
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: lXhIsmylWD6mcApaSaOeEyReKe3S7NN+71Xahv8ci8M=
Subject key identifier: C6:1A:74:FC:59:4A:34:83:97:F6:26:4A:30:7E:04:15:FC:D9:BD:58
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15A97ADB4A8C22B02EA88F51D7BF4C98AEE49BE2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Fri 11 Jul 2025 21:01:07 +0000
ROA not before: Fri 11 Jul 2025 21:01:07 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:a9:7a:db:4a:8c:22:b0:2e:a8:8f:51:d7:bf:4c:98:ae:e4:9b:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:07 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6ed6c0cef02be06814334fd672912561f6d152753693956d2b9658500be25d48, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a7:7c:58:4b:0a:8b:85:97:08:ab:85:01:69:
16:30:31:bd:60:0f:aa:9c:e6:f2:c0:d6:0e:a9:a7:
af:a1:bc:e4:7e:26:60:b7:32:fc:48:77:e2:f6:a7:
a1:be:12:ab:b0:c2:84:20:7e:29:49:7d:50:29:f7:
2b:94:4e:ed:e8:b6:39:0c:63:12:86:6b:e0:9a:23:
ec:95:8c:bc:be:5c:78:e4:ac:6e:0f:cb:89:23:2f:
d9:c6:aa:ce:25:9e:c5:11:ea:bc:6c:26:51:7a:7e:
aa:10:ce:2d:fd:9a:a8:88:3e:eb:cb:02:cb:b4:a0:
1e:35:5b:b5:b1:08:45:77:62:67:59:7a:47:dc:7f:
18:3e:53:c1:3f:12:10:ea:25:b3:3a:5b:16:3e:d9:
61:af:f9:fc:b8:ec:7e:5d:ec:8e:90:77:02:6a:ac:
42:1d:64:10:aa:41:52:02:3e:2a:94:89:63:bf:c3:
3c:6a:86:ef:a0:5d:94:be:bf:af:7b:10:d5:41:01:
61:4e:c3:b0:3d:5e:9a:52:cd:2e:19:cb:d5:75:35:
41:8c:b2:ea:cc:75:6c:09:75:4e:ac:ad:31:ee:86:
07:31:bc:43:ba:8c:03:e4:c5:31:57:f5:a2:42:fb:
c5:69:37:e7:40:82:7b:f2:d3:c6:6a:58:85:b1:25:
80:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1A:74:FC:59:4A:34:83:97:F6:26:4A:30:7E:04:15:FC:D9:BD:58
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
94:9c:d5:d5:82:cc:e6:3f:ec:21:5e:74:b5:bc:46:78:e3:31:
4f:db:bc:45:20:76:58:6a:6b:18:4b:33:86:31:79:e8:0e:bb:
01:ed:8e:e9:07:ce:d7:ac:8f:8e:70:0c:41:7c:c4:6e:75:7d:
79:00:16:54:62:66:a9:81:69:f7:b7:8d:e2:86:2d:19:4c:02:
24:b7:58:9a:14:aa:35:3a:e4:11:27:bc:0b:7a:cd:e4:87:79:
19:f9:ad:65:75:63:e6:31:77:17:64:33:3f:e0:22:6e:65:e4:
16:48:84:fa:bc:af:3b:3c:68:99:d9:33:54:e9:37:cf:d6:5e:
b7:7d:78:74:8a:18:b4:66:57:b1:52:f6:d1:f3:f1:22:88:22:
80:b4:ac:20:da:ad:be:7a:81:07:1b:29:7b:11:d4:84:d9:0f:
ee:44:17:da:d0:72:60:66:29:ba:05:6a:cb:a3:df:83:56:82:
c3:f3:f3:91:9e:d7:93:08:b9:df:5e:f6:ef:bd:ca:25:b1:a5:
da:c2:45:8c:6b:06:47:0d:6a:b0:bd:9c:67:8b:88:7c:80:a4:
99:07:d6:fd:df:e2:b5:8a:66:52:79:50:6e:4f:f9:7e:98:af:
9d:8c:cd:2a:7a:20:98:1d:ac:0c:01:78:b3:ba:83:4d:3f:f8:
11:7c:44:3c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFal620qMIrAuqI9R179MmK7km+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlZDZjMGNlZjAyYmUwNjgxNDMzNGZkNjcyOTEyNTYxZjZkMTUyNzUzNjkz
OTU2ZDJiOTY1ODUwMGJlMjVkNDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGnfFhLCouFlwirhQFpFjAxvWAPqpzm8sDWDqmnr6G85H4mYLcy/Eh34van
ob4Sq7DChCB+KUl9UCn3K5RO7ei2OQxjEoZr4Joj7JWMvL5ceOSsbg/LiSMv2caq
ziWexRHqvGwmUXp+qhDOLf2aqIg+68sCy7SgHjVbtbEIRXdiZ1l6R9x/GD5TwT8S
EOolszpbFj7ZYa/5/Ljsfl3sjpB3AmqsQh1kEKpBUgI+KpSJY7/DPGqG76BdlL6/
r3sQ1UEBYU7DsD1emlLNLhnL1XU1QYyy6sx1bAl1TqytMe6GBzG8Q7qMA+TFMVf1
okL7xWk350CCe/LTxmpYhbElgEUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTGGnT8
WUo0g5f2JkowfgQV/Nm9WDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQCUnNXVgszmP+whXnS1vEZ44zFP27xFIHZYamsYSzOG
MXnoDrsB7Y7pB87XrI+OcAxBfMRudX15ABZUYmapgWn3t43ihi0ZTAIkt1iaFKo1
OuQRJ7wLes3kh3kZ+a1ldWPmMXcXZDM/4CJuZeQWSIT6vK87PGiZ2TNU6TfP1l63
fXh0ihi0ZlexUvbR8/EiiCKAtKwg2q2+eoEHGyl7EdSE2Q/uRBfa0HJgZim6BWrL
o9+DVoLD8/ORnteTCLnfXvbvvcolsaXawkWMawZHDWqwvZxni4h8gKSZB9b93+K1
imZSeVBuT/l+mK+djM0qeiCYHawMAXizuoNNP/gRfEQ8
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:45:21 2025 by rpki-client