
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json)
Hash identifier: e3hOCrnU1dDym6cb5THpXTN6amWsfeNNSJ3cX6w1zH0=
Subject key identifier: A6:57:1F:97:92:26:8F:F8:A6:43:14:3B:E0:A4:08:95:24:C9:B2:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7E350E0DCA2FF188547C73364D7A15F20505D35D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
Signing time: Mon 14 Jul 2025 15:40:09 +0000
ROA not before: Mon 14 Jul 2025 15:40:09 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:35:0e:0d:ca:2f:f1:88:54:7c:73:36:4d:7a:15:f2:05:05:d3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:09 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=4de52e84eded3d09122ca83a6f4c43e08949160965fcffddcac2079275b370bd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:78:37:33:4a:9c:5a:69:0e:b8:86:c0:c1:d9:
6c:10:c5:95:da:82:75:6b:ee:a3:26:9f:8a:ba:a4:
d4:18:8b:24:58:c1:6d:5f:57:c1:c2:cb:dd:6e:9b:
00:4c:c0:be:3d:79:00:f8:b3:ce:d7:05:69:a7:30:
23:35:98:8d:08:58:24:25:57:e2:4a:f0:29:1b:a7:
fd:9e:46:93:e1:ba:32:e0:d2:2b:21:68:67:1c:de:
f6:fc:71:fb:af:a8:f0:50:0f:43:f1:e6:dc:d0:ea:
0f:49:72:b7:da:9d:8f:84:54:20:4e:ff:fc:27:7b:
91:92:54:d6:7c:95:be:f6:05:bc:fe:a1:61:8c:43:
2e:e8:05:e2:be:81:d7:97:55:37:83:c6:0e:cc:b3:
9a:1a:d9:d5:1e:dd:86:40:00:47:f0:dd:d0:12:02:
5a:2d:d0:a4:fb:12:23:68:c5:a8:c3:1d:2e:72:d8:
84:e8:00:df:e2:54:0d:d7:af:de:f6:0f:06:55:2a:
24:f7:1e:98:fe:65:24:29:3c:3e:6d:89:34:5f:68:
35:2e:db:ae:05:50:39:5d:84:58:9c:19:11:68:0a:
50:f3:28:a6:61:c6:6d:fa:42:0f:db:df:d4:cc:38:
2f:b1:96:2c:96:b4:79:e4:0f:61:ae:74:6d:70:9f:
e8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:57:1F:97:92:26:8F:F8:A6:43:14:3B:E0:A4:08:95:24:C9:B2:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
c2:cb:74:81:98:03:2b:be:dc:60:88:fa:8b:ab:4e:dc:f9:1f:
d9:cb:8c:5e:c0:51:a3:ed:37:fc:86:fb:0b:9c:2a:e0:0e:02:
63:de:ee:7d:f4:1a:cc:fe:e0:91:76:c9:01:93:5c:33:6f:77:
33:27:fa:07:51:92:be:2d:a6:32:72:f3:44:e4:c7:c3:60:cd:
c7:d4:27:60:38:84:3c:74:4d:72:8c:4f:53:3c:d3:f2:e7:ad:
dd:6c:87:01:d2:2a:ed:77:6d:88:13:3d:34:a5:e8:e3:7d:cc:
b3:5b:a3:ef:9b:bc:42:53:70:c2:9d:29:6b:59:bf:cf:c3:d0:
12:df:0a:da:60:a7:21:8b:94:fb:6a:19:0c:8d:12:89:d6:6d:
45:ec:51:2c:0c:a1:b4:26:bc:43:76:ed:25:d8:a8:1f:89:5f:
0b:18:4b:3b:71:f7:7d:8c:d7:64:13:37:45:f5:ea:ae:b1:a7:
27:e9:80:0f:5f:88:72:de:bb:21:a4:91:28:8b:0a:61:2a:fd:
59:d6:6b:a6:58:c8:81:30:e1:a6:d0:a5:d9:fd:91:19:b3:20:
e6:85:49:2d:6f:3a:cd:5a:cc:02:e8:ce:2e:0b:56:f0:1e:53:
fc:7a:82:10:6b:4f:55:2b:13:90:e0:86:1f:1c:d7:49:6d:06:
b7:69:91:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfjUODcov8YhUfHM2TXoV8gUF010wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMDlaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkZTUyZTg0ZWRlZDNkMDkxMjJjYTgzYTZmNGM0M2UwODk0OTE2MDk2NWZj
ZmZkZGNhYzIwNzkyNzViMzcwYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL54NzNKnFppDriGwMHZbBDFldqCdWvuoyafirqk1BiLJFjBbV9XwcLL3W6b
AEzAvj15APizztcFaacwIzWYjQhYJCVX4krwKRun/Z5Gk+G6MuDSKyFoZxze9vxx
+6+o8FAPQ/Hm3NDqD0lyt9qdj4RUIE7//Cd7kZJU1nyVvvYFvP6hYYxDLugF4r6B
15dVN4PGDsyzmhrZ1R7dhkAAR/Dd0BICWi3QpPsSI2jFqMMdLnLYhOgA3+JUDdev
3vYPBlUqJPcemP5lJCk8Pm2JNF9oNS7brgVQOV2EWJwZEWgKUPMopmHGbfpCD9vf
1Mw4L7GWLJa0eeQPYa50bXCf6BMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSmVx+X
kiaP+KZDFDvgpAiVJMmyGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQDCy3SBmAMrvtxgiPqLq07c+R/Zy4xewFGj7Tf8hvsL
nCrgDgJj3u599BrM/uCRdskBk1wzb3czJ/oHUZK+LaYycvNE5MfDYM3H1CdgOIQ8
dE1yjE9TPNPy563dbIcB0irtd22IEz00pejjfcyzW6Pvm7xCU3DCnSlrWb/Pw9AS
3wraYKchi5T7ahkMjRKJ1m1F7FEsDKG0JrxDdu0l2KgfiV8LGEs7cfd9jNdkEzdF
9equsacn6YAPX4hy3rshpJEoiwphKv1Z1mumWMiBMOGm0KXZ/ZEZsyDmhUktbzrN
WswC6M4uC1bwHlP8eoIQa09VKxOQ4IYfHNdJbQa3aZEB
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:17:26 2025 by rpki-client