Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: ly8Uou9lTb0jRcus5TwlOw7jKClNDLDl8RL6PIkIiio=
Subject key identifier: 97:A4:68:05:61:AA:67:75:AD:0F:FA:5B:F6:8A:EB:F5:E4:91:4C:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2179BDEBF1662FE40DA46074C0667625991215DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Mon 14 Jul 2025 15:40:48 +0000
ROA not before: Mon 14 Jul 2025 15:40:48 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:79:bd:eb:f1:66:2f:e4:0d:a4:60:74:c0:66:76:25:99:12:15:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:48 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=626f26efe0eae0ada1010ab6af8fe4b3546f3e4c0c72e5d0933f275cbc205b20, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d8:4b:eb:c0:2b:2e:90:2f:e8:d5:ff:9e:d3:
c7:36:31:30:a0:8a:2f:f0:9b:bb:55:b4:30:ca:d9:
ed:7c:96:50:09:b6:fc:f2:a8:5a:43:97:c7:51:a6:
cc:5e:3d:74:a3:fe:a3:f6:9f:26:70:7c:e4:16:63:
f0:f3:c5:4f:1e:3e:49:92:28:d8:68:bf:99:15:33:
fe:9f:8e:69:84:1b:76:25:e0:cd:d5:1f:70:26:d9:
6c:26:cc:10:d2:8d:0b:8a:22:7e:75:3d:27:aa:32:
26:72:3e:3a:d6:f0:bd:1e:5e:bb:57:ec:31:d7:9a:
55:8b:b7:3c:0e:79:3e:b5:52:9b:59:f4:66:8f:9b:
7f:36:a8:f7:fe:6e:29:fb:d0:fc:c5:b1:08:1b:ad:
12:7d:c1:10:f0:e3:d4:87:6e:75:28:72:0b:5b:ca:
6f:d5:6d:d4:c8:32:a7:94:c5:59:46:dc:c0:7f:b6:
96:fd:8b:76:35:a7:19:56:cb:07:e2:fb:3e:73:8b:
e0:22:df:0a:3b:03:37:31:8e:d2:db:36:9d:f6:b3:
f2:88:f5:85:c0:af:6e:1e:ed:03:dc:b7:6a:8e:a4:
a0:53:fe:65:07:fb:b3:c8:e8:d8:86:38:cd:bf:15:
fa:f9:4d:e3:bf:92:c7:f9:3a:79:2e:23:58:01:b1:
6d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A4:68:05:61:AA:67:75:AD:0F:FA:5B:F6:8A:EB:F5:E4:91:4C:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
d4:cf:11:4c:09:74:05:ec:6e:14:d1:d6:e0:69:ac:94:83:60:
6a:0c:cc:4d:f4:7c:52:78:a7:23:c0:6e:df:44:e7:e9:3d:1a:
0c:e3:7d:c0:c6:72:9c:9a:10:b2:1e:99:06:d9:49:9f:5d:e5:
15:01:8b:ae:a5:e0:53:0d:7a:aa:89:fd:c0:f4:fa:2d:ff:de:
f7:b9:5e:b5:4a:53:a1:33:d3:37:61:44:db:00:ef:63:f3:82:
9c:bb:b2:63:10:2d:8e:0c:ca:8c:84:5d:e5:d5:e2:f8:64:a0:
bb:fc:cd:97:d1:48:03:65:29:ec:64:4b:55:52:7e:77:99:cd:
f5:4e:60:61:80:98:1c:0c:ac:67:bb:77:bb:e0:64:7a:37:99:
96:61:ec:e8:0a:dc:21:7f:2e:01:4b:8e:d0:45:bf:8d:3c:5f:
a6:ca:11:02:52:93:1c:1a:ab:e2:07:2a:87:80:0a:f8:fd:85:
d4:7b:46:db:ce:2f:4a:14:a0:42:0e:e8:59:59:5d:b8:0b:16:
0a:47:c9:3a:45:08:27:a1:7e:4c:ce:b0:9b:90:f6:45:54:3c:
aa:dd:98:37:67:a0:33:d5:d9:ae:fe:e4:aa:a2:32:4d:9a:67:
8d:27:cf:8b:b4:03:2f:ec:2d:f6:fb:eb:c3:45:9c:12:80:93:
76:96:78:97
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIXm96/FmL+QNpGB0wGZ2JZkSFd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwNDhaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyNmYyNmVmZTBlYWUwYWRhMTAxMGFiNmFmOGZlNGIzNTQ2ZjNlNGMwYzcy
ZTVkMDkzM2YyNzVjYmMyMDViMjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTYS+vAKy6QL+jV/57TxzYxMKCKL/Cbu1W0MMrZ7XyWUAm2/PKoWkOXx1Gm
zF49dKP+o/afJnB85BZj8PPFTx4+SZIo2Gi/mRUz/p+OaYQbdiXgzdUfcCbZbCbM
ENKNC4oifnU9J6oyJnI+OtbwvR5eu1fsMdeaVYu3PA55PrVSm1n0Zo+bfzao9/5u
KfvQ/MWxCButEn3BEPDj1IdudShyC1vKb9Vt1Mgyp5TFWUbcwH+2lv2LdjWnGVbL
B+L7PnOL4CLfCjsDNzGO0ts2nfaz8oj1hcCvbh7tA9y3ao6koFP+ZQf7s8jo2IY4
zb8V+vlN47+Sx/k6eS4jWAGxbb8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXpGgF
Yapnda0P+lv2iuv15JFMmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQDUzxFMCXQF7G4U0dbgaayUg2BqDMxN9HxSeKcjwG7f
ROfpPRoM433AxnKcmhCyHpkG2UmfXeUVAYuupeBTDXqqif3A9Pot/973uV61SlOh
M9M3YUTbAO9j84Kcu7JjEC2ODMqMhF3l1eL4ZKC7/M2X0UgDZSnsZEtVUn53mc31
TmBhgJgcDKxnu3e74GR6N5mWYezoCtwhfy4BS47QRb+NPF+myhECUpMcGqviByqH
gAr4/YXUe0bbzi9KFKBCDuhZWV24CxYKR8k6RQgnoX5MzrCbkPZFVDyq3Zg3Z6Az
1dmu/uSqojJNmmeNJ8+LtAMv7C32++vDRZwSgJN2lniX
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:39:40 2025 by rpki-client