Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: HA2gRkOFjUfDWG+YGV+PmqC24NBKOxEcqCXZ64RwpNU=
Subject key identifier: 19:4A:2C:C4:D0:8B:F6:6A:6B:CA:0B:04:14:A5:D3:FE:69:0D:24:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23661B1DEF79258C41845212D8DEF61317BC0E82
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Tue 05 Aug 2025 20:30:42 +0000
ROA not before: Tue 05 Aug 2025 20:30:42 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:66:1b:1d:ef:79:25:8c:41:84:52:12:d8:de:f6:13:17:bc:0e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:42 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=14f202478e73222c49583f094c193f4a7cfc6ce6c17611b18b86e4eddbf374e1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a3:7b:d0:3b:4f:51:6c:f8:75:63:5e:cd:40:
c8:81:25:30:ba:ab:32:08:39:d8:be:d6:5f:9d:a6:
f4:4a:66:8c:a6:0a:24:90:2d:96:8b:6e:43:ce:c3:
50:00:97:5e:96:a7:a7:29:9d:e3:1f:f7:93:2c:c7:
ad:98:37:08:4b:35:ec:9d:45:4b:66:f5:b0:81:21:
a0:df:d8:11:82:68:cf:05:e4:9f:7e:be:5a:ab:57:
5f:bf:3f:dd:b6:55:fc:2a:2a:e7:8f:1e:f3:26:9a:
a2:ee:37:27:6e:89:dc:7e:97:86:c7:40:2b:b5:f0:
54:a9:0b:3e:6d:60:2f:3a:42:59:6d:22:9e:22:fb:
ab:b0:f7:d6:fc:b3:f2:3e:82:0e:38:e5:93:d0:fe:
ad:dc:94:66:01:7f:b2:f9:d2:32:49:a1:b8:76:84:
03:0d:36:a2:c0:40:c0:4a:9f:8d:98:3c:13:fa:71:
56:4f:99:17:6a:d0:73:91:3b:7d:db:a6:5b:9c:7b:
4b:6c:27:a7:b0:99:89:b3:b6:d5:8f:69:a9:95:3f:
78:79:3d:0a:d9:f2:3a:72:fc:ca:89:f9:6e:cd:7d:
d9:18:1a:96:85:12:3e:ad:75:5b:f4:1f:f3:1b:9b:
a6:9f:eb:4e:69:1e:32:56:85:6a:a5:52:f1:c1:11:
65:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:4A:2C:C4:D0:8B:F6:6A:6B:CA:0B:04:14:A5:D3:FE:69:0D:24:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:79:f9:9b:92:52:3d:39:03:2e:57:e9:78:7c:ef:90:c0:ee:
a3:5e:fe:d9:52:cb:a4:45:e4:db:9a:c6:66:93:7a:18:a6:4b:
ba:cc:cb:7e:a5:a6:a6:24:79:c1:af:a8:de:b1:d4:5a:56:4a:
7a:10:c8:01:ea:bd:35:19:e8:4a:ed:ac:37:d9:97:31:6f:a9:
69:28:b0:61:fc:0b:b1:75:2e:30:40:fe:4c:f5:64:9a:7b:eb:
0b:cc:fe:b9:f3:65:27:dc:17:41:dd:87:89:dc:d0:ef:2b:91:
ff:d2:b4:3e:32:cb:b2:64:bb:3f:64:48:67:43:62:f9:ec:99:
0e:15:ce:61:6e:47:fd:07:c3:f0:11:35:4d:bd:b0:16:ac:be:
8e:1b:a4:a4:fc:ab:fa:36:3c:7e:5b:c4:d7:0a:0e:19:30:84:
83:0b:de:07:d1:15:b8:31:97:e1:f6:dd:a4:e1:0c:e8:e2:b9:
c6:36:99:74:f5:ec:7d:81:75:02:70:fb:a9:d0:64:8b:af:1b:
45:cc:83:6d:0b:03:a7:8c:c8:e0:1f:62:29:65:1d:ad:42:b4:
50:ed:7f:a3:3e:22:05:88:c8:76:b8:53:d9:92:14:a8:e8:c7:
6a:cd:c3:ac:af:74:39:78:da:69:8f:c0:e8:05:38:ef:c4:b6:
59:8a:2f:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI2YbHe95JYxBhFIS2N72Exe8DoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwNDJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ZjIwMjQ3OGU3MzIyMmM0OTU4M2YwOTRjMTkzZjRhN2NmYzZjZTZjMTc2
MTFiMThiODZlNGVkZGJmMzc0ZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6je9A7T1Fs+HVjXs1AyIElMLqrMgg52L7WX52m9EpmjKYKJJAtlotuQ87D
UACXXpanpymd4x/3kyzHrZg3CEs17J1FS2b1sIEhoN/YEYJozwXkn36+WqtXX78/
3bZV/Coq548e8yaaou43J26J3H6XhsdAK7XwVKkLPm1gLzpCWW0iniL7q7D31vyz
8j6CDjjlk9D+rdyUZgF/svnSMkmhuHaEAw02osBAwEqfjZg8E/pxVk+ZF2rQc5E7
fdumW5x7S2wnp7CZibO21Y9pqZU/eHk9CtnyOnL8yon5bs192RgaloUSPq11W/Qf
8xubpp/rTmkeMlaFaqVS8cERZWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQZSizE
0Iv2amvKCwQUpdP+aQ0k6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQBmefmbklI9OQMuV+l4fO+QwO6jXv7ZUsukReTbmsZm
k3oYpku6zMt+paamJHnBr6jesdRaVkp6EMgB6r01GehK7aw32Zcxb6lpKLBh/Aux
dS4wQP5M9WSae+sLzP6582Un3BdB3YeJ3NDvK5H/0rQ+MsuyZLs/ZEhnQ2L57JkO
Fc5hbkf9B8PwETVNvbAWrL6OG6Sk/Kv6Njx+W8TXCg4ZMISDC94H0RW4MZfh9t2k
4Qzo4rnGNpl09ex9gXUCcPup0GSLrxtFzINtCwOnjMjgH2IpZR2tQrRQ7X+jPiIF
iMh2uFPZkhSo6MdqzcOsr3Q5eNppj8DoBTjvxLZZii9+
-----END CERTIFICATE-----
Generated at Wed Aug 6 06:04:47 2025 by rpki-client