Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: y/k8JB1ffH8hNCst0atZEYc6WHlxrZHJsnG3+KX9ZFI=
Subject key identifier: 32:85:39:C7:DE:96:0B:F5:A9:49:75:0A:7E:22:61:0D:91:1B:ED:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 45331A1C193A839624E5A15EC9771E430AB7EAC8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Fri 11 Jul 2025 21:00:05 +0000
ROA not before: Fri 11 Jul 2025 21:00:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:33:1a:1c:19:3a:83:96:24:e5:a1:5e:c9:77:1e:43:0a:b7:ea:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=785ef36a60511871f1e1f08220582e6c6a1c457239b92690843121e0ae2d85c3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8f:b7:44:9b:63:95:40:f5:5e:8f:3d:26:69:
6a:0f:e7:b0:17:65:c7:18:28:d9:30:01:cd:0f:c6:
1a:ac:c9:7d:04:47:9f:a5:a8:0b:aa:ee:23:78:65:
a3:a0:f8:9a:0d:5d:1e:0e:bc:eb:78:7b:1f:23:ef:
84:52:97:b6:13:37:e5:c6:b5:bd:d3:77:9d:4f:d1:
cd:bd:1f:02:8c:83:51:b3:c4:be:32:06:76:3f:c3:
9b:0f:52:b8:cd:d1:1c:6e:73:96:34:44:62:93:4d:
68:27:90:7e:b6:5f:f2:96:ee:a1:d2:49:cc:8c:28:
c2:b4:e3:1a:26:59:69:77:e3:e4:cd:a0:16:dd:ab:
24:e2:49:ae:4e:18:1b:04:53:cf:e6:d6:56:e0:8f:
4e:1f:e6:44:e3:82:0e:af:eb:82:12:42:09:32:4d:
3d:bd:0f:9f:80:88:03:9e:93:86:b9:08:85:ce:1b:
f6:5e:17:b0:ec:9d:fc:53:c7:2b:bb:8e:94:6e:72:
b9:9c:d5:99:f4:39:cd:15:07:35:62:64:49:f8:a5:
c8:b4:b1:6b:47:ce:0f:90:7c:b6:15:14:8a:af:f0:
ed:d9:d5:82:fe:ce:b5:42:d1:c0:41:25:7a:14:e2:
23:9b:d6:5a:3b:f7:74:b3:6a:4c:81:e4:94:4b:f3:
4a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:85:39:C7:DE:96:0B:F5:A9:49:75:0A:7E:22:61:0D:91:1B:ED:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:f8:b1:c4:86:5b:c3:50:b1:a9:f0:ff:88:ed:75:ab:72:42:
1b:15:0b:9c:60:2d:76:e7:06:6a:97:cd:88:95:4d:fc:a8:b5:
6e:a4:b1:70:94:c9:63:5b:b4:d9:f5:39:54:9b:38:67:46:b4:
d8:fa:fb:0a:7f:79:e4:d8:c9:22:f6:43:e0:fa:f6:8b:d1:b3:
c3:f9:f1:87:bb:1d:fd:7d:22:31:2b:70:c4:78:ae:74:f4:72:
eb:18:52:19:f6:5e:88:0d:8d:29:47:6f:3a:07:32:0f:cc:d2:
68:66:67:88:78:f2:2c:94:07:7d:40:5c:d3:ee:64:3e:70:29:
0e:ca:23:ed:d5:7d:cd:6b:3a:ab:a5:a7:3c:64:0e:fa:fe:c2:
cc:b1:4f:13:2e:d0:99:84:70:47:05:5d:32:8a:77:35:5a:1e:
3c:c0:4a:64:27:fa:6d:b7:a1:77:7e:d5:9c:31:6e:e3:37:94:
32:42:f8:c6:7c:93:24:f2:4a:f3:5e:f7:92:6c:ee:51:33:38:
85:43:fd:e5:35:db:23:95:7a:54:38:29:b7:10:b7:57:3c:54:
88:24:6e:a8:37:a4:57:55:e3:1c:c6:7b:4a:89:eb:3a:0b:97:
dd:e0:85:5a:40:fc:5d:d4:c1:fa:e8:f4:15:1f:48:b1:67:73:
e5:e0:3f:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURTMaHBk6g5Yk5aFeyXceQwq36sgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NWVmMzZhNjA1MTE4NzFmMWUxZjA4MjIwNTgyZTZjNmExYzQ1NzIzOWI5
MjY5MDg0MzEyMWUwYWUyZDg1YzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGPt0SbY5VA9V6PPSZpag/nsBdlxxgo2TABzQ/GGqzJfQRHn6WoC6ruI3hl
o6D4mg1dHg6863h7HyPvhFKXthM35ca1vdN3nU/Rzb0fAoyDUbPEvjIGdj/Dmw9S
uM3RHG5zljREYpNNaCeQfrZf8pbuodJJzIwowrTjGiZZaXfj5M2gFt2rJOJJrk4Y
GwRTz+bWVuCPTh/mROOCDq/rghJCCTJNPb0Pn4CIA56ThrkIhc4b9l4XsOyd/FPH
K7uOlG5yuZzVmfQ5zRUHNWJkSfilyLSxa0fOD5B8thUUiq/w7dnVgv7OtULRwEEl
ehTiI5vWWjv3dLNqTIHklEvzSh0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQyhTnH
3pYL9alJdQp+ImENkRvtmTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQDU+LHEhlvDULGp8P+I7XWrckIbFQucYC125wZql82I
lU38qLVupLFwlMljW7TZ9TlUmzhnRrTY+vsKf3nk2Mki9kPg+vaL0bPD+fGHux39
fSIxK3DEeK509HLrGFIZ9l6IDY0pR286BzIPzNJoZmeIePIslAd9QFzT7mQ+cCkO
yiPt1X3Nazqrpac8ZA76/sLMsU8TLtCZhHBHBV0yinc1Wh48wEpkJ/ptt6F3ftWc
MW7jN5QyQvjGfJMk8krzXveSbO5RMziFQ/3lNdsjlXpUOCm3ELdXPFSIJG6oN6RX
VeMcxntKies6C5fd4IVaQPxd1MH66PQVH0ixZ3Pl4D/m
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:42:35 2025 by rpki-client