Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
File: 4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa (raw, json)
Hash identifier: rxS8AxQO5GV8C3ROYwOyJzC+yo6Td4Y/k7uS8TovWQY=
Subject key identifier: E1:5F:5C:53:84:B7:F8:19:6E:81:AE:69:D6:21:69:EC:61:A4:12:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02CE5622E8357F67A80CBED52FEB01F9C3E10CFA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
Signing time: Mon 14 Jul 2025 15:30:39 +0000
ROA not before: Mon 14 Jul 2025 15:30:39 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:ce:56:22:e8:35:7f:67:a8:0c:be:d5:2f:eb:01:f9:c3:e1:0c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:39 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=e89a2608f83c0a594f051301483d3e3b5d49f6d2087aa7f38e7daaa0e5b2cf87, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8d:a6:36:90:df:21:26:a1:25:e7:a9:d5:56:
cb:e2:73:d1:0d:e9:b7:f4:fd:6c:30:77:e6:e0:7f:
54:49:1c:98:c1:89:95:99:e9:a1:b4:af:df:3e:9a:
25:c4:34:58:bd:6d:d8:ab:b1:b7:e9:95:11:4c:e8:
5c:3d:e6:9d:c7:b5:a9:82:d3:68:78:a5:d2:dc:8e:
da:38:82:c1:d0:f8:52:12:d2:c0:c6:b6:50:13:14:
ef:26:e3:cb:d7:b2:0b:48:f7:b4:4a:b0:8a:d8:49:
5d:a7:21:4b:2d:cb:3e:98:c4:1a:2d:5e:6b:d5:a6:
52:8b:1d:82:f2:57:94:24:13:0f:0e:e3:f3:c2:38:
78:56:0c:06:c4:72:c3:8c:54:3a:2c:d9:d8:0a:ec:
96:83:a8:bd:c9:4d:e8:c5:87:e3:9d:2f:21:c9:e9:
a1:20:70:29:e3:7a:a7:98:63:87:7c:20:31:ca:18:
3b:61:a1:5f:8f:ed:c4:d5:07:8a:92:ea:01:67:88:
03:ba:3c:d4:5d:c8:be:5d:85:18:19:58:bb:4c:17:
9a:03:f7:93:34:97:e8:f3:ba:2f:7f:8d:d0:f5:6b:
5d:8b:8b:88:92:f6:0d:ae:0d:82:44:74:7f:93:ec:
8e:47:6d:3f:59:33:89:ab:1d:af:36:c8:1a:13:f4:
0c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:5F:5C:53:84:B7:F8:19:6E:81:AE:69:D6:21:69:EC:61:A4:12:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.88.0/21
Signature Algorithm: sha256WithRSAEncryption
76:a3:f3:f2:af:b0:e1:c4:c2:96:4e:6c:45:a1:92:13:85:96:
68:c0:f4:19:73:fe:66:06:72:ad:0d:e5:12:c9:80:ce:f2:01:
a9:c5:0d:36:fd:dc:c0:92:c6:c0:6a:a1:24:ea:ae:c1:6f:9a:
96:85:e8:11:d4:30:e3:73:56:3d:3f:96:0c:53:7c:d8:bc:56:
42:60:5c:31:0d:99:f4:ba:37:43:07:2e:02:32:68:a5:1d:55:
6e:cb:60:39:f4:5f:52:17:63:be:de:8c:5f:e4:44:34:a4:21:
90:58:2b:d2:b3:7f:a8:3e:22:cf:2f:5e:3c:9e:c2:a0:84:fa:
83:29:e2:83:37:09:24:31:fe:6c:3e:ea:80:14:15:ec:75:2b:
a5:a5:45:9d:a9:06:7b:11:7d:58:71:e6:3c:57:d5:d9:b4:f3:
16:e9:66:c8:da:fd:5a:87:03:50:76:4c:82:25:9f:1d:e1:a5:
7a:cf:61:5b:b9:b8:a1:68:74:31:81:c4:9a:fe:53:df:15:d2:
ba:35:30:c7:21:7c:cc:76:9b:86:c5:3e:ff:b6:33:1f:38:19:
94:a3:6e:f1:ed:6f:e6:e9:9c:03:32:1d:9b:87:21:29:3a:64:
3a:e4:e6:30:2c:69:59:0b:e5:65:e0:f3:4f:ab:ab:df:d1:18:
77:9f:31:54
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAs5WIug1f2eoDL7VL+sB+cPhDPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwMzlaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4OWEyNjA4ZjgzYzBhNTk0ZjA1MTMwMTQ4M2QzZTNiNWQ0OWY2ZDIwODdh
YTdmMzhlN2RhYWEwZTViMmNmODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6NpjaQ3yEmoSXnqdVWy+Jz0Q3pt/T9bDB35uB/VEkcmMGJlZnpobSv3z6a
JcQ0WL1t2Kuxt+mVEUzoXD3mnce1qYLTaHil0tyO2jiCwdD4UhLSwMa2UBMU7ybj
y9eyC0j3tEqwithJXachSy3LPpjEGi1ea9WmUosdgvJXlCQTDw7j88I4eFYMBsRy
w4xUOizZ2ArsloOovclN6MWH450vIcnpoSBwKeN6p5hjh3wgMcoYO2GhX4/txNUH
ipLqAWeIA7o81F3Ivl2FGBlYu0wXmgP3kzSX6PO6L3+N0PVrXYuLiJL2Da4NgkR0
f5PsjkdtP1kziasdrzbIGhP0DK8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBThX1xT
hLf4GW6BrmnWIWnsYaQSNjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGY5ZDNjMzktYWU3Ni00ZjIyLTlkZjktYzY1MDFhY2JjYzg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN
BgkqhkiG9w0BAQsFAAOCAQEAdqPz8q+w4cTClk5sRaGSE4WWaMD0GXP+ZgZyrQ3l
EsmAzvIBqcUNNv3cwJLGwGqhJOquwW+aloXoEdQw43NWPT+WDFN82LxWQmBcMQ2Z
9Lo3QwcuAjJopR1VbstgOfRfUhdjvt6MX+RENKQhkFgr0rN/qD4izy9ePJ7CoIT6
gynigzcJJDH+bD7qgBQV7HUrpaVFnakGexF9WHHmPFfV2bTzFulmyNr9WocDUHZM
giWfHeGles9hW7m4oWh0MYHEmv5T3xXSujUwxyF8zHabhsU+/7YzHzgZlKNu8e1v
5umcAzIdm4chKTpkOuTmMCxpWQvlZeDzT6ur39EYd58xVA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:33:04 2025 by rpki-client