Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: xpcqkXxLwXW3vMBFcjejbGlVecI+zDA8SbxUXJg1p6g=
Subject key identifier: 09:FF:9A:26:3C:1C:4A:AA:F2:5C:79:94:75:C7:40:08:5D:69:28:79
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B9C6CF196806EBB13D053A436E3DAFBAF7F5497
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Fri 11 Jul 2025 21:00:17 +0000
ROA not before: Fri 11 Jul 2025 21:00:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:9c:6c:f1:96:80:6e:bb:13:d0:53:a4:36:e3:da:fb:af:7f:54:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b2507c940063d057d886dc039532593d7265a17220db466c5fefb69af524f1f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5d:79:f9:45:19:6b:bf:8f:3d:99:0c:7a:fb:
59:bc:b0:c9:aa:82:5c:55:0b:bf:b6:6c:ea:32:07:
92:af:24:cd:35:31:38:d8:c0:3e:85:28:fd:98:dd:
a9:d5:8f:42:ae:d0:1b:2e:4a:bc:c1:16:d1:f9:ba:
e8:54:bb:c2:01:ba:51:7c:01:1f:0c:9b:c2:ed:2f:
04:4f:51:e6:94:9a:f8:a4:6f:67:e1:19:99:4a:97:
48:56:e9:f8:a9:18:a4:ec:a8:6f:d3:ce:f5:05:ca:
96:c1:7d:a6:6c:27:64:59:a9:90:25:c9:f9:34:5b:
15:dd:46:bf:dc:14:d5:42:c5:61:fe:d6:74:c6:a0:
b0:5b:12:c4:7a:42:72:63:3b:bd:ff:c7:98:15:83:
ec:94:5e:b6:83:e7:d1:f2:42:a6:68:36:27:76:9b:
9d:7f:7b:2a:eb:6f:34:54:a0:b6:8b:13:d1:b6:c5:
cc:13:db:c3:51:de:58:fd:36:b0:1c:b8:7a:5f:1d:
d5:2e:75:a7:8a:da:da:bf:5a:59:13:b3:60:e4:96:
b9:45:92:97:7a:aa:0e:45:3a:f2:da:0e:4b:83:35:
60:9b:47:6f:4f:14:61:d2:b8:0c:9f:7a:e0:f7:34:
6c:96:ed:4a:ec:82:9b:6b:e7:61:ba:6f:ee:c2:79:
ff:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FF:9A:26:3C:1C:4A:AA:F2:5C:79:94:75:C7:40:08:5D:69:28:79
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
26:c9:59:fa:2b:da:7b:dd:71:79:f2:fb:74:c5:d5:cc:7d:79:
93:89:30:18:8d:8a:be:67:30:fb:ea:1f:4e:30:5b:c1:1a:9f:
5b:d6:7d:e0:fc:f3:6b:8a:4b:77:e0:af:d4:c9:02:4c:a6:16:
16:61:12:ae:ea:24:b8:4f:2e:29:5e:7c:a2:25:13:c2:a6:e0:
43:4c:eb:bc:42:6e:30:84:5e:a9:54:c9:c4:22:b7:96:bb:26:
3d:17:fb:7a:b9:3a:34:f4:c9:06:95:15:a5:c2:01:8b:d5:9c:
f5:7f:cd:a9:da:55:7e:9f:6b:b5:e0:93:1d:1c:5c:45:6e:90:
c2:10:e0:c1:76:f0:31:3c:51:4c:0c:91:a4:eb:c3:d6:5e:5a:
e1:2b:7a:26:4c:9e:25:3b:90:42:b4:11:d1:96:76:a4:17:a1:
22:7b:99:53:f2:8a:25:49:ee:3e:1c:aa:c4:11:3e:5a:fc:b8:
e6:e5:c5:24:64:c9:4e:98:d8:7b:e7:52:53:c1:57:90:38:97:
86:af:4c:70:e8:36:a9:1f:22:f6:a1:d2:f2:cc:06:dd:bd:65:
b4:fe:fe:0f:fa:41:fc:ce:7f:5a:15:a7:a3:47:a4:20:3c:9f:
a5:72:6f:bc:f1:8b:75:be:c5:bc:cc:58:ab:6b:0f:ec:97:60:
6a:d5:ce:13
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe5xs8ZaAbrsT0FOkNuPa+69/VJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyNTA3Yzk0MDA2M2QwNTdkODg2ZGMwMzk1MzI1OTNkNzI2NWExNzIyMGRi
NDY2YzVmZWZiNjlhZjUyNGYxZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBdeflFGWu/jz2ZDHr7WbywyaqCXFULv7Zs6jIHkq8kzTUxONjAPoUo/Zjd
qdWPQq7QGy5KvMEW0fm66FS7wgG6UXwBHwybwu0vBE9R5pSa+KRvZ+EZmUqXSFbp
+KkYpOyob9PO9QXKlsF9pmwnZFmpkCXJ+TRbFd1Gv9wU1ULFYf7WdMagsFsSxHpC
cmM7vf/HmBWD7JRetoPn0fJCpmg2J3abnX97KutvNFSgtosT0bbFzBPbw1HeWP02
sBy4el8d1S51p4ra2r9aWROzYOSWuUWSl3qqDkU68toOS4M1YJtHb08UYdK4DJ96
4Pc0bJbtSuyCm2vnYbpv7sJ5/3UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJ/5om
PBxKqvJceZR1x0AIXWkoeTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQAmyVn6K9p73XF58vt0xdXMfXmTiTAYjYq+ZzD76h9O
MFvBGp9b1n3g/PNrikt34K/UyQJMphYWYRKu6iS4Ty4pXnyiJRPCpuBDTOu8Qm4w
hF6pVMnEIreWuyY9F/t6uTo09MkGlRWlwgGL1Zz1f82p2lV+n2u14JMdHFxFbpDC
EODBdvAxPFFMDJGk68PWXlrhK3omTJ4lO5BCtBHRlnakF6Eie5lT8oolSe4+HKrE
ET5a/Ljm5cUkZMlOmNh751JTwVeQOJeGr0xw6DapHyL2odLyzAbdvWW0/v4P+kH8
zn9aFaejR6QgPJ+lcm+88Yt1vsW8zFiraw/sl2Bq1c4T
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:35:45 2025 by rpki-client