8269de49, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:70:11:cc:2f:2c:1f:60:9a:6c:00:13:b9:10:
fc:79:77:51:55:b0:6d:02:71:8d:32:70:fd:9a:84:
e9:10:b8:e2:cd:ad:8f:13:f9:50:9c:ea:04:a5:1b:
00:c5:5c:21:fa:df:57:2c:38:db:6d:f1:e8:8a:bb:
9d:a3:33:31:d8:94:df:c0:d6:94:87:99:3b:18:7f:
ac:70:5b:eb:04:64:9d:b5:a2:71:3c:c3:0a:ef:ea:
4b:58:c5:1a:d9:44:2d:6d:82:28:84:eb:7a:52:16:
d5:f0:9d:df:c7:b0:35:3f:88:b3:70:25:79:3b:31:
49:78:87:1d:a7:53:1d:57:4c:e3:8c:f8:46:f1:e9:
e9:d1:4f:e2:88:88:2e:37:a3:61:24:01:06:77:ef:
b5:f6:f5:9e:09:01:48:ae:b0:5f:4e:04:02:54:c9:
49:39:6b:32:91:fd:aa:33:f7:f6:51:7b:a2:fa:a6:
22:74:0e:79:e4:21:67:4c:61:33:23:ec:ed:1c:da:
68:2f:98:42:3e:3a:5c:7e:a1:60:74:f7:f3:68:7c:
01:3d:c0:ef:db:1e:35:0a:4f:e8:13:3a:59:fc:74:
ec:10:3b:e0:b3:8c:e5:7d:45:86:64:72:80:74:31:
7e:fb:16:2c:9e:4c:1a:c2:7d:b1:34:7c:36:3e:65:
44:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5B:C5:C8:C7:9C:83:D1:5F:F3:65:D4:CE:72:44:D3:07:E4:35:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:59:8c:3a:88:9e:dd:b5:24:03:d4:74:f8:c1:7d:2c:6f:35:
25:0b:c0:2c:a2:80:68:6d:f9:88:6e:73:dd:2f:8b:1b:7d:7d:
00:82:e0:75:b6:b6:f9:4e:8e:26:c3:1d:55:f5:89:f9:c8:77:
b8:9a:7f:ae:3c:da:17:68:e4:60:0e:76:ca:4f:af:72:3a:06:
ef:1f:24:a1:fa:4a:c0:c3:df:09:9e:d6:9e:eb:1c:96:8c:02:
ff:dd:04:0e:0f:96:5b:9f:91:4b:ec:da:fb:95:2f:8d:c7:70:
ec:af:13:d1:bb:a9:a8:45:f6:ef:0e:46:a0:bf:8d:54:82:ba:
b7:0a:6f:a5:82:07:18:eb:49:ed:93:eb:b3:8e:b9:a5:6b:06:
f0:61:f0:36:44:d6:6b:74:e2:d6:fc:05:e8:78:18:b6:78:3f:
81:05:d1:db:d8:ce:f2:fc:cc:74:5f:4f:7f:f6:87:54:c1:96:
2f:32:4d:a2:57:15:6d:99:1c:9a:cf:15:25:7f:57:7a:2c:57:
b6:e0:86:84:5e:77:d0:1b:0e:f0:6e:bd:02:e6:86:62:79:4f:
5a:96:ee:03:df:a8:72:3d:c6:8c:b9:75:77:0e:bb:64:f8:cc:
76:87:df:89:96:e8:05:d6:dd:3d:eb:a9:65:db:9f:fe:3f:6f:
b9:9e:73:31
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBHmYQhmDCw09BCO4AsCzv0+6qhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwNDlaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3NzBhNjAwMWNiZTk5NjgzOTEwMTRmZWQzYzIyYzA1MGRmZTgyYjI2Nzlj
NDhjM2E5ZTg0OGRkODI2OWRlNDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpwEcwvLB9gmmwAE7kQ/Hl3UVWwbQJxjTJw/ZqE6RC44s2tjxP5UJzqBKUb
AMVcIfrfVyw4223x6Iq7naMzMdiU38DWlIeZOxh/rHBb6wRknbWicTzDCu/qS1jF
GtlELW2CKITrelIW1fCd38ewNT+Is3AleTsxSXiHHadTHVdM44z4RvHp6dFP4oiI
LjejYSQBBnfvtfb1ngkBSK6wX04EAlTJSTlrMpH9qjP39lF7ovqmInQOeeQhZ0xh
MyPs7RzaaC+YQj46XH6hYHT382h8AT3A79seNQpP6BM6Wfx07BA74LOM5X1FhmRy
gHQxfvsWLJ5MGsJ9sTR8Nj5lRPMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTQW8XI
x5yD0V/zZdTOckTTB+Q1ETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAmlmMOoie3bUkA9R0+MF9LG81JQvALKKAaG35iG5z
3S+LG319AILgdba2+U6OJsMdVfWJ+ch3uJp/rjzaF2jkYA52yk+vcjoG7x8kofpK
wMPfCZ7WnusclowC/90EDg+WW5+RS+za+5Uvjcdw7K8T0bupqEX27w5GoL+NVIK6
twpvpYIHGOtJ7ZPrs465pWsG8GHwNkTWa3Ti1vwF6HgYtng/gQXR29jO8vzMdF9P
f/aHVMGWLzJNolcVbZkcms8VJX9XeixXtuCGhF530BsO8G69AuaGYnlPWpbuA9+o
cj3GjLl1dw67ZPjMdoffiZboBdbdPeupZduf/j9vuZ5zMQ==
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:43:01 2025 by rpki-client