
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json)
Hash identifier: SSxI0BsoyEOXDMLXhpWuqfbfhdVg9Wm+ujQsDdaLqFg=
Subject key identifier: A3:00:32:DD:41:52:02:74:36:B4:B5:CA:82:14:A6:5B:E0:36:E6:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B81D0ED7D3BD61CC0ACBEE01C0B714D06DE636E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
Signing time: Fri 11 Jul 2025 21:01:20 +0000
ROA not before: Fri 11 Jul 2025 21:01:20 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:81:d0:ed:7d:3b:d6:1c:c0:ac:be:e0:1c:0b:71:4d:06:de:63:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:20 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=5c81cc7b141a295e6cb818a79cdbc9d05d309e49a45b5d866abbe5d9a3ba08d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ac:21:6e:90:e6:ca:94:6a:03:5e:9a:6e:5c:
36:88:4b:10:4a:3f:49:f5:ac:3b:aa:bf:cb:07:45:
78:83:7d:9e:f7:20:57:04:9b:d7:b3:14:6c:68:45:
94:e6:bf:81:9e:ae:f9:ba:c3:4c:31:8b:fc:3d:29:
a6:b8:ca:8f:c5:32:c3:5a:60:08:15:fe:fc:c8:77:
f8:c6:83:8d:01:62:d2:17:1b:b2:2f:80:2d:77:a1:
28:2d:3a:65:c7:8a:a2:cc:89:96:cc:64:97:71:d2:
7c:db:e9:b3:f4:a7:27:69:87:70:21:1d:60:d3:fd:
1a:83:dc:40:9d:62:d1:d5:76:52:4c:5b:6d:47:88:
ef:4e:bc:6a:e5:ca:74:f7:00:ea:51:f0:bb:4d:cd:
bc:fd:0d:07:55:6c:2b:79:a4:28:db:c0:f3:ec:c5:
f4:e8:f9:1a:43:08:66:90:8e:5d:d3:a1:fa:78:48:
91:e0:b4:f8:f1:fc:e1:6f:55:b5:14:50:75:60:9b:
0b:68:c6:d3:ad:04:36:8b:86:30:6e:d5:92:df:e6:
fa:96:78:ad:45:b1:42:91:84:55:0d:30:86:a6:32:
1e:15:a1:f5:4d:ba:47:f3:16:c8:f9:0a:7f:07:9f:
92:73:f2:86:cb:e5:24:e2:dd:0b:3f:14:82:25:df:
bb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:00:32:DD:41:52:02:74:36:B4:B5:CA:82:14:A6:5B:E0:36:E6:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bc:f9:51:94:8f:af:e0:08:91:96:09:4a:36:e7:f2:0c:32:07:
ec:3d:d6:ac:2a:10:59:7c:b3:c1:e9:d6:82:73:08:bd:75:51:
a7:69:57:d1:60:21:65:11:74:fe:9b:f6:eb:3f:76:f0:2f:1e:
54:31:fc:55:d3:a3:80:14:a3:26:71:22:7a:37:8e:b2:78:c1:
e7:e1:b0:1d:0f:ed:e0:82:b0:23:e6:c1:fc:90:36:bd:82:2c:
1a:8f:56:7e:42:aa:b7:1e:4d:63:81:1f:29:3a:5f:55:52:ee:
7a:cd:dd:f6:1b:b2:37:0a:e5:a4:3d:38:c7:ff:82:20:ec:9a:
7a:cb:ae:20:a1:88:dd:80:ea:09:14:32:de:11:01:cd:8b:22:
a5:b2:24:4c:cc:cb:c5:85:34:50:86:b6:6f:e2:52:09:88:0f:
f2:ad:d9:a2:9c:60:2d:8a:25:6c:dd:f5:00:6d:4f:b4:fd:88:
f7:a3:4b:17:d1:49:11:29:56:19:4d:d2:b6:e1:f8:4f:88:bc:
0f:f6:5c:24:c2:cf:b4:6e:4c:de:4e:2f:e1:04:e1:ee:61:11:
71:9b:68:65:c4:fe:77:51:31:7f:bb:1a:01:d0:4a:19:f9:72:
83:a0:f6:26:75:9d:34:15:43:1f:b5:6b:5a:9d:9d:06:c5:7f:
67:23:3f:aa
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa4HQ7X071hzArL7gHAtxTQbeY24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMjBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjODFjYzdiMTQxYTI5NWU2Y2I4MThhNzljZGJjOWQwNWQzMDllNDlhNDVi
NWQ4NjZhYmJlNWQ5YTNiYTA4ZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALusIW6Q5sqUagNemm5cNohLEEo/SfWsO6q/ywdFeIN9nvcgVwSb17MUbGhF
lOa/gZ6u+brDTDGL/D0pprjKj8Uyw1pgCBX+/Mh3+MaDjQFi0hcbsi+ALXehKC06
ZceKosyJlsxkl3HSfNvps/SnJ2mHcCEdYNP9GoPcQJ1i0dV2UkxbbUeI7068auXK
dPcA6lHwu03NvP0NB1VsK3mkKNvA8+zF9Oj5GkMIZpCOXdOh+nhIkeC0+PH84W9V
tRRQdWCbC2jG060ENouGMG7Vkt/m+pZ4rUWxQpGEVQ0whqYyHhWh9U26R/MWyPkK
fwefknPyhsvlJOLdCz8UgiXfu0kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSjADLd
QVICdDa0tcqCFKZb4DbmHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQC8+VGUj6/gCJGWCUo25/IMMgfsPdasKhBZfLPB6daC
cwi9dVGnaVfRYCFlEXT+m/brP3bwLx5UMfxV06OAFKMmcSJ6N46yeMHn4bAdD+3g
grAj5sH8kDa9giwaj1Z+Qqq3Hk1jgR8pOl9VUu56zd32G7I3CuWkPTjH/4Ig7Jp6
y64goYjdgOoJFDLeEQHNiyKlsiRMzMvFhTRQhrZv4lIJiA/yrdminGAtiiVs3fUA
bU+0/Yj3o0sX0UkRKVYZTdK24fhPiLwP9lwkws+0bkzeTi/hBOHuYRFxm2hlxP53
UTF/uxoB0EoZ+XKDoPYmdZ00FUMftWtanZ0GxX9nIz+q
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:11:06 2025 by rpki-client