
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: qYRyCyvFLIxTuyfZEyk4H7GbZ/RFgyt6Lb+R0wcPs6M=
Subject key identifier: 3B:6D:E0:B3:75:A5:1A:C1:5A:E8:2B:71:43:E6:9F:8D:A1:DD:16:35
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E04D5B4503312D7CFABE369F3E2926DA5EF25F8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Mon 14 Jul 2025 15:40:13 +0000
ROA not before: Mon 14 Jul 2025 15:40:13 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:04:d5:b4:50:33:12:d7:cf:ab:e3:69:f3:e2:92:6d:a5:ef:25:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:13 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=7be5c2e0aa6e8c773d05b2ca21232ba51e8ab460990cd2331911f3fa6bc323c4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d5:1c:ed:d3:c1:96:9c:cb:b2:e3:5a:d0:5b:
7c:d4:85:04:a9:39:19:a4:8d:20:30:15:78:33:ed:
8d:39:92:3f:43:f7:f7:dd:92:f1:3c:7e:b7:60:ce:
35:c0:45:0f:90:71:81:6d:3b:15:81:dc:c3:04:b9:
0a:15:ab:43:bb:e8:01:e5:a1:f6:0f:0a:a0:7a:99:
02:79:23:6d:b5:f6:22:8c:26:22:8e:cd:fd:2f:cf:
8a:d9:72:d8:9d:4f:60:f0:26:70:2c:9b:a8:63:e8:
24:21:71:b4:de:21:5c:1e:85:96:ef:38:c7:3a:1d:
dd:50:04:97:66:7b:b0:d9:a5:94:04:5d:08:c8:7f:
ad:20:4d:26:2e:94:19:ec:78:e2:b5:c9:be:04:18:
4e:40:bf:10:48:17:3c:7b:09:44:b7:a6:d6:92:ef:
f1:ad:13:32:50:fe:b6:1a:5a:11:05:a2:10:ec:a8:
7b:db:7a:b0:41:ee:38:5a:e5:45:4b:04:72:43:6e:
a4:36:e8:e3:7e:41:da:10:ca:aa:33:94:85:75:e4:
15:f8:2b:98:9d:51:ab:f8:51:fc:22:7d:a4:35:c4:
60:f7:87:0c:68:a8:07:20:50:54:12:e6:f1:11:c5:
27:1a:03:be:5e:eb:d3:b9:ba:43:dc:70:d4:b9:be:
6a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6D:E0:B3:75:A5:1A:C1:5A:E8:2B:71:43:E6:9F:8D:A1:DD:16:35
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
c7:98:88:1e:b4:f6:09:c6:a3:25:23:e8:80:6d:aa:89:68:09:
6d:5f:5a:36:d7:2f:17:ab:3e:76:50:77:7f:10:e3:4d:a0:4a:
f4:70:c4:8b:11:55:89:de:09:eb:34:f9:b5:82:76:8f:e1:28:
65:11:78:fb:86:22:27:44:86:c4:72:f7:bd:e7:22:ee:c2:b9:
af:8e:ab:ef:b9:3b:04:4d:f8:dd:34:54:6d:28:73:82:e5:46:
4d:8b:a3:da:dd:70:47:7a:01:7a:8f:84:15:81:68:84:33:58:
fa:2e:e5:ac:73:85:cd:5a:9e:af:42:7e:20:97:ad:e1:e5:47:
6b:39:11:f3:f6:62:1e:bd:1e:4a:7e:37:65:a1:d8:76:fd:b8:
7c:40:aa:8c:8d:04:c4:2b:2b:5e:1b:6b:4a:4b:80:c4:3d:a8:
95:e0:be:cd:bb:ef:69:e3:51:af:95:a5:de:8e:5c:db:26:14:
91:6a:3b:d1:ba:84:95:ed:3a:db:dc:a2:68:80:65:03:51:9b:
57:5c:0d:c7:e9:e7:19:ff:dc:94:aa:92:9b:d9:25:d4:e6:79:
66:9f:a5:63:2b:1d:94:1a:5c:c4:7e:a2:d4:18:57:18:fa:b1:
95:bf:46:80:f8:80:ee:9e:89:85:e4:fb:48:2d:97:15:bb:df:
4b:1e:52:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXgTVtFAzEtfPq+Np8+KSbaXvJfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMTNaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiZTVjMmUwYWE2ZThjNzczZDA1YjJjYTIxMjMyYmE1MWU4YWI0NjA5OTBj
ZDIzMzE5MTFmM2ZhNmJjMzIzYzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnVHO3TwZacy7LjWtBbfNSFBKk5GaSNIDAVeDPtjTmSP0P3992S8Tx+t2DO
NcBFD5BxgW07FYHcwwS5ChWrQ7voAeWh9g8KoHqZAnkjbbX2IowmIo7N/S/Pitly
2J1PYPAmcCybqGPoJCFxtN4hXB6Flu84xzod3VAEl2Z7sNmllARdCMh/rSBNJi6U
Gex44rXJvgQYTkC/EEgXPHsJRLem1pLv8a0TMlD+thpaEQWiEOyoe9t6sEHuOFrl
RUsEckNupDbo435B2hDKqjOUhXXkFfgrmJ1Rq/hR/CJ9pDXEYPeHDGioByBQVBLm
8RHFJxoDvl7r07m6Q9xw1Lm+agMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ7beCz
daUawVroK3FD5p+Nod0WNTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQDHmIgetPYJxqMlI+iAbaqJaAltX1o21y8Xqz52UHd/
EONNoEr0cMSLEVWJ3gnrNPm1gnaP4ShlEXj7hiInRIbEcve95yLuwrmvjqvvuTsE
TfjdNFRtKHOC5UZNi6Pa3XBHegF6j4QVgWiEM1j6LuWsc4XNWp6vQn4gl63h5Udr
ORHz9mIevR5Kfjdlodh2/bh8QKqMjQTEKyteG2tKS4DEPaiV4L7Nu+9p41GvlaXe
jlzbJhSRajvRuoSV7Trb3KJogGUDUZtXXA3H6ecZ/9yUqpKb2SXU5nlmn6VjKx2U
GlzEfqLUGFcY+rGVv0aA+IDunomF5PtILZcVu99LHlLR
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:19 2025 by rpki-client