Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: Vyo4zLDxJoqUbARJdpXqqz6AvcG/7sPxKjnQYFVC1Uw=
Subject key identifier: 7C:DB:8B:E1:C4:A4:1C:7B:C9:46:C4:5C:4D:C1:E8:6E:43:2C:5E:0F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 400A7144F6327EBF92978E60F1B85C247DFEDFE7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Fri 11 Jul 2025 21:00:24 +0000
ROA not before: Fri 11 Jul 2025 21:00:24 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:0a:71:44:f6:32:7e:bf:92:97:8e:60:f1:b8:5c:24:7d:fe:df:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:24 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ecd9d8eb0f738ee77549cc884f0cab56931ff35f72e19e004f87c4f00d3e9bb4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e3:31:87:00:87:82:2b:6f:a8:df:12:91:4a:
e9:ff:5a:5d:63:cc:8d:b7:7c:97:5a:b4:be:78:76:
1f:02:04:4f:01:23:c4:a5:7b:e4:1a:10:72:f5:ab:
0b:84:21:be:28:f2:e6:06:ba:01:a5:89:bf:89:b1:
71:53:a4:5b:13:98:1d:c2:99:eb:ec:ab:c0:73:be:
d9:e2:99:f5:e1:8e:5a:6d:66:4d:62:22:66:90:d9:
4b:ed:71:be:5c:b4:59:cf:bf:fa:08:4b:ff:5a:a0:
94:10:24:1e:1c:dc:94:d3:87:3c:52:9f:b7:7b:7e:
03:c4:23:30:73:4b:a5:10:fa:70:e5:c7:1b:b7:d3:
2a:fa:c3:fb:70:02:40:f0:6c:fe:56:1f:fe:36:ef:
b9:59:d8:e4:3b:ad:f0:82:ad:f1:e4:b3:d3:be:63:
fb:05:f4:a9:64:d7:a7:9d:dc:9d:5f:c2:d0:a0:5c:
4a:34:94:b3:85:d7:37:1c:54:af:44:8c:b4:79:56:
ee:6e:c8:a8:4b:5f:e3:11:f3:fe:aa:80:3d:7a:08:
5b:7c:d2:8c:f8:1e:0a:c8:b2:82:6e:ec:12:24:65:
57:8b:b2:52:1e:23:57:07:41:cd:65:ba:4a:0f:dc:
75:8f:34:85:e2:4f:a5:8a:a6:43:d0:c5:fd:ad:d5:
c4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:DB:8B:E1:C4:A4:1C:7B:C9:46:C4:5C:4D:C1:E8:6E:43:2C:5E:0F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2a:4d:d3:a1:9d:af:d0:7c:35:bd:c0:d3:1b:d5:e1:53:24:14:
36:fb:bc:6d:2b:7e:62:b5:fc:10:f0:dd:7d:f8:dc:03:68:78:
42:0c:83:da:20:1c:fa:94:fb:20:c2:c1:6c:f5:19:3c:7f:ce:
fb:2f:7d:ae:08:63:dd:20:87:17:58:e5:8b:54:bf:07:b6:e2:
0b:1f:34:d1:9e:be:6d:c6:a0:d7:c6:9b:ec:0b:77:48:7a:8b:
6c:f2:88:f2:8f:fe:e4:f6:c6:38:41:cd:57:75:99:27:9a:76:
c5:33:9e:bd:d2:03:d3:9c:75:d2:67:93:ff:06:60:e8:19:40:
3a:04:47:05:cd:f4:56:43:bc:6d:3a:b3:37:ad:e9:d6:cf:5b:
e1:70:a8:23:8d:22:f4:dc:5c:02:6e:60:2c:5a:17:3a:c9:27:
46:70:1a:65:5e:82:d7:c8:b2:f3:e8:53:c7:a5:e9:27:21:68:
9a:94:4b:69:20:11:96:0a:d6:27:78:66:b5:4a:a2:2b:01:61:
b5:af:54:79:4a:17:67:58:7b:ca:7b:dc:d6:93:8b:69:5f:e8:
70:b9:a2:9b:33:d1:19:73:db:91:bf:1a:72:f7:0e:79:b9:8e:
79:4b:41:d3:44:1b:56:b9:a4:10:a1:0c:62:86:26:dd:b1:b4:
d8:a6:94:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQApxRPYyfr+Sl45g8bhcJH3+3+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMjRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjZDlkOGViMGY3MzhlZTc3NTQ5Y2M4ODRmMGNhYjU2OTMxZmYzNWY3MmUx
OWUwMDRmODdjNGYwMGQzZTliYjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI/jMYcAh4Irb6jfEpFK6f9aXWPMjbd8l1q0vnh2HwIETwEjxKV75BoQcvWr
C4Qhvijy5ga6AaWJv4mxcVOkWxOYHcKZ6+yrwHO+2eKZ9eGOWm1mTWIiZpDZS+1x
vly0Wc+/+ghL/1qglBAkHhzclNOHPFKft3t+A8QjMHNLpRD6cOXHG7fTKvrD+3AC
QPBs/lYf/jbvuVnY5Dut8IKt8eSz075j+wX0qWTXp53cnV/C0KBcSjSUs4XXNxxU
r0SMtHlW7m7IqEtf4xHz/qqAPXoIW3zSjPgeCsiygm7sEiRlV4uyUh4jVwdBzWW6
Sg/cdY80heJPpYqmQ9DF/a3VxJ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR824vh
xKQce8lGxFxNwehuQyxeDzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQAqTdOhna/QfDW9wNMb1eFTJBQ2+7xtK35itfwQ8N19
+NwDaHhCDIPaIBz6lPsgwsFs9Rk8f877L32uCGPdIIcXWOWLVL8HtuILHzTRnr5t
xqDXxpvsC3dIeots8ojyj/7k9sY4Qc1XdZknmnbFM5690gPTnHXSZ5P/BmDoGUA6
BEcFzfRWQ7xtOrM3renWz1vhcKgjjSL03FwCbmAsWhc6ySdGcBplXoLXyLLz6FPH
peknIWialEtpIBGWCtYneGa1SqIrAWG1r1R5ShdnWHvKe9zWk4tpX+hwuaKbM9EZ
c9uRvxpy9w55uY55S0HTRBtWuaQQoQxihibdsbTYppQD
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:33:18 2025 by rpki-client