
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json)
Hash identifier: Oj5ROI2Sulp/vLcAENQZXbzLX1JPB7N0vKSLBho/Uwc=
Subject key identifier: CE:35:09:44:CB:BC:1F:2A:C0:28:EC:BD:76:AF:A1:4F:C5:D7:EB:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 774B973E2A54BD730ED9D7377787C546EA4C6D09
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
Signing time: Mon 28 Jul 2025 16:10:03 +0000
ROA not before: Mon 28 Jul 2025 16:10:03 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:4b:97:3e:2a:54:bd:73:0e:d9:d7:37:77:87:c5:46:ea:4c:6d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 28 16:10:03 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=81182b5020e23e418273fbcaef1384accb867d916484d880cae5faefa4779ec7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ef:9b:15:d3:7a:3c:ff:d8:85:0f:7f:b8:a6:
6d:aa:ce:88:cf:6e:7b:79:7a:9a:92:b3:46:3d:a3:
d4:9f:f4:76:02:7a:52:c5:8b:d1:04:2c:88:f7:2b:
2a:b4:17:17:0e:08:91:73:1c:f4:61:b7:72:84:9f:
19:ae:e2:28:ae:4e:6a:3d:9c:03:ee:74:da:b5:90:
f1:da:cb:b1:b3:d0:9e:22:c5:00:e3:6b:7d:d2:dd:
79:83:6f:26:9a:ad:69:61:ae:dc:58:fd:3e:49:dc:
eb:fe:10:90:50:b4:85:93:da:8a:9b:9c:1c:64:59:
c6:ee:9c:6c:87:50:32:58:53:80:f6:eb:2a:b7:89:
62:c9:44:b2:7d:5d:72:5a:b2:db:ae:51:a7:88:3d:
3c:3a:4b:1d:a1:67:74:a3:a9:03:ed:18:b2:a9:01:
97:bc:9a:c0:dc:f8:5e:b7:a1:23:2b:aa:c1:22:36:
21:3f:9f:62:8d:bc:95:9f:3b:ab:82:8d:4d:05:bf:
cc:21:d1:8b:53:e6:de:8c:2e:ec:8e:54:34:a9:dd:
24:ed:1d:d1:e2:16:42:d4:f8:c3:f1:51:c9:f0:6f:
12:96:83:b1:81:59:17:25:4e:33:d3:38:02:31:ed:
9c:6a:78:1e:13:82:e7:ff:ea:a2:f9:7a:3b:46:94:
f3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:35:09:44:CB:BC:1F:2A:C0:28:EC:BD:76:AF:A1:4F:C5:D7:EB:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9f:86:12:04:44:17:3c:16:ef:c8:23:58:2f:6e:83:ad:14:63:
af:df:18:94:e1:0d:61:89:0e:5c:1b:47:2a:3c:93:c4:9b:ff:
45:74:fa:ea:b3:65:a8:a1:f1:10:79:e7:cb:e0:38:27:59:7a:
c9:2e:2c:4a:a9:43:19:48:ee:10:14:1e:dd:32:8f:69:d0:d8:
17:3f:e8:b3:c7:64:eb:82:96:87:f0:35:2b:63:4b:88:7c:9d:
a2:87:ee:31:77:24:d7:50:75:6e:52:a4:b8:54:2e:55:ad:e9:
4b:c1:b6:9f:62:99:98:dd:11:1e:b5:7d:29:2b:4a:bc:ed:66:
2a:01:b4:d4:0d:e4:14:70:fd:fa:69:4a:14:02:3e:34:6f:e8:
18:9a:0d:fd:00:e6:fb:4d:c8:19:dc:7b:24:33:88:fc:5a:4a:
18:06:a4:6e:79:26:a5:1c:75:5c:6e:8f:fd:8a:a7:15:d1:c7:
74:87:35:52:46:aa:0f:e7:99:71:05:c8:27:bc:f3:0f:c8:68:
a3:ba:3e:86:94:6d:8c:21:fb:ee:39:1f:26:4c:ba:8c:58:3c:
45:99:94:6f:5c:ad:fd:59:3b:dc:18:ef:3e:e4:90:f7:22:1a:
27:f2:5f:d6:02:fe:ab:3f:7a:9c:19:df:9a:0b:7f:c3:e8:f6:
a3:9c:00:49
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd0uXPipUvXMO2dc3d4fFRupMbQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjgxNjEwMDNaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMTgyYjUwMjBlMjNlNDE4MjczZmJjYWVmMTM4NGFjY2I4NjdkOTE2NDg0
ZDg4MGNhZTVmYWVmYTQ3NzllYzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzvmxXTejz/2IUPf7imbarOiM9ue3l6mpKzRj2j1J/0dgJ6UsWL0QQsiPcr
KrQXFw4IkXMc9GG3coSfGa7iKK5Oaj2cA+502rWQ8drLsbPQniLFAONrfdLdeYNv
JpqtaWGu3Fj9Pknc6/4QkFC0hZPaipucHGRZxu6cbIdQMlhTgPbrKreJYslEsn1d
clqy265Rp4g9PDpLHaFndKOpA+0YsqkBl7yawNz4XrehIyuqwSI2IT+fYo28lZ87
q4KNTQW/zCHRi1Pm3owu7I5UNKndJO0d0eIWQtT4w/FRyfBvEpaDsYFZFyVOM9M4
AjHtnGp4HhOC5//qovl6O0aU8+cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTONQlE
y7wfKsAo7L12r6FPxdfrfTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQCfhhIERBc8Fu/II1gvboOtFGOv3xiU4Q1hiQ5cG0cq
PJPEm/9FdPrqs2WoofEQeefL4DgnWXrJLixKqUMZSO4QFB7dMo9p0NgXP+izx2Tr
gpaH8DUrY0uIfJ2ih+4xdyTXUHVuUqS4VC5VrelLwbafYpmY3REetX0pK0q87WYq
AbTUDeQUcP36aUoUAj40b+gYmg39AOb7TcgZ3HskM4j8WkoYBqRueSalHHVcbo/9
iqcV0cd0hzVSRqoP55lxBcgnvPMPyGijuj6GlG2MIfvuOR8mTLqMWDxFmZRvXK39
WTvcGO8+5JD3Ihon8l/WAv6rP3qcGd+aC3/D6PajnABJ
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:44:29 2025 by rpki-client