Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json)
Hash identifier: Daf7ptFPWjow8rvGtXdqQQsY8hc6Wic9yJUHK7IN7Jk=
Subject key identifier: 4D:B7:EC:0B:9D:B3:15:1E:43:D7:B9:74:10:9C:C1:70:C7:E6:39:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33ED89F33655B519FD0796BA27249D87403E56AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
Signing time: Fri 11 Jul 2025 21:00:19 +0000
ROA not before: Fri 11 Jul 2025 21:00:19 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:ed:89:f3:36:55:b5:19:fd:07:96:ba:27:24:9d:87:40:3e:56:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:19 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=26cc0fb7b2dc0979e309e9365258088584e03373ea0c86a9abd2313da864ff66, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a6:b9:be:a7:56:61:5e:e5:8a:3c:a6:bf:21:
ff:23:2d:e0:c6:de:d4:5c:bc:eb:16:71:a0:72:6c:
d1:37:ca:67:f7:9b:14:32:64:40:8e:d9:0d:b0:ce:
a1:55:41:18:55:b5:b1:96:e0:92:b4:f8:cc:6d:fc:
8c:4f:b1:31:87:db:27:98:5c:ca:06:5b:1b:fb:52:
c9:5d:9b:e8:10:5f:8a:fc:da:c5:93:28:9c:43:d5:
5b:2f:2d:a5:b7:95:f1:2e:ac:ea:26:e4:c8:50:0c:
d8:9f:04:e4:25:dc:ef:80:0f:59:17:f3:88:75:f3:
04:e1:d7:a8:dc:01:cf:d0:b1:6b:cd:f5:7d:5f:de:
16:8c:db:f3:55:cc:10:5a:9e:11:8d:e5:87:84:b4:
1b:34:75:24:48:a7:92:a6:26:51:8c:34:24:13:12:
22:c8:c5:43:f2:e3:ab:c9:fd:ad:35:04:df:db:51:
12:c8:ff:35:2e:06:ae:a0:94:ab:72:3f:c8:af:b9:
e2:20:2c:ca:12:43:67:93:4b:c5:0b:a1:3e:92:b4:
53:da:e5:c8:30:ba:13:10:8c:e5:f0:ea:57:0d:21:
9d:d6:bf:4f:ba:0f:7a:e8:f3:5b:8d:c4:b2:dd:f4:
05:5b:ff:c4:af:c2:5f:c1:78:d7:b7:e7:c1:d7:87:
fd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B7:EC:0B:9D:B3:15:1E:43:D7:B9:74:10:9C:C1:70:C7:E6:39:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
44:47:4a:b2:bc:20:cc:c1:c4:fd:28:dc:34:05:31:a6:d7:e8:
49:75:87:c2:1f:d4:e2:34:28:ce:35:92:54:d3:0a:71:5d:aa:
21:6a:e2:f4:54:f9:88:6c:3c:83:63:7a:70:ed:e3:50:47:6f:
f9:5a:93:d3:c8:8a:72:a7:55:b4:f2:d3:9b:81:5f:c7:87:5a:
ad:a6:86:f7:af:1b:f6:a0:ba:a1:3f:db:ba:a1:84:3b:7f:b9:
a7:65:b8:d2:24:8a:b6:69:ca:06:72:18:10:d4:d1:43:df:ff:
36:e3:72:e2:2e:44:7b:80:41:ad:0b:af:ab:01:f1:88:40:ae:
9d:76:2d:60:66:cc:59:d2:ec:e1:84:a7:a8:62:af:7a:eb:3c:
f2:82:31:02:b7:4c:07:df:22:6a:7a:86:6a:66:b8:a8:54:22:
54:fc:49:3f:cd:eb:e9:d5:05:f2:f9:1f:be:a1:5a:e0:94:9d:
9c:d8:5f:f9:dc:97:e6:5d:b5:6d:9b:14:ab:27:d0:8a:f0:a1:
ba:e4:47:8a:96:d6:83:ef:4e:41:72:52:56:f5:4c:ab:56:e7:
77:92:21:b2:9e:b3:26:c6:20:65:86:84:2c:cc:ff:28:60:9a:
d0:5f:bb:68:6d:3c:8c:52:a7:33:3a:04:a9:6c:7c:e2:bb:42:
17:f8:08:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM+2J8zZVtRn9B5a6JySdh0A+Vq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2Y2MwZmI3YjJkYzA5NzllMzA5ZTkzNjUyNTgwODg1ODRlMDMzNzNlYTBj
ODZhOWFiZDIzMTNkYTg2NGZmNjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6mub6nVmFe5Yo8pr8h/yMt4Mbe1Fy86xZxoHJs0TfKZ/ebFDJkQI7ZDbDO
oVVBGFW1sZbgkrT4zG38jE+xMYfbJ5hcygZbG/tSyV2b6BBfivzaxZMonEPVWy8t
pbeV8S6s6ibkyFAM2J8E5CXc74APWRfziHXzBOHXqNwBz9Cxa831fV/eFozb81XM
EFqeEY3lh4S0GzR1JEinkqYmUYw0JBMSIsjFQ/Ljq8n9rTUE39tREsj/NS4GrqCU
q3I/yK+54iAsyhJDZ5NLxQuhPpK0U9rlyDC6ExCM5fDqVw0hnda/T7oPeujzW43E
st30BVv/xK/CX8F417fnwdeH/RcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRNt+wL
nbMVHkPXuXQQnMFwx+Y5yjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQBER0qyvCDMwcT9KNw0BTGm1+hJdYfCH9TiNCjONZJU
0wpxXaohauL0VPmIbDyDY3pw7eNQR2/5WpPTyIpyp1W08tObgV/Hh1qtpob3rxv2
oLqhP9u6oYQ7f7mnZbjSJIq2acoGchgQ1NFD3/8243LiLkR7gEGtC6+rAfGIQK6d
di1gZsxZ0uzhhKeoYq966zzygjECt0wH3yJqeoZqZrioVCJU/Ek/zevp1QXy+R++
oVrglJ2c2F/53JfmXbVtmxSrJ9CK8KG65EeKltaD705BclJW9UyrVud3kiGynrMm
xiBlhoQszP8oYJrQX7tobTyMUqczOgSpbHziu0IX+Ai+
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:36:46 2025 by rpki-client