Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: aq8cYxWlJ5aBygyA4KHqH1Ix1+3UyFta9OWXIodODyE=
Subject key identifier: BB:78:68:0D:EB:D9:B7:C8:0E:0F:74:EC:E4:D0:42:C6:0D:2D:9E:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0FB6910F838E1C34E8EE44416C3A25FF414FE385
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Fri 11 Jul 2025 21:01:06 +0000
ROA not before: Fri 11 Jul 2025 21:01:06 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:b6:91:0f:83:8e:1c:34:e8:ee:44:41:6c:3a:25:ff:41:4f:e3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:06 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=81267aaac4ec32830d6326a54adbb0249a271c33070e157ec5b0086107562fe3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:3d:da:c3:d0:6f:59:df:5d:7e:01:11:d4:68:
65:d3:97:b4:3c:03:eb:9e:05:37:3f:49:af:de:2d:
22:61:ad:76:1a:aa:16:74:c0:b4:92:4f:05:57:91:
ef:50:b8:77:1f:42:12:a3:b6:4b:5c:f1:86:ca:19:
ae:11:03:3e:f9:57:81:ce:12:bc:59:e4:3c:4a:6e:
7b:f1:3a:5e:c0:4f:ad:f9:a4:58:7b:d4:62:cd:a5:
52:f2:b0:a2:b5:e4:70:ac:45:0a:aa:6c:dd:8e:8c:
c3:8f:b5:7b:53:b8:cb:5a:4e:fa:82:9a:81:1e:1e:
72:cb:a8:ae:95:1e:18:08:ff:e7:40:f6:73:a5:49:
5a:57:b9:f0:10:4a:a5:ae:03:df:ad:f5:db:cc:c9:
74:65:6e:c1:64:50:96:3e:67:a5:03:6c:48:d0:de:
0b:40:e7:89:c0:d5:ea:92:14:d0:35:a0:04:b1:af:
b3:05:90:03:a9:df:48:7e:55:9d:2d:3f:a4:24:7f:
38:4e:71:a2:c2:73:b1:0e:5e:f6:bd:ec:44:d1:31:
c9:8d:92:41:86:7b:2e:e3:ee:bf:d0:a3:31:25:db:
89:2a:37:42:1c:7b:b7:a3:a9:b9:5f:ec:8f:f7:9e:
17:82:c8:d8:55:9e:9d:48:95:f0:00:04:dc:55:6d:
62:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:78:68:0D:EB:D9:B7:C8:0E:0F:74:EC:E4:D0:42:C6:0D:2D:9E:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3e:05:54:94:2a:de:88:ab:f6:b6:6c:8d:ee:24:df:ac:f5:b7:
c5:c1:45:f7:b2:13:31:ff:3f:92:5a:d3:76:31:f1:76:96:8a:
39:b5:34:8f:25:9e:1f:4d:81:87:b4:45:f2:11:b6:61:6a:ab:
73:c8:94:ef:44:3e:2a:3c:2b:de:9e:cc:91:51:c4:3c:be:3c:
62:e3:c9:42:5b:4d:c6:50:1b:d2:73:24:43:8f:ca:11:55:32:
39:dc:4f:f7:87:c3:91:28:31:04:b9:56:68:1d:b8:3a:4d:d6:
0e:7e:93:d6:84:18:8f:f4:c9:7f:67:2b:d7:56:59:a6:57:60:
f8:ba:81:cf:6c:4b:08:fb:ee:a7:01:14:c7:76:d9:1d:33:5f:
d9:a3:80:15:6a:04:59:34:85:fc:e7:ed:42:3e:0b:51:eb:e8:
e7:c8:d4:72:50:4b:d2:a9:c4:15:37:69:b6:a1:b9:89:82:c1:
db:d9:76:df:a2:e4:72:fe:95:00:b8:54:37:03:57:42:65:44:
e7:64:f8:d6:9b:5c:83:3a:c5:40:82:f7:39:0a:4c:bb:62:f5:
9f:80:21:e2:65:1e:6d:2f:7e:27:8b:6c:31:a2:04:91:d6:bd:
13:c9:bb:5a:fd:c1:b0:df:14:2e:98:19:67:a3:f0:d0:c6:ef:
21:4b:2c:8a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD7aRD4OOHDTo7kRBbDol/0FP44UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMjY3YWFhYzRlYzMyODMwZDYzMjZhNTRhZGJiMDI0OWEyNzFjMzMwNzBl
MTU3ZWM1YjAwODYxMDc1NjJmZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPk92sPQb1nfXX4BEdRoZdOXtDwD654FNz9Jr94tImGtdhqqFnTAtJJPBVeR
71C4dx9CEqO2S1zxhsoZrhEDPvlXgc4SvFnkPEpue/E6XsBPrfmkWHvUYs2lUvKw
orXkcKxFCqps3Y6Mw4+1e1O4y1pO+oKagR4ecsuorpUeGAj/50D2c6VJWle58BBK
pa4D363128zJdGVuwWRQlj5npQNsSNDeC0DnicDV6pIU0DWgBLGvswWQA6nfSH5V
nS0/pCR/OE5xosJzsQ5e9r3sRNExyY2SQYZ7LuPuv9CjMSXbiSo3Qhx7t6OpuV/s
j/eeF4LI2FWenUiV8AAE3FVtYkkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS7eGgN
69m3yA4PdOzk0ELGDS2emzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQA+BVSUKt6Iq/a2bI3uJN+s9bfFwUX3shMx/z+SWtN2
MfF2loo5tTSPJZ4fTYGHtEXyEbZhaqtzyJTvRD4qPCvensyRUcQ8vjxi48lCW03G
UBvScyRDj8oRVTI53E/3h8ORKDEEuVZoHbg6TdYOfpPWhBiP9Ml/ZyvXVlmmV2D4
uoHPbEsI++6nARTHdtkdM1/Zo4AVagRZNIX85+1CPgtR6+jnyNRyUEvSqcQVN2m2
obmJgsHb2XbfouRy/pUAuFQ3A1dCZUTnZPjWm1yDOsVAgvc5Cky7YvWfgCHiZR5t
L34ni2wxogSR1r0Tybta/cGw3xQumBlno/DQxu8hSyyK
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:41:55 2025 by rpki-client