
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: knq6AtB0ZYyXso7c1Tn43P/GgHMR31JRZ1ks6BOGUxo=
Subject key identifier: C1:09:FB:40:12:FC:05:AF:B8:DE:27:46:9E:5D:C4:42:38:82:47:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3542B1AC4F3964F65DDA5B902196F89116EFFECC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Fri 11 Jul 2025 21:00:06 +0000
ROA not before: Fri 11 Jul 2025 21:00:06 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:42:b1:ac:4f:39:64:f6:5d:da:5b:90:21:96:f8:91:16:ef:fe:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:06 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=27729d22abe6e87c02b49711033d036dc21e745af74d8fd969892df8949197ee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:9c:0c:05:f7:6f:70:e7:24:ae:cf:93:54:
81:17:8e:cc:10:28:80:92:de:82:74:46:74:e6:d5:
90:37:1f:0e:52:ce:b6:40:96:c4:fd:1e:6c:8c:84:
31:7f:c5:07:26:cc:a4:72:c3:bc:82:53:8f:12:55:
c7:57:48:cb:29:14:f5:84:8a:3d:f6:f7:c8:02:85:
ce:0a:33:6a:1b:b8:d4:a1:94:ec:12:5e:09:b4:75:
1a:6f:fc:5b:06:ab:6c:6a:75:86:15:bb:c7:73:f8:
aa:8a:f0:58:74:9a:c3:34:a3:04:d1:db:ea:8e:da:
ee:51:56:b0:23:c0:17:59:d2:f1:6f:60:6b:ac:1c:
39:85:c9:6c:01:5a:eb:06:4c:75:14:f4:98:2a:82:
d4:03:1a:39:36:7b:60:8b:79:f8:c1:31:17:d5:4f:
2d:7d:80:65:b3:cb:d8:c5:1f:c9:64:79:80:f1:f4:
44:6a:9b:d3:f5:de:59:c0:96:81:72:54:ed:7c:86:
e3:11:4f:65:28:ab:2c:2b:34:c1:17:1f:65:45:76:
7d:c8:68:e6:83:42:d9:49:57:cc:d6:71:91:c1:a9:
4e:4d:df:eb:70:7e:bc:70:a3:e9:4b:f4:10:6f:84:
59:62:c8:43:e2:df:15:d8:22:00:dd:34:9c:a9:3e:
b5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:09:FB:40:12:FC:05:AF:B8:DE:27:46:9E:5D:C4:42:38:82:47:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:23:fc:e2:ac:15:3d:af:cc:d8:3c:95:c6:98:ed:6b:25:c5:
02:ee:a7:48:6b:ac:42:85:86:86:5a:17:47:54:62:98:38:58:
33:71:9f:b4:24:4c:dd:6f:8c:ff:ec:78:6d:47:68:98:92:28:
a7:b8:19:de:73:3d:d2:e0:5f:2c:76:65:c6:98:10:f8:91:b7:
0b:97:96:98:2c:5f:46:8f:24:fd:20:1e:1d:98:82:2e:97:5f:
66:39:7e:79:e1:66:37:d5:1f:e5:63:d2:98:a5:57:a7:31:8a:
e3:98:69:23:ec:bd:7b:2e:4a:17:e9:94:77:14:ae:b6:61:26:
25:d9:69:70:28:1c:14:3c:49:e6:93:7b:0b:06:c3:f5:97:21:
82:97:ec:d1:25:74:58:c8:aa:ba:52:6f:09:61:12:50:82:32:
be:1a:62:3c:97:d4:2c:bd:66:91:cf:b4:19:41:8b:0f:e7:72:
fc:f9:19:fa:68:b0:30:c4:8e:69:1c:0d:3d:2d:c5:c3:9e:ae:
03:7f:ab:a2:2b:3b:57:0e:43:44:e7:e0:13:22:19:80:55:71:
12:61:f7:d6:1f:c2:93:f4:cf:81:26:0f:a4:a5:6d:cc:0b:32:
1d:da:a4:3c:12:fb:53:7f:1c:16:0f:9c:06:42:d5:76:0a:f1:
00:1e:0a:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNUKxrE85ZPZd2luQIZb4kRbv/swwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3NzI5ZDIyYWJlNmU4N2MwMmI0OTcxMTAzM2QwMzZkYzIxZTc0NWFmNzRk
OGZkOTY5ODkyZGY4OTQ5MTk3ZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbLnAwF929w5ySuz5NUgReOzBAogJLegnRGdObVkDcfDlLOtkCWxP0ebIyE
MX/FBybMpHLDvIJTjxJVx1dIyykU9YSKPfb3yAKFzgozahu41KGU7BJeCbR1Gm/8
WwarbGp1hhW7x3P4qorwWHSawzSjBNHb6o7a7lFWsCPAF1nS8W9ga6wcOYXJbAFa
6wZMdRT0mCqC1AMaOTZ7YIt5+MExF9VPLX2AZbPL2MUfyWR5gPH0RGqb0/XeWcCW
gXJU7XyG4xFPZSirLCs0wRcfZUV2fcho5oNC2UlXzNZxkcGpTk3f63B+vHCj6Uv0
EG+EWWLIQ+LfFdgiAN00nKk+tbkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTBCftA
EvwFr7jeJ0aeXcRCOIJH0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQCuI/zirBU9r8zYPJXGmO1rJcUC7qdIa6xChYaGWhdH
VGKYOFgzcZ+0JEzdb4z/7HhtR2iYkiinuBnecz3S4F8sdmXGmBD4kbcLl5aYLF9G
jyT9IB4dmIIul19mOX554WY31R/lY9KYpVenMYrjmGkj7L17LkoX6ZR3FK62YSYl
2WlwKBwUPEnmk3sLBsP1lyGCl+zRJXRYyKq6Um8JYRJQgjK+GmI8l9QsvWaRz7QZ
QYsP53L8+Rn6aLAwxI5pHA09LcXDnq4Df6uiKztXDkNE5+ATIhmAVXESYffWH8KT
9M+BJg+kpW3MCzId2qQ8EvtTfxwWD5wGQtV2CvEAHgpw
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:26:34 2025 by rpki-client