Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
File: 87cbc454-e777-437d-a43a-911995d2a7ce.roa (raw, json)
Hash identifier: 6mWwYLsYPsGcwA8nsc5xnD/E0php07OyCayHEmDerRk=
Subject key identifier: 6A:B4:1C:8A:B4:AF:29:5A:43:1C:5A:0C:A7:D5:C3:21:1C:70:8A:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 632D946FA41B1F206C13A977D281551D035914A9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
Signing time: Mon 14 Jul 2025 15:40:11 +0000
ROA not before: Mon 14 Jul 2025 15:40:11 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:2d:94:6f:a4:1b:1f:20:6c:13:a9:77:d2:81:55:1d:03:59:14:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:11 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=c762ffdc88154153b2c9450aaa6545a6a62c0399b850475fcbc77a47db33a20a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:02:52:e3:fc:2e:85:4c:92:8e:ac:eb:b8:24:
43:6b:98:cf:3f:01:7c:9b:21:90:f0:09:a0:61:6a:
d4:be:8a:d1:c0:1f:34:0b:46:20:38:fb:8b:66:03:
4b:07:49:b1:4a:28:93:5f:e7:64:d1:b1:c7:ee:fa:
08:c1:2e:fa:13:71:eb:d8:ee:6a:ea:2e:aa:42:85:
69:e6:ca:7c:2f:29:89:de:ec:93:57:f5:c5:25:35:
49:f3:b4:df:14:cc:91:3c:19:21:7d:24:b8:1d:05:
b4:0c:b0:53:0c:a2:83:31:42:a7:c0:fa:f7:83:8d:
1d:f8:d1:ca:3e:f1:75:76:52:94:21:b3:79:ec:31:
d0:14:a8:39:7f:b0:84:72:71:a7:ca:82:d5:d9:05:
31:b9:db:b0:19:9f:27:aa:96:0e:7c:2c:33:71:ea:
bb:b2:b2:d0:0d:2d:0f:d0:f7:50:94:60:8a:35:76:
61:13:14:59:43:2b:30:43:0f:d8:88:be:28:e6:ad:
b7:91:5a:33:30:21:2b:9e:93:93:4d:4f:c3:23:4e:
d4:c0:ab:28:fa:a0:fa:a2:4f:5b:1f:e1:db:fe:f2:
37:02:ff:b7:5e:89:8c:c5:b3:43:f5:70:9b:d0:c8:
f5:b8:33:90:2d:c3:25:f1:dd:59:ca:87:00:f1:ae:
db:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B4:1C:8A:B4:AF:29:5A:43:1C:5A:0C:A7:D5:C3:21:1C:70:8A:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:6a:2a:6b:e8:9e:02:f7:6b:93:8f:0f:77:1b:10:d7:f3:c1:
12:b8:79:db:ae:c8:f5:32:ee:71:9b:28:5d:c6:80:5d:a7:af:
eb:b6:fd:d2:2b:8d:54:36:9d:f6:c3:59:f7:84:a9:f7:34:6b:
bb:a1:ad:88:7b:26:cc:2c:eb:51:30:a8:c4:76:07:15:ec:53:
68:1d:b5:a2:59:fc:9a:ce:2a:55:64:00:71:8d:a5:0b:c2:fb:
27:e5:f6:75:15:5e:a1:eb:0b:66:4e:93:11:1c:0f:92:5d:2d:
9f:1c:78:11:f5:e3:50:bf:c0:b2:f8:90:24:85:64:d7:a7:bb:
ec:30:93:cd:0e:b9:da:77:39:f6:71:aa:48:0f:1f:c6:60:0b:
38:2e:32:93:32:f1:81:5b:31:2c:2a:3a:6c:c0:06:df:9a:6d:
e6:7d:1c:70:fc:d4:e9:1a:62:48:40:85:70:dd:c9:8d:8b:ae:
10:18:e0:6b:82:69:7e:14:f3:67:d2:5c:0f:dd:78:1c:8c:f8:
04:63:b2:0b:59:cb:ff:05:9d:9b:cc:02:b1:d7:08:c3:4d:3d:
62:e8:1a:65:0f:bc:0b:2d:dd:6a:d7:82:0c:87:b7:d8:72:1a:
dd:13:26:0b:1c:f6:f1:97:26:e2:1c:3a:af:24:7e:dd:9e:f9:
b9:9e:2b:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYy2Ub6QbHyBsE6l30oFVHQNZFKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMTFaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3NjJmZmRjODgxNTQxNTNiMmM5NDUwYWFhNjU0NWE2YTYyYzAzOTliODUw
NDc1ZmNiYzc3YTQ3ZGIzM2EyMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgCUuP8LoVMko6s67gkQ2uYzz8BfJshkPAJoGFq1L6K0cAfNAtGIDj7i2YD
SwdJsUook1/nZNGxx+76CMEu+hNx69juauouqkKFaebKfC8pid7sk1f1xSU1SfO0
3xTMkTwZIX0kuB0FtAywUwyigzFCp8D694ONHfjRyj7xdXZSlCGzeewx0BSoOX+w
hHJxp8qC1dkFMbnbsBmfJ6qWDnwsM3Hqu7Ky0A0tD9D3UJRgijV2YRMUWUMrMEMP
2Ii+KOatt5FaMzAhK56Tk01PwyNO1MCrKPqg+qJPWx/h2/7yNwL/t16JjMWzQ/Vw
m9DI9bgzkC3DJfHdWcqHAPGu2/cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqtByK
tK8pWkMcWgyn1cMhHHCKQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODdjYmM0NTQtZTc3Ny00MzdkLWE0M2EtOTExOTk1ZDJhN2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G
CSqGSIb3DQEBCwUAA4IBAQA6aipr6J4C92uTjw93GxDX88ESuHnbrsj1Mu5xmyhd
xoBdp6/rtv3SK41UNp32w1n3hKn3NGu7oa2IeybMLOtRMKjEdgcV7FNoHbWiWfya
zipVZABxjaULwvsn5fZ1FV6h6wtmTpMRHA+SXS2fHHgR9eNQv8Cy+JAkhWTXp7vs
MJPNDrnadzn2capIDx/GYAs4LjKTMvGBWzEsKjpswAbfmm3mfRxw/NTpGmJIQIVw
3cmNi64QGOBrgml+FPNn0lwP3XgcjPgEY7ILWcv/BZ2bzAKx1wjDTT1i6BplD7wL
Ld1q14IMh7fYchrdEyYLHPbxlybiHDqvJH7dnvm5niua
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:48:32 2025 by rpki-client