Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
File: 60c12693-1526-46ae-aa45-d5276a0c0f79.roa (raw, json)
Hash identifier: se9Sgj0B5lvrccItRJIvMMi4PApEjY3tei2i66eOP1I=
Subject key identifier: 88:95:8F:22:D8:C4:71:B7:1C:D1:C8:3A:BC:77:B4:B6:00:57:E2:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4870BF296F62A1E5BBF6F0CC23480E2D4E659E30
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
Signing time: Mon 14 Jul 2025 15:40:20 +0000
ROA not before: Mon 14 Jul 2025 15:40:20 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.86.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:70:bf:29:6f:62:a1:e5:bb:f6:f0:cc:23:48:0e:2d:4e:65:9e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:20 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=ee2f93a799572c0d23ba58728b41a28dc71d3e5dcfa1b5a2025bd760c401b6a2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:40:a4:c6:fd:61:2a:a2:f7:fc:f8:e9:8f:89:
82:e0:84:20:bb:0b:47:1c:84:c3:20:6b:30:ed:b9:
3d:af:86:4f:bc:83:43:10:7d:68:50:f7:58:94:58:
e3:40:82:a2:b7:45:08:5b:58:2b:c3:ba:8f:56:9d:
68:26:b3:52:82:c0:26:26:aa:f6:d5:a3:80:5e:ce:
8f:4f:74:e9:df:f4:cf:68:d0:c7:75:1c:cd:82:01:
8d:31:35:b6:89:d1:f3:b3:4d:57:1e:e6:f9:71:a4:
d7:f8:09:d1:f6:41:f2:c6:7c:0a:46:da:aa:05:51:
b3:97:73:ea:d2:e3:45:2f:74:0d:a1:ef:15:7a:81:
2c:b2:ae:d0:7a:4b:2f:ad:bc:c8:21:e8:61:8e:c9:
9f:ee:22:5f:12:5d:50:1e:dd:f2:28:05:cb:27:86:
0d:d2:2b:3c:f2:b7:88:da:04:d7:f0:48:7f:31:26:
96:a6:cc:7d:fc:c0:0e:79:1c:56:c5:2a:5a:99:e5:
a0:f7:b8:a0:fe:48:8a:21:50:76:83:45:6f:fc:28:
c7:48:13:2e:50:11:6a:40:9c:0d:df:4e:3a:2b:42:
7d:ef:cb:55:6b:0f:0f:0f:46:f8:c0:c3:77:cd:ae:
58:c5:dc:6d:0d:f9:69:a0:8a:a7:e0:d9:c3:ea:d5:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:95:8F:22:D8:C4:71:B7:1C:D1:C8:3A:BC:77:B4:B6:00:57:E2:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.86.0.0/15
Signature Algorithm: sha256WithRSAEncryption
62:19:3a:7a:18:40:4e:09:69:99:42:be:fe:2d:bb:96:fa:0a:
1c:71:02:e1:2d:74:65:83:13:fa:0f:fc:70:ca:05:97:a9:a8:
fb:be:dc:9f:aa:79:ed:68:44:c9:94:01:60:50:54:64:c9:26:
7c:da:a0:9f:0b:ef:c2:dc:27:6e:38:1b:30:28:df:49:09:8b:
2c:9d:21:a7:a1:bb:42:d3:81:41:a5:7d:70:31:a6:4d:76:a0:
77:df:34:0b:8c:39:27:1f:6a:79:4e:1f:6a:2b:f9:9b:1b:ab:
ce:4a:ed:6e:b6:29:13:58:70:8c:a0:bc:88:25:85:8d:6e:b0:
a9:3a:b2:af:5c:d9:1d:96:a9:18:81:14:99:a8:ee:2d:55:c9:
89:a4:da:1b:28:9a:aa:cc:8f:d5:fe:03:e1:88:62:ef:f9:33:
07:da:ac:4f:1b:ec:2e:e3:43:34:ba:46:ec:78:7d:eb:b2:a0:
e7:e9:35:93:79:c7:b7:2d:be:05:86:1d:b0:57:75:93:82:9c:
41:2a:5c:e3:49:59:49:35:e0:8d:c8:11:b6:84:f6:fb:ca:2f:
fa:82:78:62:aa:e8:34:20:a3:34:5e:d2:d6:23:3d:06:45:02:
19:84:43:df:82:d4:d9:61:f0:e8:ae:2c:5f:1b:18:f6:a0:c5:
e2:c3:fb:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSHC/KW9ioeW79vDMI0gOLU5lnjAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMjBaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMmY5M2E3OTk1NzJjMGQyM2JhNTg3MjhiNDFhMjhkYzcxZDNlNWRjZmEx
YjVhMjAyNWJkNzYwYzQwMWI2YTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJApMb9YSqi9/z46Y+JguCEILsLRxyEwyBrMO25Pa+GT7yDQxB9aFD3WJRY
40CCordFCFtYK8O6j1adaCazUoLAJiaq9tWjgF7Oj0906d/0z2jQx3UczYIBjTE1
tonR87NNVx7m+XGk1/gJ0fZB8sZ8CkbaqgVRs5dz6tLjRS90DaHvFXqBLLKu0HpL
L628yCHoYY7Jn+4iXxJdUB7d8igFyyeGDdIrPPK3iNoE1/BIfzEmlqbMffzADnkc
VsUqWpnloPe4oP5IiiFQdoNFb/wox0gTLlARakCcDd9OOitCfe/LVWsPDw9G+MDD
d82uWMXcbQ35aaCKp+DZw+rVk7kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIlY8i
2MRxtxzRyDq8d7S2AFfi9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjMTI2OTMtMTUyNi00NmFlLWFhNDUtZDUyNzZhMGMwZjc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G
CSqGSIb3DQEBCwUAA4IBAQBiGTp6GEBOCWmZQr7+LbuW+goccQLhLXRlgxP6D/xw
ygWXqaj7vtyfqnntaETJlAFgUFRkySZ82qCfC+/C3CduOBswKN9JCYssnSGnobtC
04FBpX1wMaZNdqB33zQLjDknH2p5Th9qK/mbG6vOSu1utikTWHCMoLyIJYWNbrCp
OrKvXNkdlqkYgRSZqO4tVcmJpNobKJqqzI/V/gPhiGLv+TMH2qxPG+wu40M0ukbs
eH3rsqDn6TWTece3Lb4Fhh2wV3WTgpxBKlzjSVlJNeCNyBG2hPb7yi/6gnhiqug0
IKM0XtLWIz0GRQIZhEPfgtTZYfDorixfGxj2oMXiw/s/
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:52:55 2025 by rpki-client