Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: 4FqxtNRdZwysIUnVQzjr5USB3/U6K3ubVfDNUQLNDGQ=
Subject key identifier: BE:B6:39:54:68:39:1D:6F:AB:BC:E2:33:79:5E:2B:23:2D:4E:B1:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56C99628AF4BDA6A78723650D12E531AA73EB8E8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Fri 11 Jul 2025 21:01:10 +0000
ROA not before: Fri 11 Jul 2025 21:01:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:c9:96:28:af:4b:da:6a:78:72:36:50:d1:2e:53:1a:a7:3e:b8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8656189f773da72c59030281841aa58be0e8eb2e696dbdc6fcde4707e42c4404, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c6:f5:c1:30:11:90:95:04:54:c7:8d:85:47:
aa:87:ec:98:4b:42:69:38:d5:a9:d6:b2:41:62:eb:
01:0c:82:2f:93:10:3e:5c:8f:e1:45:cd:59:67:51:
71:aa:7c:cf:51:6b:3c:f3:e2:6b:3d:2e:9e:2a:c4:
d2:48:c0:62:45:da:ae:58:03:42:d8:d2:02:64:11:
c7:6f:31:42:63:df:10:11:aa:d1:35:a2:c6:63:ec:
a9:72:48:37:28:eb:09:85:ab:b3:ed:99:7a:df:2a:
59:70:cd:7c:84:32:ad:3d:27:a9:a9:89:da:64:5b:
24:6f:cf:30:ad:73:b8:a3:4b:c8:87:b4:2c:37:d2:
7f:51:c1:84:f0:57:96:a3:d5:09:cf:20:c7:3e:70:
d6:28:2e:66:d0:39:cd:bf:9f:d5:95:10:1e:da:48:
32:c0:e3:38:64:d1:68:83:35:71:25:aa:28:8c:75:
2e:e4:dc:08:77:3f:db:72:09:e7:ae:92:ee:30:26:
bb:b9:82:31:9b:1b:b9:7f:24:d2:10:e6:32:25:5c:
79:75:36:75:a4:66:f2:77:b3:dc:7e:b5:fb:c2:0d:
22:42:ea:53:69:74:1e:26:80:de:23:2e:ed:f9:40:
68:5e:86:a5:1c:fb:7c:8a:76:ab:34:f6:b5:df:d4:
78:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B6:39:54:68:39:1D:6F:AB:BC:E2:33:79:5E:2B:23:2D:4E:B1:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
35:65:ec:dc:b5:cc:1c:3f:0c:a3:0c:e0:71:58:ad:39:e4:ef:
a7:d9:2a:a1:c8:73:3e:11:f5:e5:95:16:3f:05:71:50:86:b2:
a0:21:23:d0:46:97:40:1a:e6:5c:08:45:8d:07:83:ec:74:57:
71:ee:24:49:c0:83:4a:45:3c:60:fa:15:dd:56:53:64:43:8f:
77:6a:c4:29:11:0b:6a:35:29:10:cd:a5:ba:04:53:8a:b3:70:
9f:ef:e9:1a:dc:c0:3b:61:7e:0b:22:dd:fb:d5:3d:77:c7:02:
38:f3:95:25:71:2c:b2:09:9b:ff:26:fe:4a:87:06:1d:fc:cb:
0b:46:27:af:bc:a9:15:0b:7c:a5:d7:78:1a:ae:98:ec:10:44:
ea:44:48:44:68:21:01:b0:1b:82:46:1d:13:0b:e3:2d:63:cc:
de:fb:62:d2:9f:60:6c:fb:c1:c1:fd:b1:17:be:4e:0a:54:51:
c7:02:af:bf:2c:d0:d3:73:30:8e:c0:ae:b8:d4:57:b7:ff:c1:
82:67:b7:a1:9a:3b:76:cc:54:87:a0:9d:11:f0:70:39:b9:55:
14:4e:a1:3e:0f:07:6f:05:4e:98:a3:60:13:c3:86:ad:2d:13:
74:8b:98:09:30:8b:87:aa:5b:3e:f7:1a:ba:c2:a3:ec:eb:b1:
e2:96:a5:04
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVsmWKK9L2mp4cjZQ0S5TGqc+uOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2NTYxODlmNzczZGE3MmM1OTAzMDI4MTg0MWFhNThiZTBlOGViMmU2OTZk
YmRjNmZjZGU0NzA3ZTQyYzQ0MDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHG9cEwEZCVBFTHjYVHqofsmEtCaTjVqdayQWLrAQyCL5MQPlyP4UXNWWdR
cap8z1FrPPPiaz0unirE0kjAYkXarlgDQtjSAmQRx28xQmPfEBGq0TWixmPsqXJI
NyjrCYWrs+2Zet8qWXDNfIQyrT0nqamJ2mRbJG/PMK1zuKNLyIe0LDfSf1HBhPBX
lqPVCc8gxz5w1iguZtA5zb+f1ZUQHtpIMsDjOGTRaIM1cSWqKIx1LuTcCHc/23IJ
566S7jAmu7mCMZsbuX8k0hDmMiVceXU2daRm8nez3H61+8INIkLqU2l0HiaA3iMu
7flAaF6GpRz7fIp2qzT2td/UeB0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS+tjlU
aDkdb6u84jN5XisjLU6xgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQA1ZezctcwcPwyjDOBxWK055O+n2SqhyHM+EfXllRY/
BXFQhrKgISPQRpdAGuZcCEWNB4PsdFdx7iRJwINKRTxg+hXdVlNkQ493asQpEQtq
NSkQzaW6BFOKs3Cf7+ka3MA7YX4LIt371T13xwI485UlcSyyCZv/Jv5KhwYd/MsL
RievvKkVC3yl13garpjsEETqREhEaCEBsBuCRh0TC+MtY8ze+2LSn2Bs+8HB/bEX
vk4KVFHHAq+/LNDTczCOwK641Fe3/8GCZ7ehmjt2zFSHoJ0R8HA5uVUUTqE+Dwdv
BU6Yo2ATw4atLRN0i5gJMIuHqls+9xq6wqPs67HilqUE
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:17:56 2025 by rpki-client