Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: L0Ll18qpNkIVM4XL6Qht4tAZm7xIIKsYigdHF15w3to=
Subject key identifier: 30:AF:04:E5:25:0A:41:CD:97:BC:30:D2:FA:F7:07:1A:CD:C9:1C:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 410529AF30517AF90C76A859048D3DBBC092F6EB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Mon 14 Jul 2025 15:40:19 +0000
ROA not before: Mon 14 Jul 2025 15:40:19 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:05:29:af:30:51:7a:f9:0c:76:a8:59:04:8d:3d:bb:c0:92:f6:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:19 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=1f2d15e4c8e4a7b60cfb28ee99b16319941eaf81fa3067528bd471d782f2689c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ea:ec:a1:0f:9d:6c:3a:66:62:79:60:1c:57:
6c:3e:91:02:f4:48:20:c8:cd:09:76:bb:b6:02:ef:
91:6a:ea:1e:b3:24:5b:7b:44:95:ef:3b:50:b0:8b:
05:bc:f1:d2:91:f8:4a:a6:f9:b5:8e:16:49:44:0c:
89:cb:97:7f:bb:29:f3:1b:1f:a5:0d:09:f8:e4:b4:
cb:0d:b1:74:8b:e8:34:89:0f:e6:8d:3a:33:fd:ff:
be:60:5a:ac:3e:1b:ae:f6:e5:f8:01:b9:c7:dd:9a:
c4:92:ba:88:ec:59:81:d3:59:42:f0:99:c3:a4:40:
15:10:d6:bd:5f:c0:4e:71:9a:e4:24:f2:54:ee:d2:
e2:d2:e0:80:c2:7d:d3:14:a5:8d:2b:e4:df:7a:81:
bf:7d:62:10:02:52:01:65:22:ad:4f:ab:26:d5:c7:
47:50:41:81:84:70:9d:a3:a8:ee:bf:6b:74:78:25:
bd:73:7d:b4:12:86:98:c5:35:5d:04:2d:03:d2:bc:
56:f3:dd:0f:f7:7d:62:59:78:64:f6:7d:a4:6f:01:
da:66:b0:69:5c:84:8f:ed:05:d5:b0:88:96:25:9c:
17:55:d0:ad:29:77:c4:85:3b:ce:27:8a:dc:62:06:
b5:05:01:3f:0e:02:62:64:e1:4f:71:30:0f:9c:91:
10:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AF:04:E5:25:0A:41:CD:97:BC:30:D2:FA:F7:07:1A:CD:C9:1C:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:4d:0b:fd:a8:77:eb:55:dd:4e:42:48:ce:f4:c0:31:4f:ae:
50:b9:9c:ca:78:52:80:d2:0d:70:77:e9:76:32:97:4c:a6:35:
b5:49:17:f8:f0:05:8c:22:32:96:21:63:f6:46:60:83:37:4d:
85:60:19:0e:24:be:14:04:ab:08:bc:6e:8f:c9:d5:92:47:1e:
dd:db:b2:84:1c:b5:8d:a0:0d:d4:b5:db:da:58:53:48:32:a4:
a4:a2:c3:06:46:25:fb:2d:ce:4b:44:58:fe:36:77:88:b7:77:
c0:90:0b:f5:6c:5b:78:ff:4d:36:6a:79:9f:07:74:70:22:11:
31:ab:9f:ab:cb:47:03:cb:87:5c:89:93:0c:3c:bd:76:60:ba:
c3:0d:71:d3:d6:b7:bd:ea:c9:e1:e7:81:fd:e0:06:d7:ed:03:
6e:3a:87:93:b2:b0:b8:8b:7b:77:2d:79:78:61:ed:1f:03:51:
79:fd:88:d4:c6:43:45:d3:34:9c:08:f6:a2:70:e4:71:be:f0:
b5:7b:db:ba:d5:ca:a1:ac:9c:2a:82:e3:bd:5b:5b:90:92:64:
53:3a:68:f7:d8:b7:1f:eb:e8:b1:2b:79:79:d4:4b:bf:b7:c3:
8d:34:4e:6f:3e:09:ed:ad:db:c9:8c:75:43:07:68:c8:15:9a:
c9:0b:0e:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQQUprzBRevkMdqhZBI09u8CS9uswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMTlaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmMmQxNWU0YzhlNGE3YjYwY2ZiMjhlZTk5YjE2MzE5OTQxZWFmODFmYTMw
Njc1MjhiZDQ3MWQ3ODJmMjY4OWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/q7KEPnWw6ZmJ5YBxXbD6RAvRIIMjNCXa7tgLvkWrqHrMkW3tEle87ULCL
Bbzx0pH4Sqb5tY4WSUQMicuXf7sp8xsfpQ0J+OS0yw2xdIvoNIkP5o06M/3/vmBa
rD4brvbl+AG5x92axJK6iOxZgdNZQvCZw6RAFRDWvV/ATnGa5CTyVO7S4tLggMJ9
0xSljSvk33qBv31iEAJSAWUirU+rJtXHR1BBgYRwnaOo7r9rdHglvXN9tBKGmMU1
XQQtA9K8VvPdD/d9Yll4ZPZ9pG8B2mawaVyEj+0F1bCIliWcF1XQrSl3xIU7zieK
3GIGtQUBPw4CYmThT3EwD5yREN0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQwrwTl
JQpBzZe8MNL69wcazckcGTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQC9TQv9qHfrVd1OQkjO9MAxT65QuZzKeFKA0g1wd+l2
MpdMpjW1SRf48AWMIjKWIWP2RmCDN02FYBkOJL4UBKsIvG6PydWSRx7d27KEHLWN
oA3UtdvaWFNIMqSkosMGRiX7Lc5LRFj+NneIt3fAkAv1bFt4/002anmfB3RwIhEx
q5+ry0cDy4dciZMMPL12YLrDDXHT1re96snh54H94AbX7QNuOoeTsrC4i3t3LXl4
Ye0fA1F5/YjUxkNF0zScCPaicORxvvC1e9u61cqhrJwqguO9W1uQkmRTOmj32Lcf
6+ixK3l51Eu/t8ONNE5vPgntrdvJjHVDB2jIFZrJCw6i
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:05 2025 by rpki-client