Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: up+zZ1nwcyLk16ILFkh7pC351o7Ir/R3fV7+N7ep1zU=
Subject key identifier: BC:EC:A5:05:C2:10:6B:D4:DB:69:98:43:02:08:51:9F:E2:64:A0:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4FD100C0130A48F939357E1FA0915021B6E60071
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Fri 11 Jul 2025 21:00:39 +0000
ROA not before: Fri 11 Jul 2025 21:00:39 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:d1:00:c0:13:0a:48:f9:39:35:7e:1f:a0:91:50:21:b6:e6:00:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:39 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a4e4bcd9a1cdd5ca566ed1c9e98379e8b98829866397f95bd0edc3d27357474e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b7:fa:ff:d3:a2:a1:16:46:c2:fd:63:b1:bb:
d2:71:1c:82:da:25:b4:c8:cf:a5:7e:84:c4:ef:c3:
91:10:19:a4:12:8a:40:88:fe:1b:d9:6a:1a:d4:5c:
03:d5:49:03:57:49:f5:be:fd:c6:09:60:d7:0f:d0:
6e:7d:0b:54:ce:d5:ed:9a:f8:a1:9d:02:5c:a8:23:
fd:70:a5:51:a7:ef:14:64:73:0f:21:22:18:50:a1:
f9:29:e3:1a:31:2d:9c:91:57:e5:53:59:d7:cc:4a:
39:93:25:b5:20:2a:36:93:d9:2e:c8:4a:a3:b4:a3:
96:48:e0:f7:4b:72:03:2a:d3:f2:9b:ef:0f:8f:39:
9a:ae:e0:42:35:3f:ea:e0:d0:00:f9:7c:9a:8b:b8:
38:d0:94:a8:13:a4:68:20:03:ca:81:7e:6f:39:e3:
6f:bc:a5:ce:87:43:e5:8f:50:c2:b2:1e:b2:31:dd:
21:12:8d:66:a6:f1:4d:e8:47:b4:fd:d6:da:cc:de:
71:9d:92:47:32:6c:11:b5:e0:c4:8c:41:38:da:c0:
aa:24:16:dc:79:2b:18:b3:0b:54:0a:73:80:9e:bf:
cc:4b:b4:ed:16:36:e2:f0:fe:57:ae:87:75:a4:7b:
15:be:7a:3e:0a:38:73:d8:f7:5f:51:45:48:20:19:
c4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EC:A5:05:C2:10:6B:D4:DB:69:98:43:02:08:51:9F:E2:64:A0:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:47:b8:12:87:63:3b:37:a5:2a:97:62:9c:aa:53:02:12:51:
79:32:fa:c3:21:06:15:bf:c7:2e:68:d0:b6:b9:0b:3f:c8:0f:
57:34:e2:06:84:30:1c:19:bb:7d:64:3a:20:52:f3:ce:9e:33:
68:8c:81:67:81:4f:2d:1f:79:f1:27:21:3d:71:f2:be:c3:c0:
5c:0f:60:09:ca:49:fe:63:78:7f:c3:2a:b8:c5:ac:21:e3:e6:
e2:eb:a1:6e:a4:d4:f3:ad:05:f7:b6:36:42:c4:e0:00:97:b9:
2e:37:d9:d1:0d:0a:ab:e8:a9:91:75:7b:81:aa:00:e8:38:5b:
a6:7f:a6:40:26:3b:a2:81:5d:f6:35:af:7b:d4:87:33:15:f8:
ea:da:06:95:6a:01:bf:89:12:0c:63:2e:05:e8:a4:6f:53:ab:
46:7f:cb:d9:7a:dc:a2:82:d9:34:94:a3:8b:04:ee:9e:83:50:
62:49:54:3a:36:77:74:17:a9:4c:d0:5d:48:57:e4:6d:e1:74:
d5:5b:b1:ba:e0:1a:e3:f7:93:33:cc:ad:98:cf:4e:3d:ad:92:
d2:5a:9c:6a:0d:a2:88:99:dc:ae:6f:4d:bf:c8:37:eb:a7:d4:
a5:f2:5f:8d:59:e2:e5:80:87:a3:04:b6:34:e0:3e:72:90:db:
c0:a3:f2:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT9EAwBMKSPk5NX4foJFQIbbmAHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMzlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0ZTRiY2Q5YTFjZGQ1Y2E1NjZlZDFjOWU5ODM3OWU4Yjk4ODI5ODY2Mzk3
Zjk1YmQwZWRjM2QyNzM1NzQ3NGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJy3+v/ToqEWRsL9Y7G70nEcgtoltMjPpX6ExO/DkRAZpBKKQIj+G9lqGtRc
A9VJA1dJ9b79xglg1w/Qbn0LVM7V7Zr4oZ0CXKgj/XClUafvFGRzDyEiGFCh+Snj
GjEtnJFX5VNZ18xKOZMltSAqNpPZLshKo7Sjlkjg90tyAyrT8pvvD485mq7gQjU/
6uDQAPl8mou4ONCUqBOkaCADyoF+bznjb7ylzodD5Y9QwrIesjHdIRKNZqbxTehH
tP3W2szecZ2SRzJsEbXgxIxBONrAqiQW3HkrGLMLVApzgJ6/zEu07RY24vD+V66H
daR7Fb56Pgo4c9j3X1FFSCAZxC0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS87KUF
whBr1NtpmEMCCFGf4mSgwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQAzR7gSh2M7N6Uql2KcqlMCElF5MvrDIQYVv8cuaNC2
uQs/yA9XNOIGhDAcGbt9ZDogUvPOnjNojIFngU8tH3nxJyE9cfK+w8BcD2AJykn+
Y3h/wyq4xawh4+bi66FupNTzrQX3tjZCxOAAl7kuN9nRDQqr6KmRdXuBqgDoOFum
f6ZAJjuigV32Na971IczFfjq2gaVagG/iRIMYy4F6KRvU6tGf8vZetyigtk0lKOL
BO6eg1BiSVQ6Nnd0F6lM0F1IV+Rt4XTVW7G64Brj95MzzK2Yz049rZLSWpxqDaKI
mdyub02/yDfrp9Sl8l+NWeLlgIejBLY04D5ykNvAo/Jn
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:54:16 2025 by rpki-client