
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
File: 63e023f1-83fd-412f-8365-33afe1ac80af.roa (raw, json)
Hash identifier: 6NSJddqHBNP4CMlyPX8LfK3fVFVk8m7hcy5m4lt6ZU4=
Subject key identifier: E1:1B:0F:22:54:5E:73:A2:63:1A:17:D1:41:57:A3:37:CF:BA:F0:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E010FF33F348022FD9D07396B5D8C836008AC50
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
Signing time: Fri 11 Jul 2025 21:00:17 +0000
ROA not before: Fri 11 Jul 2025 21:00:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:01:0f:f3:3f:34:80:22:fd:9d:07:39:6b:5d:8c:83:60:08:ac:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0cf2c1bfa7dc12d4c6827164fd2dde2548018219c1238b04fa7572b6dee4cb1f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b2:74:4b:36:9a:92:f5:de:a6:24:39:0f:13:
b9:99:7a:06:aa:fa:ba:75:c5:f1:c1:ed:9d:5b:ed:
8f:50:a9:3b:58:b2:c9:2d:83:75:17:31:fd:20:8b:
5a:4c:5e:9b:f9:16:57:c4:5f:a7:b1:c0:35:f5:d7:
07:68:6f:a4:17:d4:b6:48:8d:20:77:76:73:96:3d:
97:d6:a7:3b:89:c7:e2:0f:e6:65:87:05:61:0b:ee:
6e:b2:72:7e:bd:d2:26:10:40:bf:e8:8c:20:16:af:
bb:cf:6b:e8:e9:de:fa:99:91:54:e6:f9:9b:67:fe:
11:59:b7:1e:c8:ea:6c:5d:99:f6:6c:d4:e9:ff:e1:
f6:44:71:30:58:78:30:9e:a2:ad:24:d9:35:e3:86:
94:6c:73:c8:4d:52:f4:59:19:24:41:18:05:3a:ca:
05:33:3c:10:b8:ff:b3:0a:1b:22:d9:19:93:f2:03:
ed:ff:aa:36:6d:1e:11:63:fb:f3:b6:78:a1:5c:74:
5f:b0:61:0c:16:03:86:f7:6f:48:65:a5:4e:5c:58:
7c:3d:29:7b:3f:1e:b8:05:18:f0:ec:32:c3:af:31:
70:51:da:dc:76:20:78:9c:9d:6b:bd:2c:ff:72:99:
c5:d5:7c:16:f1:6f:80:d6:a1:57:e1:d0:2a:60:8a:
1e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1B:0F:22:54:5E:73:A2:63:1A:17:D1:41:57:A3:37:CF:BA:F0:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:51:4a:49:a5:5b:5b:dd:51:29:b9:09:e5:6a:ae:84:3f:30:
1f:7c:cc:bd:d6:01:8a:2b:64:36:9e:a8:57:1b:b8:b9:e9:ff:
43:75:88:c5:85:ad:b3:00:64:b4:78:dc:88:17:1d:eb:dd:60:
76:fc:52:6f:16:b0:6d:52:59:43:68:84:1d:e9:df:0b:bb:65:
52:e6:42:ab:4d:fb:3c:30:17:77:a5:13:53:8f:97:24:08:d0:
b7:60:ed:b4:b5:a3:3b:c9:b2:de:3e:6d:c1:49:e9:4d:34:74:
89:b1:9e:2e:00:16:e6:af:ed:21:39:45:78:0b:63:1d:0e:ef:
65:72:ed:f9:87:30:ff:81:ae:cd:61:b4:14:20:b1:76:05:09:
a7:45:55:91:c0:c7:e3:e7:b8:e1:66:25:ca:b1:65:ce:ff:21:
7e:f9:4a:a4:5c:ad:cc:0b:c7:9c:3a:63:6b:d3:07:a1:7a:ac:
35:02:99:da:f8:da:53:14:52:ec:60:a8:dc:89:21:b5:9f:2f:
15:a8:1b:ce:db:9e:12:0b:ac:cd:6e:52:96:ab:52:70:48:58:
64:9d:50:94:b2:36:82:49:2b:7f:96:c2:9b:d7:4f:13:b1:61:
90:48:d5:d7:bd:11:40:94:d6:aa:99:e8:4b:21:54:e3:b1:c7:
45:d0:b8:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHgEP8z80gCL9nQc5a12Mg2AIrFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjZjJjMWJmYTdkYzEyZDRjNjgyNzE2NGZkMmRkZTI1NDgwMTgyMTljMTIz
OGIwNGZhNzU3MmI2ZGVlNGNiMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGydEs2mpL13qYkOQ8TuZl6Bqr6unXF8cHtnVvtj1CpO1iyyS2DdRcx/SCL
Wkxem/kWV8Rfp7HANfXXB2hvpBfUtkiNIHd2c5Y9l9anO4nH4g/mZYcFYQvubrJy
fr3SJhBAv+iMIBavu89r6One+pmRVOb5m2f+EVm3HsjqbF2Z9mzU6f/h9kRxMFh4
MJ6irSTZNeOGlGxzyE1S9FkZJEEYBTrKBTM8ELj/swobItkZk/ID7f+qNm0eEWP7
87Z4oVx0X7BhDBYDhvdvSGWlTlxYfD0pez8euAUY8Owyw68xcFHa3HYgeJyda70s
/3KZxdV8FvFvgNahV+HQKmCKHlkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThGw8i
VF5zomMaF9FBV6M3z7rwLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjNlMDIzZjEtODNmZC00MTJmLTgzNjUtMzNhZmUxYWM4MGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQAsUUpJpVtb3VEpuQnlaq6EPzAffMy91gGKK2Q2nqhX
G7i56f9DdYjFha2zAGS0eNyIFx3r3WB2/FJvFrBtUllDaIQd6d8Lu2VS5kKrTfs8
MBd3pRNTj5ckCNC3YO20taM7ybLePm3BSelNNHSJsZ4uABbmr+0hOUV4C2MdDu9l
cu35hzD/ga7NYbQUILF2BQmnRVWRwMfj57jhZiXKsWXO/yF++UqkXK3MC8ecOmNr
0weheqw1Apna+NpTFFLsYKjciSG1ny8VqBvO254SC6zNblKWq1JwSFhknVCUsjaC
SSt/lsKb108TsWGQSNXXvRFAlNaqmehLIVTjscdF0Li7
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:29:57 2025 by rpki-client