Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: 0zSyMt6hrSp92jfiNdyt0dJHzIj1yG8v5FltWise7Ig=
Subject key identifier: 3A:AA:76:4E:05:FF:2E:94:0F:69:C7:26:93:2E:71:6B:B4:24:64:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 667A1B5D94311A2A18B0A766EE4FE1365B604E0F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Fri 11 Jul 2025 21:00:37 +0000
ROA not before: Fri 11 Jul 2025 21:00:37 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:7a:1b:5d:94:31:1a:2a:18:b0:a7:66:ee:4f:e1:36:5b:60:4e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:37 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6d6633e635b1873b9ad26496659135dc4ac0b206497e3a5b3f0a56e89d98efd7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:29:a0:1f:43:6d:6e:5d:a2:33:84:ff:b0:
9f:5a:86:7d:9d:07:35:fc:27:83:45:95:c4:05:a7:
d1:63:c6:94:a8:48:e8:1b:4a:89:22:c4:e2:82:0f:
b0:d1:bd:61:b7:67:d9:72:91:67:a6:0c:25:88:99:
14:93:ba:51:5b:ce:0a:b9:fe:5a:7d:fa:3b:b3:6f:
4d:3f:2a:d5:35:4d:42:29:33:42:bf:fc:7e:b6:c1:
1a:70:9d:a0:dc:2a:bc:41:c5:58:a0:c0:f3:79:21:
a1:39:19:dd:83:e3:68:96:04:73:ea:7d:59:48:e4:
87:2b:43:5c:c0:0a:24:70:af:82:6a:74:21:a9:f8:
cc:89:f7:29:de:e9:be:aa:ff:01:3c:6a:b2:5d:88:
f9:dc:5a:55:fb:8e:83:61:ac:0f:8b:1f:4d:e2:27:
4c:7b:f3:9e:95:e4:20:df:12:d6:9a:c1:55:67:31:
42:bc:cc:16:8b:da:d8:53:39:72:f8:6a:f0:5c:98:
c2:c8:50:28:bd:14:d7:8b:5e:3a:6e:2d:00:bf:c9:
0a:16:02:02:eb:03:f4:8c:72:2c:c2:79:ae:49:9d:
f8:50:cc:21:f8:d4:8f:9f:ab:f4:0f:81:d6:60:21:
b0:d8:2a:14:52:67:f6:f3:d3:1b:6e:13:8e:4e:02:
55:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AA:76:4E:05:FF:2E:94:0F:69:C7:26:93:2E:71:6B:B4:24:64:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:3a:db:23:05:cf:d4:04:72:a1:e1:59:b2:20:4d:e8:13:66:
c3:51:92:fb:f0:29:e3:49:a6:0c:94:16:5e:31:19:65:e7:9e:
ff:b0:f6:0b:b2:69:f7:91:6f:8b:8b:c0:84:5c:8b:13:52:d8:
a8:34:d3:8b:9c:2f:5f:89:21:ab:7d:22:82:db:21:b9:d7:d7:
6e:ee:3d:11:d1:ab:45:bb:b0:87:5c:87:5e:30:b9:60:fd:93:
0c:38:10:a0:03:22:82:e6:ec:2d:8c:b8:38:b8:16:27:98:41:
d5:f1:5b:cd:a9:c1:eb:5d:47:56:1a:21:cf:60:e3:5e:df:8c:
12:af:a5:85:86:bb:89:04:ff:48:da:0f:3e:cf:b0:55:a5:f9:
fe:1f:d6:a7:c8:74:8c:58:c1:11:e3:d8:6d:8d:1b:79:6f:48:
a7:2a:bb:09:17:ca:5f:da:73:a5:a0:f3:b5:a4:c8:40:8b:ba:
02:99:51:71:1f:eb:39:a0:ab:7b:71:ea:0a:f1:ac:e8:a8:c8:
b2:bf:0e:d3:36:a2:5c:82:d8:a4:61:7a:c4:0c:7e:53:d0:a4:
f0:87:6a:dc:1b:83:b9:7c:9e:8e:54:5e:df:e6:eb:cb:ab:9a:
8d:70:41:98:5f:da:7c:2d:6e:5e:dd:e7:14:5f:d0:49:53:33:
56:59:7f:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZnobXZQxGioYsKdm7k/hNltgTg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMzdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkNjYzM2U2MzViMTg3M2I5YWQyNjQ5NjY1OTEzNWRjNGFjMGIyMDY0OTdl
M2E1YjNmMGE1NmU4OWQ5OGVmZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6oKaAfQ21uXaIzhP+wn1qGfZ0HNfwng0WVxAWn0WPGlKhI6BtKiSLE4oIP
sNG9Ybdn2XKRZ6YMJYiZFJO6UVvOCrn+Wn36O7NvTT8q1TVNQikzQr/8frbBGnCd
oNwqvEHFWKDA83khoTkZ3YPjaJYEc+p9WUjkhytDXMAKJHCvgmp0Ian4zIn3Kd7p
vqr/ATxqsl2I+dxaVfuOg2GsD4sfTeInTHvznpXkIN8S1prBVWcxQrzMFova2FM5
cvhq8FyYwshQKL0U14teOm4tAL/JChYCAusD9IxyLMJ5rkmd+FDMIfjUj5+r9A+B
1mAhsNgqFFJn9vPTG24Tjk4CVXUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6qnZO
Bf8ulA9pxyaTLnFrtCRkyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQBUOtsjBc/UBHKh4VmyIE3oE2bDUZL78CnjSaYMlBZe
MRll557/sPYLsmn3kW+Li8CEXIsTUtioNNOLnC9fiSGrfSKC2yG519du7j0R0atF
u7CHXIdeMLlg/ZMMOBCgAyKC5uwtjLg4uBYnmEHV8VvNqcHrXUdWGiHPYONe34wS
r6WFhruJBP9I2g8+z7BVpfn+H9anyHSMWMER49htjRt5b0inKrsJF8pf2nOloPO1
pMhAi7oCmVFxH+s5oKt7ceoK8azoqMiyvw7TNqJcgtikYXrEDH5T0KTwh2rcG4O5
fJ6OVF7f5uvLq5qNcEGYX9p8LW5e3ecUX9BJUzNWWX+f
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:18:13 2025 by rpki-client