
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: vIGCZls/fp7MucbRxY9K+kZGGeKaxKPZYId+uv0VWqE=
Subject key identifier: 75:23:3E:11:03:52:AE:94:E0:0F:52:EF:9A:B9:D1:88:AB:EA:1C:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37C243FEDE2C7BC2F4DAC7CE176FCF2DABEBCE86
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Fri 11 Jul 2025 21:00:43 +0000
ROA not before: Fri 11 Jul 2025 21:00:43 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:c2:43:fe:de:2c:7b:c2:f4:da:c7:ce:17:6f:cf:2d:ab:eb:ce:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:43 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=87b402fc3d673c09cdf8e148a981ca20ffda790c2b62bd65ac43d50c0108557e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:ca:b1:73:f7:cb:c2:eb:8e:37:38:df:8c:
6b:7c:9a:65:79:22:6f:86:4b:eb:c9:f5:0b:0b:21:
19:9b:03:5c:c1:64:ff:3b:bf:62:fa:e5:8e:fe:67:
49:b7:38:87:7b:0c:c1:8a:26:08:5b:70:13:97:b6:
0a:2e:8c:93:7c:ee:0e:22:15:31:c6:63:b3:c0:4a:
9a:44:12:0f:75:34:7b:19:82:b3:d2:84:fb:6e:3f:
ed:c1:85:f5:b0:0a:46:3d:d3:d4:c3:f0:c2:24:5b:
79:39:a4:c2:fd:a9:f5:34:28:7c:af:c9:3f:77:60:
04:16:ce:33:57:ab:9f:d1:b8:e1:a8:b4:d8:e0:9a:
e5:2b:0d:b1:df:d7:16:ef:36:4f:42:e1:29:56:20:
c9:98:b4:4b:f1:24:cd:2b:32:f9:e0:5c:13:7c:86:
1f:3c:aa:3b:fc:97:2c:de:f5:04:47:71:2a:1c:5b:
99:be:5a:3d:18:15:07:c7:ec:6a:4a:23:d8:9c:f4:
f4:99:ef:23:47:69:cb:da:b5:a0:29:e7:e2:cd:75:
ef:4b:2b:b4:ac:89:47:69:b2:24:70:71:2a:ea:b1:
0a:2d:ca:c4:7f:94:35:76:53:47:26:d3:85:9d:fc:
a0:cc:ad:9d:a9:e7:45:c2:8a:1e:e4:1b:4a:bb:e5:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:23:3E:11:03:52:AE:94:E0:0F:52:EF:9A:B9:D1:88:AB:EA:1C:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c8:cb:6a:cd:47:17:bf:e3:a4:b7:1e:70:97:89:3a:9e:4d:c8:
43:2c:6e:af:25:c4:61:4e:4a:5c:a7:43:09:d6:3a:26:bb:3b:
e7:d8:42:2f:9b:7a:19:c3:72:7f:16:0a:4d:56:e6:42:68:55:
c6:91:62:20:25:3f:5d:b1:7d:d3:fb:16:37:91:be:89:f2:8d:
68:df:80:42:48:fb:7a:1d:3d:69:3d:0a:1e:bc:c9:9e:d0:62:
57:a2:8d:06:bc:67:4f:5a:e6:8a:3c:fe:d8:ca:c9:6e:05:c8:
1d:71:d1:c5:0f:f7:63:86:a1:58:d7:1a:0e:14:64:b8:f9:70:
a3:3d:ce:c1:a8:e5:78:34:ee:49:ca:b9:d7:29:50:91:3d:fe:
24:a0:eb:ed:1c:19:c3:98:3d:50:d7:30:1c:57:c2:ef:f4:2e:
f6:a6:9a:79:d9:a9:f3:06:ec:d2:09:55:7f:79:52:fb:10:f6:
38:84:bc:f0:37:87:41:d1:d5:4f:2d:9d:71:58:f2:49:96:59:
69:aa:70:c8:3b:d8:c5:b0:44:c5:5d:6c:42:0f:35:77:31:e4:
2a:12:e7:86:f5:6a:80:2f:eb:35:94:01:26:29:b8:38:cd:7b:
1c:dd:bd:05:89:49:de:16:65:15:a1:1e:f9:f0:f0:8b:88:64:
fa:c3:2e:89
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN8JD/t4se8L02sfOF2/PLavrzoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwNDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3YjQwMmZjM2Q2NzNjMDljZGY4ZTE0OGE5ODFjYTIwZmZkYTc5MGMyYjYy
YmQ2NWFjNDNkNTBjMDEwODU1N2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxQyrFz98vC6443ON+Ma3yaZXkib4ZL68n1CwshGZsDXMFk/zu/Yvrljv5n
Sbc4h3sMwYomCFtwE5e2Ci6Mk3zuDiIVMcZjs8BKmkQSD3U0exmCs9KE+24/7cGF
9bAKRj3T1MPwwiRbeTmkwv2p9TQofK/JP3dgBBbOM1ern9G44ai02OCa5SsNsd/X
Fu82T0LhKVYgyZi0S/EkzSsy+eBcE3yGHzyqO/yXLN71BEdxKhxbmb5aPRgVB8fs
akoj2Jz09JnvI0dpy9q1oCnn4s1170srtKyJR2myJHBxKuqxCi3KxH+UNXZTRybT
hZ38oMytnannRcKKHuQbSrvldX0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR1Iz4R
A1KulOAPUu+audGIq+oc3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQDIy2rNRxe/46S3HnCXiTqeTchDLG6vJcRhTkpcp0MJ
1jomuzvn2EIvm3oZw3J/FgpNVuZCaFXGkWIgJT9dsX3T+xY3kb6J8o1o34BCSPt6
HT1pPQoevMme0GJXoo0GvGdPWuaKPP7YysluBcgdcdHFD/djhqFY1xoOFGS4+XCj
Pc7BqOV4NO5JyrnXKVCRPf4koOvtHBnDmD1Q1zAcV8Lv9C72ppp52anzBuzSCVV/
eVL7EPY4hLzwN4dB0dVPLZ1xWPJJlllpqnDIO9jFsETFXWxCDzV3MeQqEueG9WqA
L+s1lAEmKbg4zXsc3b0FiUneFmUVoR758PCLiGT6wy6J
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:26:55 2025 by rpki-client