Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
File: 9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa (raw, json)
Hash identifier: YbkQn+BkREnGCdf8r/DshINaYZdnNI2NWMrt2YbkXVw=
Subject key identifier: 0A:2C:F6:1D:67:20:B5:7C:C7:1E:42:84:D4:D0:1E:35:3D:D7:7A:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 210B1B9171CCFFBC65F7DC7FB93217C9B8DB351D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
Signing time: Mon 14 Jul 2025 15:40:18 +0000
ROA not before: Mon 14 Jul 2025 15:40:18 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:0b:1b:91:71:cc:ff:bc:65:f7:dc:7f:b9:32:17:c9:b8:db:35:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:18 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=9eeaeab16af30b2445bd18cf7d481462c5ae6c3dee0f164667789f67f5f1dde3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bd:63:b6:72:04:de:d7:57:46:b7:31:6a:29:
6c:2a:33:7e:00:14:09:75:bf:1e:6e:46:20:d7:91:
d7:d9:2b:a2:83:d9:c3:15:35:3a:09:b6:cc:23:c7:
7c:2c:76:26:54:6e:64:0f:2c:04:4b:72:c1:27:1c:
36:90:cd:2f:a6:a0:4f:8a:60:f6:71:e0:ec:95:ea:
61:65:7d:78:bc:bf:d5:b5:fc:8a:e0:18:a7:88:4b:
94:91:eb:07:2b:24:96:70:ed:b9:d7:98:8b:63:4a:
b4:2c:e4:67:f2:6b:77:57:d1:d1:b5:29:c9:e9:d0:
57:48:56:b8:aa:bb:fa:de:50:7b:95:e4:47:05:b4:
fc:76:35:65:ef:99:aa:06:4a:81:a1:4e:d2:fe:59:
3f:60:6a:cf:72:e1:9e:60:c7:e1:cc:7a:5f:6c:6c:
c4:27:c8:8a:ca:3f:50:c8:24:1a:fa:96:83:0a:51:
5d:44:3a:83:d6:a3:10:61:89:37:41:62:c5:a9:d7:
5a:3b:7f:55:d1:26:d1:1e:1f:7d:dc:af:a2:f0:e9:
f1:6f:b8:42:8c:2a:cc:51:2a:cf:dd:6f:f8:25:41:
6f:00:e0:93:9f:da:ac:91:2f:ae:9b:d2:3f:2e:af:
82:9b:0a:5f:14:88:1c:29:77:86:16:95:57:d9:bc:
8d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2C:F6:1D:67:20:B5:7C:C7:1E:42:84:D4:D0:1E:35:3D:D7:7A:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9b:13:09:c3:53:79:f4:77:86:8c:73:5d:03:a7:ed:3f:6f:5e:
3a:88:67:66:d9:84:8e:4c:08:13:0f:81:74:68:6c:16:9b:8f:
a3:af:11:6f:e0:fb:62:dc:21:3e:4c:a4:6d:e0:32:36:b0:0e:
73:1f:bc:25:f7:5b:5d:3b:38:90:1c:ae:ca:a8:d3:3b:05:3c:
b2:67:eb:84:4a:77:eb:f8:e6:73:ca:ce:fe:04:e6:b0:95:39:
f4:aa:e7:28:93:fe:e0:4b:a6:d9:73:14:ae:31:de:7d:69:32:
eb:fe:6c:0b:99:a3:0f:1e:85:c0:46:10:2b:f5:93:7c:95:62:
4d:e1:37:a4:0b:d5:57:a4:50:3b:ca:14:33:d0:f3:97:b5:ba:
75:07:a2:bb:bf:2b:eb:96:fe:97:10:77:30:b6:2b:3b:1b:73:
a9:01:61:98:82:87:16:21:37:53:b1:9f:dc:cb:c7:de:1c:03:
00:29:6c:3c:dd:af:96:79:06:74:2c:f4:b1:95:06:c4:2a:cb:
d4:a5:7d:da:6e:96:c2:e1:31:24:ee:82:ff:ac:5b:3f:76:65:
0d:ef:a5:5c:c2:a9:ed:bc:c2:e6:e5:bc:e8:6c:dd:73:2f:a5:
70:0d:05:9c:07:44:a6:86:b1:14:d3:82:5d:6b:c9:35:6c:f8:
81:d9:f0:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIQsbkXHM/7xl99x/uTIXybjbNR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMThaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDllZWFlYWIxNmFmMzBiMjQ0NWJkMThjZjdkNDgxNDYyYzVhZTZjM2RlZTBm
MTY0NjY3Nzg5ZjY3ZjVmMWRkZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKi9Y7ZyBN7XV0a3MWopbCozfgAUCXW/Hm5GINeR19krooPZwxU1Ogm2zCPH
fCx2JlRuZA8sBEtywSccNpDNL6agT4pg9nHg7JXqYWV9eLy/1bX8iuAYp4hLlJHr
BysklnDtudeYi2NKtCzkZ/Jrd1fR0bUpyenQV0hWuKq7+t5Qe5XkRwW0/HY1Ze+Z
qgZKgaFO0v5ZP2Bqz3LhnmDH4cx6X2xsxCfIiso/UMgkGvqWgwpRXUQ6g9ajEGGJ
N0FixanXWjt/VdEm0R4ffdyvovDp8W+4QowqzFEqz91v+CVBbwDgk5/arJEvrpvS
Py6vgpsKXxSIHCl3hhaVV9m8je8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQKLPYd
ZyC1fMceQoTU0B41Pdd6PzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWExZmEzOTEtNDM3Ny00NGJhLWE2YzctYzc4NWZjOWE3NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQCbEwnDU3n0d4aMc10Dp+0/b146iGdm2YSOTAgTD4F0
aGwWm4+jrxFv4Pti3CE+TKRt4DI2sA5zH7wl91tdOziQHK7KqNM7BTyyZ+uESnfr
+OZzys7+BOawlTn0qucok/7gS6bZcxSuMd59aTLr/mwLmaMPHoXARhAr9ZN8lWJN
4TekC9VXpFA7yhQz0POXtbp1B6K7vyvrlv6XEHcwtis7G3OpAWGYgocWITdTsZ/c
y8feHAMAKWw83a+WeQZ0LPSxlQbEKsvUpX3abpbC4TEk7oL/rFs/dmUN76Vcwqnt
vMLm5bzobN1zL6VwDQWcB0SmhrEU04Jda8k1bPiB2fD7
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:41:34 2025 by rpki-client