Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: HCUNxrLD2zrmtqIYgB6ozHVX6FNzX0u6LsXZcCJS3tg=
Subject key identifier: 95:96:CF:49:A0:C4:58:4E:98:58:5B:A7:D0:37:F8:9B:1F:AE:61:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40A5CAEBD240E0A98A92053B9E10D0973A179877
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Fri 11 Jul 2025 21:00:20 +0000
ROA not before: Fri 11 Jul 2025 21:00:20 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:a5:ca:eb:d2:40:e0:a9:8a:92:05:3b:9e:10:d0:97:3a:17:98:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:20 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=09110c02ed3dd5da51c217e21952b2f84816f884e90ede0d5719ea764c0289d1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:59:1d:e8:2c:3d:f7:30:a6:b5:31:ee:e6:b5:
f2:01:c2:26:ce:a6:a8:fc:84:2a:b0:c9:40:1c:9c:
e2:04:20:da:fb:e6:16:d1:45:f3:25:9b:bf:f3:bb:
87:48:87:a8:16:53:6b:40:ed:83:e5:03:43:33:34:
20:56:28:01:44:7b:3e:d5:03:8f:81:36:05:da:8d:
15:70:59:d9:6f:12:90:33:e8:7b:f9:75:64:63:fe:
72:cb:bf:42:1c:89:94:e8:98:1c:f5:7e:0a:c9:f4:
f6:64:59:80:cb:2d:f9:c2:36:81:f7:23:e2:f6:e1:
3c:22:9a:e6:c1:63:76:e5:e2:91:cc:06:00:fd:44:
eb:2b:5c:97:54:a4:96:2e:c9:c4:0c:3d:cc:0a:f3:
cf:ba:99:80:e8:c0:9a:9d:3f:3a:96:2c:41:94:bc:
24:13:c4:06:11:e7:1b:38:f4:4a:85:07:44:cb:c1:
48:6c:c2:a0:1b:e2:70:f1:e9:46:b2:84:d9:a1:e2:
f8:97:03:6a:e1:f7:85:d1:14:3f:67:41:f9:da:35:
66:7a:8f:9d:a3:3e:9f:a2:bb:be:3f:da:8f:3a:bb:
c3:11:9d:dc:56:91:f1:8a:9c:7a:fe:05:a3:fc:35:
0f:01:bc:08:86:ac:d6:9f:c1:f1:bf:c6:97:8f:9c:
30:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:96:CF:49:A0:C4:58:4E:98:58:5B:A7:D0:37:F8:9B:1F:AE:61:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
13:75:42:a8:29:9b:b2:b7:42:2f:b6:49:8c:12:02:18:fd:24:
53:33:31:3a:c6:bf:eb:0c:1f:40:1a:c0:87:78:e2:65:53:b8:
5c:06:5e:3b:51:8f:57:32:f7:ef:d3:ab:96:96:dd:e6:50:95:
4b:39:2b:d2:34:86:21:9d:09:58:d7:be:0a:fc:10:c3:6d:d0:
6a:d7:89:40:69:23:97:21:ac:7d:9e:5b:58:90:cf:62:94:11:
93:84:40:55:11:2f:ef:a7:16:dc:be:aa:64:97:e6:8a:70:d3:
d0:a3:0b:ce:9a:ee:cb:5d:0e:f0:19:b2:5e:5a:9b:44:75:9a:
29:e7:4b:9c:99:ef:05:08:66:4d:b4:8f:2a:c9:6d:80:32:73:
e6:b6:62:06:e9:84:e2:f7:fe:a9:18:88:32:6d:29:6b:95:49:
92:65:07:f0:db:81:0e:9d:63:95:a4:b1:13:a4:1c:5b:95:0e:
56:f9:02:a2:d5:61:fb:44:a3:52:95:5f:28:a1:ea:cc:85:4b:
fc:dc:2d:02:6e:dd:0a:b0:6d:f6:af:c5:39:72:d1:8e:58:56:
a3:d8:03:43:75:df:3e:8b:28:a3:2f:25:bb:6f:15:4c:ff:86:
1c:3a:f8:ec:ba:17:b6:9c:c4:06:0a:b0:c4:74:9f:03:2d:93:
68:56:59:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQKXK69JA4KmKkgU7nhDQlzoXmHcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMjBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5MTEwYzAyZWQzZGQ1ZGE1MWMyMTdlMjE5NTJiMmY4NDgxNmY4ODRlOTBl
ZGUwZDU3MTllYTc2NGMwMjg5ZDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBZHegsPfcwprUx7ua18gHCJs6mqPyEKrDJQByc4gQg2vvmFtFF8yWbv/O7
h0iHqBZTa0Dtg+UDQzM0IFYoAUR7PtUDj4E2BdqNFXBZ2W8SkDPoe/l1ZGP+csu/
QhyJlOiYHPV+Csn09mRZgMst+cI2gfcj4vbhPCKa5sFjduXikcwGAP1E6ytcl1Sk
li7JxAw9zArzz7qZgOjAmp0/OpYsQZS8JBPEBhHnGzj0SoUHRMvBSGzCoBvicPHp
RrKE2aHi+JcDauH3hdEUP2dB+do1ZnqPnaM+n6K7vj/ajzq7wxGd3FaR8Yqcev4F
o/w1DwG8CIas1p/B8b/Gl4+cMB8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSVls9J
oMRYTphYW6fQN/ibH65hjzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQATdUKoKZuyt0IvtkmMEgIY/SRTMzE6xr/rDB9AGsCH
eOJlU7hcBl47UY9XMvfv06uWlt3mUJVLOSvSNIYhnQlY174K/BDDbdBq14lAaSOX
Iax9nltYkM9ilBGThEBVES/vpxbcvqpkl+aKcNPQowvOmu7LXQ7wGbJeWptEdZop
50ucme8FCGZNtI8qyW2AMnPmtmIG6YTi9/6pGIgybSlrlUmSZQfw24EOnWOVpLET
pBxblQ5W+QKi1WH7RKNSlV8ooerMhUv83C0Cbt0KsG32r8U5ctGOWFaj2ANDdd8+
iyijLyW7bxVM/4YcOvjsuhe2nMQGCrDEdJ8DLZNoVlnG
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:40:13 2025 by rpki-client