Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json)
Hash identifier: 4XoUFCKEELu9Q3niiagDUL9VzG9KsmyGqGmfMIvdeEQ=
Subject key identifier: AF:30:D7:8A:7A:2D:33:16:2D:A2:6E:16:00:B5:10:B7:17:14:36:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37906EAD9F782F6884631651D7BEF5A0193258A1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
Signing time: Mon 14 Jul 2025 15:30:50 +0000
ROA not before: Mon 14 Jul 2025 15:30:50 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:90:6e:ad:9f:78:2f:68:84:63:16:51:d7:be:f5:a0:19:32:58:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:50 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=692805cc3a17939c86c19919911a99480d0bf85a3444987b4f99fb24c4d46f3c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:7d:ca:1a:9b:a4:2d:c5:8e:79:7d:d3:46:
4d:ae:b3:32:70:01:1a:3b:fa:0b:7f:b3:6f:1d:a8:
e3:2c:dd:b9:8e:83:c3:8f:83:0b:ef:f3:55:e2:a1:
fe:87:eb:85:44:bc:ac:aa:5b:8e:6d:e8:d9:13:83:
d9:8a:38:5d:c0:5a:d8:01:cd:5f:ee:69:78:5c:e5:
1d:b3:58:40:39:51:77:18:f2:2d:06:37:42:16:73:
82:3a:f3:df:e5:1d:3f:cf:56:5c:ad:f5:cc:30:15:
44:dc:7e:c1:35:54:8e:bb:87:f5:46:eb:90:51:11:
38:83:b5:b9:5f:6d:e7:2f:0f:33:56:11:98:5d:e8:
1b:5b:73:ea:51:22:e0:1f:23:cf:3e:f7:eb:f8:2f:
73:ba:2f:99:5e:e0:d9:6b:c5:4c:49:b7:42:69:3b:
83:df:01:9d:ba:91:5a:53:6a:dd:b5:f9:eb:47:e6:
f7:00:fb:06:cd:86:53:03:47:8a:4a:de:8f:98:cc:
bf:0b:ab:01:99:59:22:b5:13:1c:1b:49:63:3f:aa:
1d:52:1a:c3:e7:90:02:ca:1a:ef:f5:d8:1d:c1:14:
91:b3:dd:ca:61:d8:26:bb:c9:5d:b1:16:cb:fe:f5:
a6:8f:69:f7:f4:e4:12:24:04:4e:4e:8f:ff:27:1b:
d5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:30:D7:8A:7A:2D:33:16:2D:A2:6E:16:00:B5:10:B7:17:14:36:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
63:1d:13:c2:2e:41:cd:05:76:89:a5:d3:2e:bb:21:11:59:0a:
de:38:b3:33:40:5f:d6:27:0f:0a:31:7d:60:cb:92:63:7e:e7:
4f:fd:34:91:bc:95:eb:7e:97:fb:79:ed:f5:4c:cb:33:59:dc:
a9:c6:27:ae:32:7d:27:eb:aa:a8:90:b3:f4:6f:f4:a0:d4:05:
7e:ae:d2:f5:7f:37:73:c2:4d:ad:3c:e1:55:f4:9a:2a:bd:b8:
62:a0:99:22:72:cf:b1:80:22:bb:78:d5:18:15:f6:47:17:13:
36:d4:19:6f:31:8f:4a:35:be:6f:f7:b6:0d:73:fe:0b:55:af:
91:a4:43:8c:d7:08:54:b1:03:51:e7:ad:67:a2:bc:a8:15:45:
03:20:7f:1a:3d:49:d5:46:ef:a3:91:51:e6:a3:88:7d:88:8e:
59:c1:c0:b0:4f:7c:69:0d:40:e7:fa:1d:e7:17:91:92:03:c2:
8b:1d:04:57:0d:f5:3b:f2:ce:c4:4f:23:db:81:dc:9a:73:44:
0c:17:a0:2d:88:82:92:6e:1d:3d:a5:61:33:8a:07:28:7d:32:
33:a9:1a:34:33:43:1a:52:99:e3:dc:ec:77:77:ea:1f:b4:bf:
d8:bf:9d:17:cd:33:fb:60:6b:4d:ba:04:38:86:a2:b6:54:0c:
96:dc:46:89
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN5BurZ94L2iEYxZR1771oBkyWKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwNTBaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5MjgwNWNjM2ExNzkzOWM4NmMxOTkxOTkxMWE5OTQ4MGQwYmY4NWEzNDQ0
OTg3YjRmOTlmYjI0YzRkNDZmM2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALg1fcoam6QtxY55fdNGTa6zMnABGjv6C3+zbx2o4yzduY6Dw4+DC+/zVeKh
/ofrhUS8rKpbjm3o2ROD2Yo4XcBa2AHNX+5peFzlHbNYQDlRdxjyLQY3QhZzgjrz
3+UdP89WXK31zDAVRNx+wTVUjruH9UbrkFEROIO1uV9t5y8PM1YRmF3oG1tz6lEi
4B8jzz736/gvc7ovmV7g2WvFTEm3Qmk7g98BnbqRWlNq3bX560fm9wD7Bs2GUwNH
ikrej5jMvwurAZlZIrUTHBtJYz+qHVIaw+eQAsoa7/XYHcEUkbPdymHYJrvJXbEW
y/71po9p9/TkEiQETk6P/ycb1RsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSvMNeK
ei0zFi2ibhYAtRC3FxQ2SzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAYx0Twi5BzQV2iaXTLrshEVkK3jizM0Bf1icPCjF9
YMuSY37nT/00kbyV636X+3nt9UzLM1ncqcYnrjJ9J+uqqJCz9G/0oNQFfq7S9X83
c8JNrTzhVfSaKr24YqCZInLPsYAiu3jVGBX2RxcTNtQZbzGPSjW+b/e2DXP+C1Wv
kaRDjNcIVLEDUeetZ6K8qBVFAyB/Gj1J1Ubvo5FR5qOIfYiOWcHAsE98aQ1A5/od
5xeRkgPCix0EVw31O/LOxE8j24HcmnNEDBegLYiCkm4dPaVhM4oHKH0yM6kaNDND
GlKZ49zsd3fqH7S/2L+dF80z+2BrTboEOIaitlQMltxGiQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:42:45 2025 by rpki-client