Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: iW++cghyESCAUTBRvXGiA3pYLTuKzW7pr/WJYoGqDRs=
Subject key identifier: 37:65:0E:F0:A9:B5:D4:90:A2:5C:9C:A7:46:20:08:40:01:20:B4:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1EB71B81472E9B458BB88B5084026EE07272B266
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Mon 21 Jul 2025 17:00:45 +0000
ROA not before: Mon 21 Jul 2025 17:00:45 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:b7:1b:81:47:2e:9b:45:8b:b8:8b:50:84:02:6e:e0:72:72:b2:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:45 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=e2ab5936ef1172221d28bb75bbdc963a662e87a6460c6d33936a9d7702ce5cca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8f:ff:7b:28:83:2b:d3:8b:28:3c:25:1a:55:
20:ec:c5:81:c2:ff:7f:9c:bd:7d:e9:74:97:33:b2:
b9:29:1a:56:e0:fc:d0:98:98:1b:88:2b:f5:30:e2:
5a:7d:fd:b8:ad:4a:b8:3a:66:39:32:9e:6f:1a:1d:
a2:88:2b:a1:15:69:2a:f4:b0:3f:a7:ec:d4:9e:b7:
f5:43:70:43:82:6a:4b:85:89:c3:5c:89:13:9d:e2:
2b:25:22:f8:a1:4e:2f:ed:1b:39:a9:62:aa:e0:16:
3d:65:cb:09:55:ab:41:0c:39:93:04:b1:9f:e3:60:
2e:bb:fc:bd:da:14:2f:e2:f5:cb:85:52:74:a1:c3:
d1:f9:fd:79:79:93:a6:42:2b:79:6d:39:83:88:7a:
c9:4c:00:ac:a6:4e:56:e3:98:df:3b:b0:57:01:05:
c9:24:16:6b:d6:52:74:0e:34:47:a5:39:7e:c8:93:
15:41:39:6d:6f:fa:be:94:b9:12:c4:0c:95:e9:c8:
13:55:17:c9:e6:52:3f:e2:e4:37:28:fb:1d:14:d6:
88:ab:fd:b5:97:e7:b8:5f:e4:50:37:ec:ac:a2:d6:
15:e2:0b:13:98:63:5a:92:fe:07:9b:fe:58:3d:c6:
49:c1:4b:6c:57:57:fe:6f:16:4a:b2:d0:0f:45:9e:
3b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:65:0E:F0:A9:B5:D4:90:A2:5C:9C:A7:46:20:08:40:01:20:B4:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:03:ff:4d:2e:d2:5b:d4:f8:88:1d:fc:8d:ad:63:75:52:6a:
53:5a:24:93:90:c6:b0:f6:96:37:15:fe:a0:15:e5:3b:d8:75:
9b:fb:7e:f2:71:de:33:7d:48:57:39:81:aa:43:66:08:6b:f6:
58:cd:1a:bc:af:2e:d9:90:6b:45:46:02:f6:af:ff:5d:b5:87:
a4:30:7f:04:ff:33:2c:6e:2d:48:97:3d:cd:ee:08:68:5b:e4:
f9:bc:53:b2:b3:80:2e:10:ec:59:e3:b7:b1:4e:cd:41:b3:c5:
a1:20:52:4e:1b:09:1a:13:56:c8:9b:5e:19:a1:cb:90:b1:61:
c3:4b:d2:74:74:75:7b:71:50:4d:9a:31:e8:33:d3:1b:12:0a:
7d:17:ee:a0:22:68:f9:81:fc:a7:36:b4:55:5a:32:6e:43:a7:
35:73:1e:3d:35:cb:a5:51:01:36:d2:e0:b5:f7:5d:3a:d9:27:
e5:f2:f6:bc:3d:f4:53:bf:04:68:2b:05:e1:be:92:a1:ce:57:
1b:97:a4:b0:db:4f:8e:ad:9e:43:8f:e3:f9:9e:59:55:cc:ec:
80:c3:29:96:30:42:d5:35:40:ce:2e:21:e9:19:d1:14:54:a2:
07:6a:d3:d1:12:ad:0d:85:da:b8:f7:8b:e5:56:83:df:60:45:
ac:73:82:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHrcbgUcum0WLuItQhAJu4HJysmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDVaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyYWI1OTM2ZWYxMTcyMjIxZDI4YmI3NWJiZGM5NjNhNjYyZTg3YTY0NjBj
NmQzMzkzNmE5ZDc3MDJjZTVjY2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKP/3sogyvTiyg8JRpVIOzFgcL/f5y9fel0lzOyuSkaVuD80JiYG4gr9TDi
Wn39uK1KuDpmOTKebxodoogroRVpKvSwP6fs1J639UNwQ4JqS4WJw1yJE53iKyUi
+KFOL+0bOaliquAWPWXLCVWrQQw5kwSxn+NgLrv8vdoUL+L1y4VSdKHD0fn9eXmT
pkIreW05g4h6yUwArKZOVuOY3zuwVwEFySQWa9ZSdA40R6U5fsiTFUE5bW/6vpS5
EsQMlenIE1UXyeZSP+LkNyj7HRTWiKv9tZfnuF/kUDfsrKLWFeILE5hjWpL+B5v+
WD3GScFLbFdX/m8WSrLQD0WeOwMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ3ZQ7w
qbXUkKJcnKdGIAhAASC09zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQBGA/9NLtJb1PiIHfyNrWN1UmpTWiSTkMaw9pY3Ff6g
FeU72HWb+37ycd4zfUhXOYGqQ2YIa/ZYzRq8ry7ZkGtFRgL2r/9dtYekMH8E/zMs
bi1Ilz3N7ghoW+T5vFOys4AuEOxZ47exTs1Bs8WhIFJOGwkaE1bIm14ZocuQsWHD
S9J0dHV7cVBNmjHoM9MbEgp9F+6gImj5gfynNrRVWjJuQ6c1cx49NculUQE20uC1
91062Sfl8va8PfRTvwRoKwXhvpKhzlcbl6Sw20+OrZ5Dj+P5nllVzOyAwymWMELV
NUDOLiHpGdEUVKIHatPREq0Nhdq494vlVoPfYEWsc4JD
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:32:41 2025 by rpki-client