Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: biB8c9sEZrcxzQ90AcXRqB/tCraEELKk4Ntwh5DHtes=
Subject key identifier: C1:EA:43:5E:1A:CE:A8:CF:B9:25:E1:A8:57:1D:39:D5:5B:8F:23:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6357F53ED8B2EAC9ABF4CAE25543A0AEE4C967A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Mon 14 Jul 2025 15:30:45 +0000
ROA not before: Mon 14 Jul 2025 15:30:45 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:57:f5:3e:d8:b2:ea:c9:ab:f4:ca:e2:55:43:a0:ae:e4:c9:67:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:45 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=fb8076c1b3e0f8f3a0545db5b1993f8a2d5be1a3ae8892efc820fa81148a2b88, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:57:a4:72:e0:ec:13:03:de:d4:50:95:c9:41:
5e:3d:05:f7:ef:b3:37:2e:c5:0c:53:53:87:ef:59:
b5:57:c9:d1:6e:3d:d5:d0:dc:b5:81:a3:bb:ab:5a:
25:e7:4d:91:e1:a1:66:6a:59:63:3d:cc:49:52:b2:
65:20:45:2c:9c:14:f2:ab:56:86:37:0f:dd:2c:d2:
7c:f4:87:d0:7a:b1:21:c8:69:6a:d9:c0:fa:b9:18:
51:17:6e:a4:14:04:f1:94:77:37:19:0c:43:3e:34:
0d:27:06:6c:2d:08:e6:d3:70:45:04:f8:bc:f7:3c:
b2:6e:24:fc:af:a8:a6:2e:db:ec:44:96:a9:44:bf:
62:7c:aa:7e:b9:f6:28:ad:57:db:5a:a8:25:b8:27:
a1:0c:95:e9:df:82:c7:e6:96:59:1a:e2:38:b1:d2:
08:e0:34:e4:9d:27:47:fd:36:3a:78:11:ca:53:0b:
0d:f1:37:95:62:df:44:e4:6c:c2:35:fc:7b:4d:19:
70:f4:58:48:a3:34:22:e5:20:48:84:6b:25:4a:f6:
a4:0f:a8:03:78:0e:b5:b8:17:45:a8:c4:d2:2a:6d:
eb:37:c3:87:39:62:72:28:fd:3d:b5:3c:aa:48:ce:
e7:f1:78:e8:d6:3f:da:f8:91:e9:fb:50:b0:0e:31:
e2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:EA:43:5E:1A:CE:A8:CF:B9:25:E1:A8:57:1D:39:D5:5B:8F:23:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:06:9f:dd:fa:0f:75:be:4c:29:bd:08:0d:63:db:28:92:48:
fd:85:60:b0:03:85:4a:8a:d2:5e:98:5f:e4:e2:3c:65:9e:ac:
ed:a6:5e:88:ef:cc:e9:bf:13:4c:57:2b:87:71:89:e4:7c:51:
5a:8c:93:0c:96:1c:4c:03:eb:8f:92:a6:c6:fe:a0:ec:93:7f:
dd:9f:f7:74:72:94:3a:1e:65:04:46:35:54:d6:fa:33:ba:62:
12:06:76:ed:1c:23:19:07:c0:12:31:41:2b:d4:1a:ca:14:66:
45:75:6b:7b:d6:31:85:9f:59:24:89:fd:e1:f9:15:a4:b4:37:
ba:b5:24:89:a4:c5:56:03:e0:2f:0e:78:26:c5:08:c3:38:84:
a0:d5:26:d0:3d:81:95:f2:e5:37:a6:25:2d:79:8e:ef:d2:00:
33:3d:d2:21:2a:2a:cf:21:4a:fb:d1:cf:69:d5:0c:a8:42:ac:
ec:8d:13:ed:d4:3a:7d:2f:b9:b2:df:0c:5f:20:0b:b3:3e:e3:
0c:d3:02:73:1c:cd:20:fc:8b:dc:b1:7e:2d:f2:22:95:b6:03:
0f:f5:b6:69:1a:d4:7c:b3:ac:0f:3d:1e:71:83:8f:e9:05:87:
d5:c1:08:bf:73:01:a6:fc:4c:67:5c:f1:a1:d1:b5:6c:f4:9a:
d0:36:3d:bf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY1f1Ptiy6smr9MriVUOgruTJZ6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwNDVaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiODA3NmMxYjNlMGY4ZjNhMDU0NWRiNWIxOTkzZjhhMmQ1YmUxYTNhZTg4
OTJlZmM4MjBmYTgxMTQ4YTJiODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNXpHLg7BMD3tRQlclBXj0F9++zNy7FDFNTh+9ZtVfJ0W491dDctYGju6ta
JedNkeGhZmpZYz3MSVKyZSBFLJwU8qtWhjcP3SzSfPSH0HqxIchpatnA+rkYURdu
pBQE8ZR3NxkMQz40DScGbC0I5tNwRQT4vPc8sm4k/K+opi7b7ESWqUS/Ynyqfrn2
KK1X21qoJbgnoQyV6d+Cx+aWWRriOLHSCOA05J0nR/02OngRylMLDfE3lWLfRORs
wjX8e00ZcPRYSKM0IuUgSIRrJUr2pA+oA3gOtbgXRajE0ipt6zfDhzlicij9PbU8
qkjO5/F46NY/2viR6ftQsA4x4k8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTB6kNe
Gs6oz7kl4ahXHTnVW48jEDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQBoBp/d+g91vkwpvQgNY9sokkj9hWCwA4VKitJemF/k
4jxlnqztpl6I78zpvxNMVyuHcYnkfFFajJMMlhxMA+uPkqbG/qDsk3/dn/d0cpQ6
HmUERjVU1vozumISBnbtHCMZB8ASMUEr1BrKFGZFdWt71jGFn1kkif3h+RWktDe6
tSSJpMVWA+AvDngmxQjDOISg1SbQPYGV8uU3piUteY7v0gAzPdIhKirPIUr70c9p
1QyoQqzsjRPt1Dp9L7my3wxfIAuzPuMM0wJzHM0g/IvcsX4t8iKVtgMP9bZpGtR8
s6wPPR5xg4/pBYfVwQi/cwGm/ExnXPGh0bVs9JrQNj2/
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:30:53 2025 by rpki-client