Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: C3zefoEHT0a8niCJI5s2A65z9m+DGpCqD6Go7DnB1nM=
Subject key identifier: 01:58:B7:58:26:4B:4C:DC:36:F6:75:9D:CA:4C:8D:E2:65:1A:A7:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26942F08D05289FB400A8F3C3D72F2188DE755B3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Mon 21 Jul 2025 17:00:46 +0000
ROA not before: Mon 21 Jul 2025 17:00:46 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:94:2f:08:d0:52:89:fb:40:0a:8f:3c:3d:72:f2:18:8d:e7:55:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:46 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=d900a70b0286790499c3413f3c598b9144cbd2762d5ffe2de909dd952f18cd0c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:8f:8c:81:02:cf:98:6c:ea:28:4c:4f:52:
44:e1:cc:51:08:6f:b2:11:93:e2:c6:26:31:74:5e:
53:0c:20:7d:ed:71:9f:02:33:ac:d9:c5:4c:f6:08:
56:1e:ba:46:96:25:ad:64:fb:63:8f:07:2a:e5:a6:
af:bd:83:80:a9:b1:d5:ac:42:6b:ba:6c:f8:b9:0d:
82:96:bb:27:10:87:30:2e:ac:96:d3:7c:74:10:31:
36:a3:dd:06:7b:bb:fc:42:26:fb:96:58:5f:2b:a3:
9d:96:20:36:0a:d2:56:9c:83:f1:7d:ea:7b:85:d0:
bd:2d:d2:e5:23:8f:d6:e1:11:f6:2b:4b:55:5b:9e:
bd:5f:ab:6e:68:6d:4d:b2:8f:1d:08:a4:6f:d2:80:
3b:15:25:2b:08:a9:18:a1:78:da:c5:a0:d3:a8:6d:
25:0e:8b:d1:48:c0:bc:56:fc:97:f2:73:a8:8b:2b:
f2:27:af:61:0a:b5:96:fb:9a:f0:dd:dc:f7:04:3b:
b7:af:ec:27:04:6a:5d:97:2d:b7:0d:bf:82:5b:0e:
e2:0e:85:c1:80:81:4d:05:f1:b1:2d:1f:2b:d2:5e:
04:52:ae:3b:0d:82:12:2f:8a:36:d3:93:55:bf:87:
b0:b5:da:c6:9d:8d:b5:a6:c7:4c:7e:8b:04:0f:6c:
d7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:58:B7:58:26:4B:4C:DC:36:F6:75:9D:CA:4C:8D:E2:65:1A:A7:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
31:9a:33:09:fd:64:61:25:60:2d:cb:d4:6a:14:4f:3c:b1:37:
70:27:e2:9d:a1:6d:cc:16:91:05:f6:68:3e:b4:14:ab:18:20:
0b:62:38:0c:a3:65:98:56:11:b3:b9:bf:07:19:c0:92:a6:37:
85:98:c2:50:4c:4e:d2:df:7d:8c:85:45:05:44:20:71:69:00:
57:a1:e4:16:59:4e:83:ef:19:1f:df:de:97:35:df:14:38:65:
94:67:86:41:80:52:2e:8a:c8:fb:97:ee:8a:14:44:17:84:47:
1c:81:bb:7f:38:56:d6:e7:ee:b4:87:ba:67:23:35:a7:df:f3:
cd:fc:e4:32:53:10:68:a1:8b:bf:74:f9:00:40:9d:cc:e8:2c:
16:77:34:91:85:73:2e:5d:3b:64:70:62:d4:77:5a:40:d3:58:
b2:10:e9:90:95:7d:92:64:3c:da:e7:22:16:83:26:0c:45:aa:
22:f1:f7:e0:35:dc:04:8f:e3:75:b5:fe:02:f2:bf:d1:0d:45:
f4:cc:bc:13:cd:bd:64:7b:49:c9:61:4a:52:5b:4e:8a:83:c0:
45:73:4e:06:40:f6:75:74:32:10:22:d7:82:c4:71:db:7d:9a:
2a:d4:fc:2d:da:ce:20:de:2c:c6:ef:4f:8f:3e:25:a5:a5:e4:
c1:94:01:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJpQvCNBSiftACo88PXLyGI3nVbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDZaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MDBhNzBiMDI4Njc5MDQ5OWMzNDEzZjNjNTk4YjkxNDRjYmQyNzYyZDVm
ZmUyZGU5MDlkZDk1MmYxOGNkMGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ31j4yBAs+YbOooTE9SROHMUQhvshGT4sYmMXReUwwgfe1xnwIzrNnFTPYI
Vh66RpYlrWT7Y48HKuWmr72DgKmx1axCa7ps+LkNgpa7JxCHMC6sltN8dBAxNqPd
Bnu7/EIm+5ZYXyujnZYgNgrSVpyD8X3qe4XQvS3S5SOP1uER9itLVVuevV+rbmht
TbKPHQikb9KAOxUlKwipGKF42sWg06htJQ6L0UjAvFb8l/JzqIsr8ievYQq1lvua
8N3c9wQ7t6/sJwRqXZcttw2/glsO4g6FwYCBTQXxsS0fK9JeBFKuOw2CEi+KNtOT
Vb+HsLXaxp2NtabHTH6LBA9s160CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQBWLdY
JktM3Db2dZ3KTI3iZRqndjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQAxmjMJ/WRhJWAty9RqFE88sTdwJ+KdoW3MFpEF9mg+
tBSrGCALYjgMo2WYVhGzub8HGcCSpjeFmMJQTE7S332MhUUFRCBxaQBXoeQWWU6D
7xkf396XNd8UOGWUZ4ZBgFIuisj7l+6KFEQXhEccgbt/OFbW5+60h7pnIzWn3/PN
/OQyUxBooYu/dPkAQJ3M6CwWdzSRhXMuXTtkcGLUd1pA01iyEOmQlX2SZDza5yIW
gyYMRaoi8ffgNdwEj+N1tf4C8r/RDUX0zLwTzb1ke0nJYUpSW06Kg8BFc04GQPZ1
dDIQIteCxHHbfZoq1Pwt2s4g3izG70+PPiWlpeTBlAEh
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:33:26 2025 by rpki-client