Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: kRyQjY8m4RI+QoG0akczfw8n1zdieizWe6l0x+2E+aM=
Subject key identifier: E3:6A:0D:1A:49:AB:5B:25:40:21:0F:75:23:5A:41:48:93:F8:DA:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4CA9C9B0DC0EEAC16068B192974002175799D5EA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Mon 21 Jul 2025 17:00:49 +0000
ROA not before: Mon 21 Jul 2025 17:00:49 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:a9:c9:b0:dc:0e:ea:c1:60:68:b1:92:97:40:02:17:57:99:d5:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:49 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=13d6003982c97f5f675b47976775b769b4905e101cc8541f1df28a4e91bea1c7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7c:16:8a:fc:e1:df:07:30:9f:5a:71:46:91:
1a:ac:cb:50:80:c2:97:fe:16:06:9f:b7:37:fc:bc:
75:74:31:e9:b5:eb:35:da:2e:82:19:cb:5e:c1:4a:
eb:43:5b:43:d5:d3:ea:6b:6b:d4:2e:14:aa:9d:9a:
aa:c1:92:2a:77:1e:2a:53:b0:59:a5:a5:7f:c4:91:
30:be:80:47:09:d6:d4:33:bd:45:c2:93:7d:4e:2f:
cc:49:79:12:81:69:35:5d:b5:c1:5b:c2:a0:55:ed:
c5:93:86:9d:d0:bc:a4:76:f4:bc:ed:42:e0:e0:c2:
4a:09:5a:df:30:63:fe:ea:7b:37:16:76:4f:40:02:
85:62:80:cc:c2:ae:cf:ba:40:af:35:07:e3:f2:66:
93:d2:94:57:a0:96:b1:cf:14:b7:56:50:53:b2:ae:
05:c5:07:cb:64:2f:d5:9c:cf:32:41:66:ba:29:c3:
10:d5:b7:2f:0a:8e:b9:c1:85:2a:a2:e4:72:a6:04:
a0:07:2d:ab:c1:ec:86:a3:ad:9e:10:f7:26:f0:ec:
09:4b:d6:dc:7d:97:bf:8d:8f:91:9f:6f:6e:60:f0:
d0:74:f3:26:9a:98:d7:64:0d:a9:ed:4e:52:6b:8e:
20:ba:89:26:17:e0:12:69:62:89:ea:37:58:52:f7:
89:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6A:0D:1A:49:AB:5B:25:40:21:0F:75:23:5A:41:48:93:F8:DA:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:a4:bb:97:5f:83:9d:78:7c:6d:d2:43:9b:86:97:cb:fe:6e:
ac:ab:82:fe:37:d1:2a:2e:89:ee:c5:30:83:1f:79:b5:72:cc:
50:12:ea:21:1a:7a:e0:f3:6c:85:27:f4:a3:04:de:df:91:c8:
9f:41:15:24:33:c0:a9:67:5a:ec:9b:63:f7:5f:31:82:b5:5b:
dd:f4:9a:db:ad:c1:ac:f3:46:d3:26:8b:8b:93:3d:61:e4:b5:
f7:b6:7c:29:e7:5d:f7:cb:d7:71:1f:24:3a:e3:9b:61:cd:86:
e0:f1:c0:b5:85:4c:f9:47:48:bb:57:c9:6b:8b:80:10:a4:ee:
e2:f2:bc:ce:70:87:1c:11:72:57:32:f7:f5:44:95:df:67:bc:
ac:d7:a0:25:97:91:25:08:07:6d:e3:3a:53:a4:75:79:63:92:
56:0c:bb:00:52:5f:0c:58:63:fa:e1:9e:47:e6:98:6e:6c:d8:
d1:32:9a:c2:87:2d:4f:61:b1:d4:25:b1:4b:4f:01:c2:04:76:
36:1d:f6:cd:94:75:65:d8:0b:c6:61:6c:1b:be:40:e4:5f:21:
05:e7:4c:0d:13:78:fd:a8:f6:dc:7f:a6:ce:e4:f8:b6:2f:67:
4f:78:c5:c9:d7:2c:cb:8b:27:c5:d7:06:a8:ba:da:50:f7:b7:
98:93:a7:a9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTKnJsNwO6sFgaLGSl0ACF1eZ1eowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDlaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzZDYwMDM5ODJjOTdmNWY2NzViNDc5NzY3NzViNzY5YjQ5MDVlMTAxY2M4
NTQxZjFkZjI4YTRlOTFiZWExYzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANB8For84d8HMJ9acUaRGqzLUIDCl/4WBp+3N/y8dXQx6bXrNdoughnLXsFK
60NbQ9XT6mtr1C4Uqp2aqsGSKnceKlOwWaWlf8SRML6ARwnW1DO9RcKTfU4vzEl5
EoFpNV21wVvCoFXtxZOGndC8pHb0vO1C4ODCSgla3zBj/up7NxZ2T0AChWKAzMKu
z7pArzUH4/Jmk9KUV6CWsc8Ut1ZQU7KuBcUHy2Qv1ZzPMkFmuinDENW3LwqOucGF
KqLkcqYEoActq8HshqOtnhD3JvDsCUvW3H2Xv42PkZ9vbmDw0HTzJpqY12QNqe1O
UmuOILqJJhfgEmliieo3WFL3iU8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTjag0a
SatbJUAhD3UjWkFIk/jaQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQDJpLuXX4OdeHxt0kObhpfL/m6sq4L+N9EqLonuxTCD
H3m1csxQEuohGnrg82yFJ/SjBN7fkcifQRUkM8CpZ1rsm2P3XzGCtVvd9JrbrcGs
80bTJouLkz1h5LX3tnwp5133y9dxHyQ645thzYbg8cC1hUz5R0i7V8lri4AQpO7i
8rzOcIccEXJXMvf1RJXfZ7ys16All5ElCAdt4zpTpHV5Y5JWDLsAUl8MWGP64Z5H
5phubNjRMprChy1PYbHUJbFLTwHCBHY2HfbNlHVl2AvGYWwbvkDkXyEF50wNE3j9
qPbcf6bO5Pi2L2dPeMXJ1yzLiyfF1waoutpQ97eYk6ep
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:36:14 2025 by rpki-client