Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
File: 9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa (raw, json)
Hash identifier: 5QMYNkK1dJZSt114A29eUobhngoZr/4hguUyezE7ZaQ=
Subject key identifier: 28:95:42:E1:5C:2F:8A:FF:CD:A6:52:DC:2B:4D:9F:01:25:85:CB:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69F72269405543D03E0E48AAD818FB110AFF0F7F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
Signing time: Mon 21 Jul 2025 17:00:52 +0000
ROA not before: Mon 21 Jul 2025 17:00:52 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f7:22:69:40:55:43:d0:3e:0e:48:aa:d8:18:fb:11:0a:ff:0f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:52 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=a49bfde077ef536262803ae2782273350643e924aeeeb77c168f7add1cef43b8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b5:cb:63:a0:64:81:0a:44:b4:4b:f6:65:ac:
82:65:eb:0a:3f:93:86:a3:3d:5d:4c:c8:3b:41:d6:
4c:a9:e3:c3:ae:ad:2c:19:27:6c:5e:15:2c:43:8f:
dc:4f:00:8b:2e:e8:c9:5e:55:94:6f:20:f4:72:ad:
a6:4e:fe:8a:56:bb:f8:0f:34:bb:2f:4f:aa:98:8e:
9d:ca:26:94:42:7d:64:ba:0e:94:14:ec:1d:72:6f:
20:70:b1:88:b3:38:67:a1:3c:33:2f:9a:63:19:e8:
72:2b:e4:71:17:1b:7a:71:ec:bf:c1:a8:4f:de:1f:
09:7f:cc:21:c7:c2:74:a4:14:93:e9:a1:8c:03:05:
a2:c9:d7:72:8e:b3:2e:28:76:16:22:cc:69:aa:56:
60:2b:ad:90:46:19:56:93:da:da:26:b3:33:ea:e4:
04:fa:aa:26:ae:77:49:07:7d:cd:15:9f:a2:c8:e2:
bd:c9:de:78:5d:2e:1c:2d:9b:c1:44:d5:9f:0c:42:
3c:bc:a4:c9:1c:4c:b6:fa:90:fc:fe:17:b6:c4:64:
56:68:5b:ba:8f:6a:4b:e0:2d:26:48:3c:36:6a:e5:
39:75:12:af:0c:25:98:58:40:52:84:98:14:6f:73:
b6:07:10:f6:a5:a6:e2:85:8d:05:d3:83:06:cf:69:
1b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:95:42:E1:5C:2F:8A:FF:CD:A6:52:DC:2B:4D:9F:01:25:85:CB:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:7a:89:d6:86:8b:36:e8:cf:30:2d:fa:ab:05:d1:25:a3:da:
33:7b:bd:10:5d:d5:64:c1:28:aa:73:07:73:30:9c:b2:5d:63:
4b:b8:bf:6b:ca:3e:08:b6:a2:d7:85:60:fb:be:31:4d:37:06:
01:7f:70:99:c3:b6:65:71:39:ad:de:27:73:1f:8a:46:57:3f:
33:42:92:aa:79:e3:46:ba:bf:2e:be:e0:96:d0:c6:08:05:ef:
18:72:e5:70:51:3e:13:16:a4:19:c6:b1:9d:7f:62:0d:64:d9:
59:f3:f3:34:74:c9:ac:01:d0:f9:e3:35:f9:e4:06:4a:6d:55:
12:56:ef:ed:e4:a8:e8:9f:0c:2a:66:77:8c:20:61:a1:da:6b:
48:d1:d4:50:d1:ff:cc:5d:b8:34:50:cb:8a:a5:80:c1:f5:05:
e0:c9:65:8a:63:d3:2d:ec:0e:7c:02:24:80:aa:4a:28:33:3c:
95:9b:ac:a1:be:59:ce:ec:26:90:a5:30:79:b1:14:d0:b4:f4:
63:3b:cc:5b:24:33:5d:b0:a3:40:87:08:ad:6d:7e:ec:d3:d4:
29:ba:3f:13:64:40:d4:84:88:00:41:f3:66:04:fc:e5:81:7b:
e5:d1:67:9f:7c:b5:53:43:07:2b:be:62:cd:a9:d1:b5:4b:0b:
d0:02:3a:1f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUafciaUBVQ9A+Dkiq2Bj7EQr/D38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNTJaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0OWJmZGUwNzdlZjUzNjI2MjgwM2FlMjc4MjI3MzM1MDY0M2U5MjRhZWVl
Yjc3YzE2OGY3YWRkMWNlZjQzYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM21y2OgZIEKRLRL9mWsgmXrCj+ThqM9XUzIO0HWTKnjw66tLBknbF4VLEOP
3E8Aiy7oyV5VlG8g9HKtpk7+ila7+A80uy9PqpiOncomlEJ9ZLoOlBTsHXJvIHCx
iLM4Z6E8My+aYxnocivkcRcbenHsv8GoT94fCX/MIcfCdKQUk+mhjAMFosnXco6z
Lih2FiLMaapWYCutkEYZVpPa2iazM+rkBPqqJq53SQd9zRWfosjivcneeF0uHC2b
wUTVnwxCPLykyRxMtvqQ/P4XtsRkVmhbuo9qS+AtJkg8NmrlOXUSrwwlmFhAUoSY
FG9ztgcQ9qWm4oWNBdODBs9pG7MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQolULh
XC+K/82mUtwrTZ8BJYXL/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWU1NjUxMGItNWYxYy00N2Y2LThhNTQtMmVmOWM5NmM1NzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQDUeonWhos26M8wLfqrBdElo9oze70QXdVkwSiqcwdz
MJyyXWNLuL9ryj4ItqLXhWD7vjFNNwYBf3CZw7ZlcTmt3idzH4pGVz8zQpKqeeNG
ur8uvuCW0MYIBe8YcuVwUT4TFqQZxrGdf2INZNlZ8/M0dMmsAdD54zX55AZKbVUS
Vu/t5KjonwwqZneMIGGh2mtI0dRQ0f/MXbg0UMuKpYDB9QXgyWWKY9Mt7A58AiSA
qkooMzyVm6yhvlnO7CaQpTB5sRTQtPRjO8xbJDNdsKNAhwitbX7s09Qpuj8TZEDU
hIgAQfNmBPzlgXvl0WeffLVTQwcrvmLNqdG1SwvQAjof
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:39:45 2025 by rpki-client