Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: u5rxWqIu1urb9w5pRKSGC/coALuwfpp67uB9PuHXDd8=
Subject key identifier: 6A:5F:A1:BB:58:A8:54:02:8F:53:71:4B:97:A2:E4:CF:14:D5:42:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2AEFBD79AEA34DA37C31062EC4A8A21F2C6E836E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Fri 11 Jul 2025 21:01:12 +0000
ROA not before: Fri 11 Jul 2025 21:01:12 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:ef:bd:79:ae:a3:4d:a3:7c:31:06:2e:c4:a8:a2:1f:2c:6e:83:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:12 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f6607411a6883e62cc045de411cc3ddf71a8cf983db28814921e368934d8f4e6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:68:95:c0:e8:4e:75:c0:68:83:75:c6:a0:8a:
91:13:c8:d5:0e:4c:8d:99:cc:fd:c0:bc:33:2d:e0:
6c:22:a8:05:3d:85:29:46:53:17:f2:83:ce:75:84:
62:30:ab:52:2d:46:df:34:f1:3b:5f:91:fe:19:ce:
01:21:3c:08:33:b4:43:ae:e4:ac:56:95:6b:fc:8f:
85:61:0a:c3:f5:cc:7a:70:de:71:3b:2b:83:26:70:
f5:71:ee:9c:57:e5:fc:1b:d8:9c:ca:2a:03:be:43:
fb:e0:73:e1:31:12:b6:c6:b5:bc:a4:6e:8f:4c:59:
86:74:0b:7b:21:95:03:fa:9a:07:c4:8b:49:9b:91:
eb:d1:32:38:c1:75:de:ad:3e:d5:6a:ee:5f:b6:8d:
7e:84:3d:03:5a:ed:c3:12:be:b5:ac:e7:87:b5:07:
96:06:df:16:9f:91:a9:da:62:b3:be:0d:52:60:45:
82:1f:60:fc:88:81:0a:76:56:17:e7:a6:ec:63:7d:
6c:1c:93:b6:8b:8a:44:0f:7b:27:28:10:3d:26:de:
98:ab:c0:ba:ad:41:06:e2:c7:0d:eb:6d:71:03:ba:
9f:33:1d:a8:5e:35:6c:08:46:de:88:e5:51:28:ad:
3a:5d:4e:d8:bd:2c:3f:f5:d8:b8:3c:b3:aa:ce:87:
68:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5F:A1:BB:58:A8:54:02:8F:53:71:4B:97:A2:E4:CF:14:D5:42:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
38:ca:81:f2:1c:ef:b7:dc:07:40:20:2b:72:df:74:23:c9:bd:
80:25:f4:6c:5f:98:6e:93:49:46:cc:2e:bc:af:fe:90:82:c8:
6e:40:7a:61:9c:2a:a5:37:0b:e0:e9:e9:ec:ee:f6:bc:a4:a6:
2c:eb:bf:ec:45:e8:70:e6:db:9f:da:05:11:f1:9c:ac:1a:3f:
67:f7:da:09:89:5b:d5:a8:f3:17:ed:1b:c5:e6:34:1d:63:3f:
4d:9b:a2:20:8b:c3:9e:0e:6b:80:a3:ce:01:1d:43:62:11:b7:
50:ec:98:bb:69:15:79:b6:8a:c3:62:ae:1a:c4:a1:30:c2:20:
23:83:85:33:1a:e8:83:69:b6:0b:f2:3a:ea:06:a5:d3:9b:af:
ae:3c:91:5b:e9:99:bc:13:24:95:b9:ef:6e:f1:fe:09:69:73:
58:2c:11:32:df:7f:86:ba:80:c2:9d:2a:83:bb:ef:8a:4c:ae:
03:d7:ef:70:42:e0:29:3d:6a:75:03:08:29:6d:7a:0a:a8:c5:
62:de:58:fa:b1:e8:d7:00:20:39:71:5b:85:bc:d6:55:6a:2f:
c6:9e:c3:87:d0:10:d1:3d:0d:1f:44:9c:88:47:ed:5b:b8:e0:
bc:73:ed:6b:b9:a5:45:5b:8e:df:32:36:1a:80:a9:0b:a1:dd:
f1:2e:9d:7f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKu+9ea6jTaN8MQYuxKiiHyxug24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2NjA3NDExYTY4ODNlNjJjYzA0NWRlNDExY2MzZGRmNzFhOGNmOTgzZGIy
ODgxNDkyMWUzNjg5MzRkOGY0ZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIpolcDoTnXAaIN1xqCKkRPI1Q5MjZnM/cC8My3gbCKoBT2FKUZTF/KDznWE
YjCrUi1G3zTxO1+R/hnOASE8CDO0Q67krFaVa/yPhWEKw/XMenDecTsrgyZw9XHu
nFfl/BvYnMoqA75D++Bz4TEStsa1vKRuj0xZhnQLeyGVA/qaB8SLSZuR69EyOMF1
3q0+1WruX7aNfoQ9A1rtwxK+taznh7UHlgbfFp+Rqdpis74NUmBFgh9g/IiBCnZW
F+em7GN9bByTtouKRA97JygQPSbemKvAuq1BBuLHDettcQO6nzMdqF41bAhG3ojl
USitOl1O2L0sP/XYuDyzqs6HaD8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqX6G7
WKhUAo9TcUuXouTPFNVC9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQA4yoHyHO+33AdAICty33Qjyb2AJfRsX5huk0lGzC68
r/6QgshuQHphnCqlNwvg6ens7va8pKYs67/sRehw5tuf2gUR8ZysGj9n99oJiVvV
qPMX7RvF5jQdYz9Nm6Igi8OeDmuAo84BHUNiEbdQ7Ji7aRV5torDYq4axKEwwiAj
g4UzGuiDabYL8jrqBqXTm6+uPJFb6Zm8EySVue9u8f4JaXNYLBEy33+GuoDCnSqD
u++KTK4D1+9wQuApPWp1AwgpbXoKqMVi3lj6sejXACA5cVuFvNZVai/GnsOH0BDR
PQ0fRJyIR+1buOC8c+1ruaVFW47fMjYagKkLod3xLp1/
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:33:17 2025 by rpki-client