Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json)
Hash identifier: GAYTXW4eVgNgszkSAdtBaZ6alqurpoAu5uEk+oD1xFA=
Subject key identifier: 0D:ED:AF:44:14:71:D2:68:ED:A9:FE:3E:DB:81:9D:98:C3:83:CC:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C5C7C4D9B475B372F27508C3DEA4B9BD3FF785E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
Signing time: Mon 14 Jul 2025 15:30:41 +0000
ROA not before: Mon 14 Jul 2025 15:30:41 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:5c:7c:4d:9b:47:5b:37:2f:27:50:8c:3d:ea:4b:9b:d3:ff:78:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:41 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=8093d1b502650d722e35019239f0c2e1869d00c1f51afc80918986bbcc518356, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:80:b4:94:f5:65:dd:2c:92:aa:cf:f6:00:28:
53:41:d2:9c:02:a7:26:32:65:40:c8:cc:58:ac:63:
6e:0d:71:aa:e7:f7:c2:22:6d:38:30:ea:f3:09:b0:
35:68:ce:72:dd:b4:4a:a1:97:a3:fc:af:c1:39:44:
28:6b:7e:f1:86:f3:ad:c8:39:81:5f:a5:8b:0c:48:
a7:7e:56:c7:6d:8f:ac:eb:9a:ba:0d:0f:81:49:fb:
24:cf:95:7f:bf:09:f8:2f:e5:59:6b:d8:91:44:9a:
dd:f5:bb:6d:1a:f1:6b:52:5e:bb:49:58:23:3b:95:
7b:b5:56:72:91:24:5f:69:5c:26:a2:f3:26:9b:cc:
08:75:22:a9:67:f3:67:62:d2:b2:79:85:e4:8f:2b:
06:07:4c:14:00:a2:38:33:d3:6f:e6:de:0e:03:b2:
40:88:b6:c0:e8:32:fd:8c:9a:29:ec:c8:84:ae:7d:
8e:65:48:17:aa:e6:6a:bd:09:62:82:9d:2f:42:fc:
ac:2d:f7:db:7a:cf:ce:4a:32:07:4e:f7:ce:4e:2a:
72:af:78:b3:ae:3c:b1:0c:17:19:35:56:ea:17:20:
b8:7b:02:f8:43:b0:d2:76:c2:cf:52:00:28:5d:a0:
33:47:da:f1:55:93:96:38:29:11:28:6f:72:95:d9:
f4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:ED:AF:44:14:71:D2:68:ED:A9:FE:3E:DB:81:9D:98:C3:83:CC:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
62:dc:04:63:9e:7d:af:bb:57:25:0f:33:ba:b8:5f:57:74:30:
b1:2c:44:a7:fd:d6:b9:ae:0c:83:ae:76:8d:85:16:f0:c8:04:
40:94:40:e7:f0:d9:8c:39:68:df:99:58:1e:e0:7b:b6:43:6a:
3b:96:65:11:84:d5:48:fd:27:8a:78:48:c5:c0:ca:d8:39:ef:
6c:67:80:7a:9c:6a:ac:a4:1c:ef:3a:94:69:c9:00:ad:7b:15:
a0:8f:83:42:e1:80:cd:66:6b:cf:f8:8a:3c:b2:ec:58:f5:0a:
df:79:78:37:5f:7e:d9:8d:73:b1:67:38:7f:c0:b5:f9:09:b0:
7c:e8:8b:c7:ec:6e:eb:46:e5:8f:ac:51:d0:07:1a:67:a4:38:
3a:70:ba:14:28:4d:15:09:c4:57:b8:3d:ef:99:0f:e8:ef:58:
a8:50:c7:78:00:49:67:f8:2e:77:7f:f6:5a:cb:e5:d5:f0:f2:
a2:30:a7:01:3e:eb:4c:f7:c1:e8:b5:3f:65:91:d0:fe:28:c6:
f8:93:b6:b4:aa:dd:2e:3b:0b:25:ab:0c:bc:0a:b5:b8:8b:fc:
2e:92:30:a2:4d:a4:81:7b:35:e6:54:11:fe:c2:6f:94:ac:96:
98:8d:1a:f1:0d:25:c1:b3:5d:35:4b:63:8b:9b:31:22:24:c8:
ad:ab:06:e4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDFx8TZtHWzcvJ1CMPepLm9P/eF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwNDFaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwOTNkMWI1MDI2NTBkNzIyZTM1MDE5MjM5ZjBjMmUxODY5ZDAwYzFmNTFh
ZmM4MDkxODk4NmJiY2M1MTgzNTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyAtJT1Zd0skqrP9gAoU0HSnAKnJjJlQMjMWKxjbg1xquf3wiJtODDq8wmw
NWjOct20SqGXo/yvwTlEKGt+8Ybzrcg5gV+liwxIp35Wx22PrOuaug0PgUn7JM+V
f78J+C/lWWvYkUSa3fW7bRrxa1Jeu0lYIzuVe7VWcpEkX2lcJqLzJpvMCHUiqWfz
Z2LSsnmF5I8rBgdMFACiODPTb+beDgOyQIi2wOgy/YyaKezIhK59jmVIF6rmar0J
YoKdL0L8rC3323rPzkoyB073zk4qcq94s648sQwXGTVW6hcguHsC+EOw0nbCz1IA
KF2gM0fa8VWTljgpEShvcpXZ9AUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQN7a9E
FHHSaO2p/j7bgZ2Yw4PMoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEAYtwEY559r7tXJQ8zurhfV3QwsSxEp/3Wua4Mg652
jYUW8MgEQJRA5/DZjDlo35lYHuB7tkNqO5ZlEYTVSP0ninhIxcDK2DnvbGeAepxq
rKQc7zqUackArXsVoI+DQuGAzWZrz/iKPLLsWPUK33l4N19+2Y1zsWc4f8C1+Qmw
fOiLx+xu60blj6xR0AcaZ6Q4OnC6FChNFQnEV7g975kP6O9YqFDHeABJZ/gud3/2
Wsvl1fDyojCnAT7rTPfB6LU/ZZHQ/ijG+JO2tKrdLjsLJasMvAq1uIv8LpIwok2k
gXs15lQR/sJvlKyWmI0a8Q0lwbNdNUtji5sxIiTIrasG5A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:48:09 2025 by rpki-client