
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: bmKm4rUHJluvpewORWuKxfOECdj9kMFTa/Qahb0NB/8=
Subject key identifier: C5:2B:F9:30:24:A8:40:37:43:1A:7F:FA:2E:A6:1C:66:CB:C6:F1:AB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28D73845F94243DACBA63F04D9AE42E182F11CC8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Fri 11 Jul 2025 21:01:00 +0000
ROA not before: Fri 11 Jul 2025 21:01:00 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:d7:38:45:f9:42:43:da:cb:a6:3f:04:d9:ae:42:e1:82:f1:1c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:00 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=745bd63582909719d43e093e0453fdf7190aa5c5775e773a2711dedd2fddfac0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0a:6a:22:60:4a:11:a3:76:9d:9d:17:d9:4f:
6e:50:9e:9b:b6:30:19:c7:40:a8:84:5b:94:e4:4c:
b5:05:1f:6f:96:5d:8c:39:cc:23:61:b1:85:1a:c8:
76:47:df:00:11:1d:4d:dd:06:90:53:b8:fc:d7:13:
ba:09:e6:8c:25:a2:61:3d:19:d5:93:8d:64:cd:35:
5e:09:b7:e0:de:02:95:72:43:c3:4a:6c:ed:a1:7b:
ec:5b:fd:08:06:f2:4b:93:0a:33:61:c1:d6:e2:c8:
1e:2d:7d:5a:68:22:f6:0f:19:04:e2:42:2a:7f:70:
3b:e6:48:39:92:7f:1e:67:b6:1c:f9:87:53:db:7b:
be:fa:2f:39:5f:49:c2:1a:bb:57:01:68:6c:3e:68:
21:d9:f1:c3:44:4a:ad:b9:34:35:d7:80:46:bb:f9:
85:de:79:56:f5:be:c1:e3:83:2a:55:56:b2:80:6f:
23:5a:62:9a:fd:08:bf:1c:1f:c0:b1:3f:43:19:6e:
42:ec:38:65:89:80:ef:87:2a:bc:6a:45:74:30:1b:
01:49:92:11:3f:15:e7:11:f3:07:42:21:3a:a9:96:
80:4a:00:0e:ae:02:c7:7b:fe:43:1c:e1:df:a1:ae:
a4:3a:42:a4:a2:30:fe:76:0f:d6:97:7f:52:14:9f:
49:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:2B:F9:30:24:A8:40:37:43:1A:7F:FA:2E:A6:1C:66:CB:C6:F1:AB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8e:97:9e:f6:94:01:2a:68:31:8a:29:24:93:b8:05:2b:b3:dd:
2e:ee:03:b9:2f:e0:a1:21:17:1f:0b:58:ed:af:da:38:f9:c9:
eb:72:eb:c8:a2:77:e1:30:e8:61:98:f6:36:dd:1a:2e:7f:e4:
71:cc:3e:ba:e4:fc:63:0a:33:61:5f:b3:4d:d1:f5:a5:52:83:
d8:20:7a:5a:bf:dc:53:f2:9e:e1:fe:e7:98:f7:ca:98:94:3e:
59:fd:c2:b0:0e:4b:0c:8f:70:5a:78:06:41:a7:80:f6:61:21:
82:24:ce:e5:7b:89:bd:7c:f6:17:75:d0:75:e5:6f:fe:a7:07:
8a:b4:f7:e1:59:f7:0f:46:36:61:f9:49:65:43:e8:37:a0:f6:
87:21:f3:b6:0d:d4:2d:84:f1:eb:59:ca:98:e8:7e:5d:35:99:
27:5f:91:ed:14:b7:a9:e9:26:26:f0:e0:4a:67:90:61:03:8b:
23:d4:7c:3c:02:ac:a1:55:77:be:46:b7:9b:b9:4a:33:d9:b4:
61:3c:8b:80:12:55:51:49:54:48:a9:73:79:3b:a4:7c:6b:6c:
07:58:b6:07:80:65:57:5a:b2:a1:8b:bb:09:cf:c7:2c:52:c1:
5a:7c:66:6e:68:a4:e4:37:e5:9d:ab:21:49:1c:7d:53:83:d5:
9b:26:41:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKNc4RflCQ9rLpj8E2a5C4YLxHMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMDBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0NWJkNjM1ODI5MDk3MTlkNDNlMDkzZTA0NTNmZGY3MTkwYWE1YzU3NzVl
NzczYTI3MTFkZWRkMmZkZGZhYzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgKaiJgShGjdp2dF9lPblCem7YwGcdAqIRblORMtQUfb5ZdjDnMI2GxhRrI
dkffABEdTd0GkFO4/NcTugnmjCWiYT0Z1ZONZM01Xgm34N4ClXJDw0ps7aF77Fv9
CAbyS5MKM2HB1uLIHi19Wmgi9g8ZBOJCKn9wO+ZIOZJ/Hme2HPmHU9t7vvovOV9J
whq7VwFobD5oIdnxw0RKrbk0NdeARrv5hd55VvW+weODKlVWsoBvI1pimv0Ivxwf
wLE/QxluQuw4ZYmA74cqvGpFdDAbAUmSET8V5xHzB0IhOqmWgEoADq4Cx3v+Qxzh
36GupDpCpKIw/nYP1pd/UhSfSesCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTFK/kw
JKhAN0Maf/ouphxmy8bxqzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQCOl572lAEqaDGKKSSTuAUrs90u7gO5L+ChIRcfC1jt
r9o4+cnrcuvIonfhMOhhmPY23Rouf+RxzD665PxjCjNhX7NN0fWlUoPYIHpav9xT
8p7h/ueY98qYlD5Z/cKwDksMj3BaeAZBp4D2YSGCJM7le4m9fPYXddB15W/+pweK
tPfhWfcPRjZh+UllQ+g3oPaHIfO2DdQthPHrWcqY6H5dNZknX5HtFLep6SYm8OBK
Z5BhA4sj1Hw8AqyhVXe+RrebuUoz2bRhPIuAElVRSVRIqXN5O6R8a2wHWLYHgGVX
WrKhi7sJz8csUsFafGZuaKTkN+WdqyFJHH1Tg9WbJkEh
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:17 2025 by rpki-client