Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
File: 24601d85-ac6e-46b6-a0d2-d35342ccc951.roa (raw, json)
Hash identifier: 7roSFZQjORmWdTeWwYZkvXATmCKJRbU5pzN0fOXsvDY=
Subject key identifier: E1:70:34:D5:AF:82:6E:C2:C7:7F:C7:12:76:16:57:56:8B:C4:76:31
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D03739C724AF1C7EB3E681FF5552C8FD731C02A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
Signing time: Mon 14 Jul 2025 15:40:23 +0000
ROA not before: Mon 14 Jul 2025 15:40:23 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:03:73:9c:72:4a:f1:c7:eb:3e:68:1f:f5:55:2c:8f:d7:31:c0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:23 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=5af22947a5f9b8e3394bd17c48fb87011ccbaae59eb53faff1081b59be6b954a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b8:01:2a:c1:f5:f8:69:f2:ef:ca:9a:e5:0c:
65:a4:f1:04:52:9b:e7:dc:db:40:8d:53:e6:53:24:
10:b6:d0:be:23:3d:ff:77:72:5a:8c:03:f6:4b:df:
1d:bb:35:72:26:90:db:10:35:20:b7:26:c4:c7:c9:
83:85:5f:0b:89:85:f7:5f:e4:69:d6:b4:45:87:6d:
bc:8e:30:cc:e1:f7:47:ed:b1:7b:5f:3c:7e:a3:4c:
c0:04:9a:81:ad:bf:90:dc:28:9d:53:da:ea:13:c1:
22:c4:16:c6:65:9d:35:b3:8b:97:b3:37:e4:ef:94:
0e:c9:5a:27:86:65:d0:32:8c:4a:8f:dd:a8:4e:ef:
ea:11:8a:ca:e3:58:e5:34:01:52:79:84:f7:05:e1:
d2:1a:d9:f0:1d:5f:95:a8:fb:60:d2:fa:96:09:b7:
60:9a:6b:3f:ce:0e:65:31:14:fc:ea:c4:00:6d:47:
9d:b4:57:74:b1:d7:a7:0e:a4:4e:43:ad:e8:28:1a:
49:a9:6d:8f:67:1e:30:51:79:ab:13:d0:81:f1:56:
37:35:15:2d:f0:53:bf:f4:2a:cd:32:4c:42:7a:57:
f6:d8:5e:89:c9:8f:57:a1:db:f5:4d:35:45:70:15:
fc:49:51:f7:48:99:6a:34:8d:11:a6:34:7e:e8:c4:
4a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:70:34:D5:AF:82:6E:C2:C7:7F:C7:12:76:16:57:56:8B:C4:76:31
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:a2:44:3b:10:a8:23:bd:5a:17:19:d9:09:97:b5:65:56:b4:
c8:92:98:02:c3:96:85:42:f3:08:95:65:38:f9:33:eb:25:5a:
5a:45:6c:43:25:56:15:59:52:3d:0c:ad:70:f7:20:39:15:71:
17:b7:46:81:87:f9:05:b9:a5:93:fd:a1:00:f5:e8:36:23:3f:
ac:b2:f4:45:d7:11:da:9d:cd:fa:3e:e0:8e:6a:ec:2f:e8:19:
be:4f:8e:6e:09:c0:f2:0a:30:a5:53:14:bf:cf:46:cb:d6:da:
28:e2:ab:83:97:6c:2a:d3:01:ab:f0:51:a8:2c:c8:8f:b7:49:
a2:9c:e1:c5:c1:dd:be:0d:44:82:40:d8:87:f9:ec:6c:98:5e:
fa:49:ce:89:75:d6:a5:92:60:cd:33:9d:0d:cb:0d:e6:d8:af:
02:33:3d:ec:40:51:a2:06:87:8a:21:18:fb:58:1c:da:1f:34:
03:2c:ca:68:70:73:83:d6:14:2a:d1:b9:fb:59:b1:9a:14:98:
38:12:d5:4a:13:13:46:86:ca:95:db:23:a2:1e:48:4e:cf:e1:
12:53:aa:db:9e:c5:b0:04:08:09:aa:c1:a7:cb:74:f7:2a:63:
1d:60:79:5d:68:ad:d6:d3:47:3a:81:9a:19:a2:bb:35:4f:ed:
24:59:a5:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTQNznHJK8cfrPmgf9VUsj9cxwCowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMjNaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhZjIyOTQ3YTVmOWI4ZTMzOTRiZDE3YzQ4ZmI4NzAxMWNjYmFhZTU5ZWI1
M2ZhZmYxMDgxYjU5YmU2Yjk1NGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS4ASrB9fhp8u/KmuUMZaTxBFKb59zbQI1T5lMkELbQviM9/3dyWowD9kvf
Hbs1ciaQ2xA1ILcmxMfJg4VfC4mF91/kada0RYdtvI4wzOH3R+2xe188fqNMwASa
ga2/kNwonVPa6hPBIsQWxmWdNbOLl7M35O+UDslaJ4Zl0DKMSo/dqE7v6hGKyuNY
5TQBUnmE9wXh0hrZ8B1flaj7YNL6lgm3YJprP84OZTEU/OrEAG1HnbRXdLHXpw6k
TkOt6CgaSaltj2ceMFF5qxPQgfFWNzUVLfBTv/QqzTJMQnpX9theicmPV6Hb9U01
RXAV/ElR90iZajSNEaY0fujESpcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThcDTV
r4Juwsd/xxJ2FldWi8R2MTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ2MDFkODUtYWM2ZS00NmI2LWEwZDItZDM1MzQyY2NjOTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQBrokQ7EKgjvVoXGdkJl7VlVrTIkpgCw5aFQvMIlWU4
+TPrJVpaRWxDJVYVWVI9DK1w9yA5FXEXt0aBh/kFuaWT/aEA9eg2Iz+ssvRF1xHa
nc36PuCOauwv6Bm+T45uCcDyCjClUxS/z0bL1too4quDl2wq0wGr8FGoLMiPt0mi
nOHFwd2+DUSCQNiH+exsmF76Sc6JddalkmDNM50Nyw3m2K8CMz3sQFGiBoeKIRj7
WBzaHzQDLMpocHOD1hQq0bn7WbGaFJg4EtVKExNGhsqV2yOiHkhOz+ESU6rbnsWw
BAgJqsGny3T3KmMdYHldaK3W00c6gZoZors1T+0kWaUH
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:39:35 2025 by rpki-client