Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: 1U8TtJWS26pSJA4EE3XLStLpsfoMP4CXnEsUyIXQg3Y=
Subject key identifier: FE:76:DC:4C:BA:B4:CD:A0:CF:D9:D3:CA:B3:E0:F1:A7:B1:E0:AF:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 336E8681EAA41FEC1CFB9EE02CFC078A4E902244
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Fri 11 Jul 2025 21:00:14 +0000
ROA not before: Fri 11 Jul 2025 21:00:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:6e:86:81:ea:a4:1f:ec:1c:fb:9e:e0:2c:fc:07:8a:4e:90:22:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c59be62e5e06f652e3d4c849f6be6c32efe82caa985077b374a8c33cf86457c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e3:ef:0f:97:b7:37:7c:44:a9:1d:3d:d1:51:
0b:83:89:64:fc:47:c0:f1:fc:fc:43:6b:65:25:1c:
b7:9d:48:4e:c4:22:37:d7:8f:09:66:47:3e:15:74:
1e:8d:bd:6a:34:9b:3a:dc:5f:9c:a4:ce:60:d3:c0:
0e:8d:9c:c1:ed:b4:e7:30:c3:d7:3d:f7:aa:bb:b2:
4d:3a:55:1e:d5:16:5f:2f:ef:3a:6f:91:b4:20:2f:
4d:30:69:f6:7b:ff:bd:6a:39:2d:d6:09:36:ca:02:
2f:db:29:38:3b:b4:58:76:3d:c2:0b:a9:2d:94:3b:
ba:6c:4d:11:66:d1:6d:07:fb:05:a6:09:9c:a0:68:
88:74:96:55:19:1f:2b:69:fc:7e:89:d4:66:9d:8a:
bb:45:25:fc:c6:48:80:1d:fe:fd:5d:09:63:c5:aa:
3e:52:ed:55:ba:3b:70:3b:d9:7e:9d:eb:aa:98:9f:
b1:5c:d6:5b:04:8f:88:86:b3:a5:48:f1:d6:ff:34:
05:4a:bb:b2:e0:51:d2:32:0d:40:17:37:d0:7d:61:
d1:0f:df:92:67:6d:7f:cd:1d:ab:5c:da:bd:ab:79:
2d:ba:f1:23:0e:1b:d6:d7:d4:09:15:39:b3:5c:51:
fc:b2:6f:c6:04:5e:da:f7:5c:a9:b3:52:d5:8e:bd:
db:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:76:DC:4C:BA:B4:CD:A0:CF:D9:D3:CA:B3:E0:F1:A7:B1:E0:AF:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:0f:da:a4:0e:16:28:71:03:1c:ab:f3:e8:c8:d2:2c:da:84:
37:25:09:3c:50:4c:28:c4:f9:a9:41:83:2d:e8:d7:cf:5c:22:
9b:97:39:8c:02:2d:20:f6:19:4e:35:d2:99:a0:b1:51:c1:13:
1c:0c:f0:77:37:4a:df:8b:c1:fc:f8:1a:31:09:18:db:28:6f:
da:2a:50:21:0b:ba:0c:14:47:8b:f7:05:e5:1c:f3:6d:4f:4d:
ef:18:1d:b4:03:23:42:1c:ea:e8:dc:16:e6:31:5f:12:f1:ea:
c8:9a:e1:43:94:e2:bf:ed:46:25:d7:6a:11:1a:5f:b7:5d:71:
16:12:40:9a:58:70:71:3a:3d:b3:4a:c1:1f:31:aa:b1:72:d0:
03:53:a7:db:1d:76:dc:b4:46:8f:e1:38:c3:df:74:c0:17:0e:
a9:b2:d0:9d:1a:06:4a:e5:bb:cf:0f:c6:f7:a1:ef:56:c1:5e:
e1:05:c9:ba:e6:58:75:88:99:c6:3d:3f:73:dd:33:3d:56:01:
1d:1c:28:7b:66:c1:6c:1e:37:37:4d:a2:5c:42:5f:ff:bf:d3:
8a:06:d5:71:cd:96:54:b2:1f:c5:a2:a6:4c:36:49:8f:a5:9c:
71:e0:9d:eb:5f:87:da:7a:e7:57:9d:f8:c7:79:76:c0:b9:83:
d6:b9:32:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM26GgeqkH+wc+57gLPwHik6QIkQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1OWJlNjJlNWUwNmY2NTJlM2Q0Yzg0OWY2YmU2YzMyZWZlODJjYWE5ODUw
NzdiMzc0YThjMzNjZjg2NDU3YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfj7w+Xtzd8RKkdPdFRC4OJZPxHwPH8/ENrZSUct51ITsQiN9ePCWZHPhV0
Ho29ajSbOtxfnKTOYNPADo2cwe205zDD1z33qruyTTpVHtUWXy/vOm+RtCAvTTBp
9nv/vWo5LdYJNsoCL9spODu0WHY9wgupLZQ7umxNEWbRbQf7BaYJnKBoiHSWVRkf
K2n8fonUZp2Ku0Ul/MZIgB3+/V0JY8WqPlLtVbo7cDvZfp3rqpifsVzWWwSPiIaz
pUjx1v80BUq7suBR0jINQBc30H1h0Q/fkmdtf80dq1zavat5LbrxIw4b1tfUCRU5
s1xR/LJvxgRe2vdcqbNS1Y692zECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+dtxM
urTNoM/Z08qz4PGnseCvfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQCdD9qkDhYocQMcq/PoyNIs2oQ3JQk8UEwoxPmpQYMt
6NfPXCKblzmMAi0g9hlONdKZoLFRwRMcDPB3N0rfi8H8+BoxCRjbKG/aKlAhC7oM
FEeL9wXlHPNtT03vGB20AyNCHOro3BbmMV8S8erImuFDlOK/7UYl12oRGl+3XXEW
EkCaWHBxOj2zSsEfMaqxctADU6fbHXbctEaP4TjD33TAFw6pstCdGgZK5bvPD8b3
oe9WwV7hBcm65lh1iJnGPT9z3TM9VgEdHCh7ZsFsHjc3TaJcQl//v9OKBtVxzZZU
sh/FoqZMNkmPpZxx4J3rX4faeudXnfjHeXbAuYPWuTL3
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:42:06 2025 by rpki-client