Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: cOXaiYz10R5ATlSUQ7I25KJaaiVz3oTUhqerx7RHBSs=
Subject key identifier: 4F:B9:93:7E:2A:71:6E:78:51:77:0B:9E:34:7B:F4:F5:27:57:8D:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D5CD97C99815DEEFC41F565E60446A8C3CD9EF7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Mon 14 Jul 2025 15:30:47 +0000
ROA not before: Mon 14 Jul 2025 15:30:47 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:5c:d9:7c:99:81:5d:ee:fc:41:f5:65:e6:04:46:a8:c3:cd:9e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:47 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=63b81b268dd476031cbde809130ed1840092106ef17aa7add60de49fbaf32b36, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8c:14:82:06:cd:77:1d:05:a3:f9:1c:ac:70:
54:3e:ba:1f:8d:ee:9f:ac:dc:5d:9a:b0:ec:e0:d5:
d3:9f:f2:36:d2:e7:fa:90:f9:e0:84:f7:ee:3b:84:
ec:1b:83:ce:54:c6:85:e4:e7:9b:53:af:59:f9:14:
b1:b4:e8:12:55:c7:3b:b3:3c:04:a6:e3:f7:98:20:
fc:2b:c5:ea:25:3c:f5:c3:7e:72:c9:94:ca:08:3a:
45:29:d4:88:10:76:9a:e2:ab:75:a5:f9:92:61:41:
57:49:7a:01:c7:ac:cb:3d:42:40:90:ee:31:87:3e:
68:32:11:03:95:16:16:a4:7a:6e:3f:cd:cb:7f:37:
a9:03:0f:ba:b2:1f:3a:e7:a3:08:2e:1e:3d:17:58:
58:ab:f1:f1:76:aa:b3:83:af:44:e6:bd:98:6f:00:
2f:f6:58:3c:5c:d8:c9:18:89:8e:f1:9c:bc:49:e6:
23:b3:50:d3:2e:d3:ec:58:71:67:4f:04:88:6e:0b:
2a:96:0d:e4:68:44:67:96:3f:35:06:9a:26:08:9b:
14:5e:f9:04:3f:a7:a8:e7:3a:5d:0f:3d:e2:c7:6b:
12:51:f8:d7:8e:78:da:b5:ac:c7:28:dc:13:8b:39:
eb:0d:a7:d3:a3:28:11:36:bf:72:7f:dd:f0:e5:4b:
75:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B9:93:7E:2A:71:6E:78:51:77:0B:9E:34:7B:F4:F5:27:57:8D:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:19:f7:90:90:e9:a9:ef:8d:28:ad:2c:69:77:71:cc:0a:c5:
6a:de:dc:d7:3e:86:50:1f:ae:53:30:83:dd:c2:89:3d:a6:db:
71:21:09:f9:fc:a2:73:01:3e:2c:2e:72:11:0c:8b:db:47:35:
65:b8:d3:6a:f6:f1:01:31:83:17:05:96:81:1d:22:c8:7c:d0:
fd:cb:7d:a5:99:f6:d3:64:ec:ea:98:ba:b5:8b:32:1a:b8:d4:
30:8b:b4:11:b7:91:1f:3d:62:0b:5a:a7:af:d6:e7:4b:b9:d5:
11:ad:bf:cb:ec:90:6a:c6:56:cb:4b:b8:85:c7:73:0b:de:28:
c6:0f:10:f5:92:8a:ac:b1:1c:e0:01:1c:43:07:3f:64:f3:9d:
3a:99:6f:ee:c2:87:32:a8:82:f6:e8:9d:8a:ed:af:4a:ee:70:
ea:d6:ce:72:bf:d1:ee:d0:25:46:77:7a:1a:97:1a:17:a0:21:
56:22:da:42:25:27:0b:f0:7e:87:fd:94:db:3c:d5:5c:b4:ad:
b3:89:8a:d2:55:b7:90:52:8b:0e:69:d3:b4:e3:81:e3:3b:51:
2b:7a:3a:52:35:5f:e8:22:b2:bd:bb:fa:43:0d:97:fb:2d:b5:
0e:d7:f6:ca:9f:ed:90:b4:7a:33:68:1f:a9:f9:c8:96:41:e3:
84:62:5d:c1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDVzZfJmBXe78QfVl5gRGqMPNnvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwNDdaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzYjgxYjI2OGRkNDc2MDMxY2JkZTgwOTEzMGVkMTg0MDA5MjEwNmVmMTdh
YTdhZGQ2MGRlNDlmYmFmMzJiMzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWMFIIGzXcdBaP5HKxwVD66H43un6zcXZqw7ODV05/yNtLn+pD54IT37juE
7BuDzlTGheTnm1OvWfkUsbToElXHO7M8BKbj95gg/CvF6iU89cN+csmUygg6RSnU
iBB2muKrdaX5kmFBV0l6Acesyz1CQJDuMYc+aDIRA5UWFqR6bj/Ny383qQMPurIf
OuejCC4ePRdYWKvx8Xaqs4OvROa9mG8AL/ZYPFzYyRiJjvGcvEnmI7NQ0y7T7Fhx
Z08EiG4LKpYN5GhEZ5Y/NQaaJgibFF75BD+nqOc6XQ894sdrElH414542rWsxyjc
E4s56w2n06MoETa/cn/d8OVLdf8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRPuZN+
KnFueFF3C540e/T1J1eNLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEACxn3kJDpqe+NKK0saXdxzArFat7c1z6GUB+uUzCD
3cKJPabbcSEJ+fyicwE+LC5yEQyL20c1ZbjTavbxATGDFwWWgR0iyHzQ/ct9pZn2
02Ts6pi6tYsyGrjUMIu0EbeRHz1iC1qnr9bnS7nVEa2/y+yQasZWy0u4hcdzC94o
xg8Q9ZKKrLEc4AEcQwc/ZPOdOplv7sKHMqiC9uidiu2vSu5w6tbOcr/R7tAlRnd6
GpcaF6AhViLaQiUnC/B+h/2U2zzVXLSts4mK0lW3kFKLDmnTtOOB4ztRK3o6UjVf
6CKyvbv6Qw2X+y21Dtf2yp/tkLR6M2gfqfnIlkHjhGJdwQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:36:08 2025 by rpki-client