Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: /qhDBTmWeNRq7/1QGJ/drh4pggm0DC1jSJ/pGlCuvIg=
Subject key identifier: 84:29:1F:D5:C4:AA:10:7E:76:F4:0F:DD:13:DC:F3:72:D6:00:AA:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 42FE999798EA067E4640D04435A558DB4D05D029
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Fri 11 Jul 2025 21:01:03 +0000
ROA not before: Fri 11 Jul 2025 21:01:03 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:fe:99:97:98:ea:06:7e:46:40:d0:44:35:a5:58:db:4d:05:d0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:03 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=55dc4a06d7c412db0ef4db5e72241c1fe53f7176a3bd2b785c799893a0ed2c2f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8b:e3:b6:ec:47:5d:ba:4a:7a:96:82:69:a7:
52:b3:df:da:71:ff:ac:68:01:d6:06:d5:29:26:7a:
26:d3:d6:86:e6:58:3f:65:ca:b7:03:35:39:32:0f:
8b:1f:20:22:57:31:ef:85:3d:85:6d:51:ae:5a:bb:
6e:d6:a5:26:fc:4c:d9:93:b3:b4:fb:31:d8:5f:3a:
28:9c:99:02:07:67:4c:26:c7:61:d6:41:19:06:92:
35:f9:39:23:d9:4b:92:5a:0b:ec:81:cb:f5:ec:25:
2b:e9:76:e0:b3:f8:e7:30:01:1a:f3:18:82:dd:e9:
cc:dc:d8:26:5b:17:8c:47:45:cc:ed:b7:7b:f3:ad:
b7:c3:eb:fe:a2:37:78:b5:53:2e:53:c3:1e:c1:50:
04:b1:e3:7b:93:56:e0:5c:cd:7c:2a:d1:b0:9d:e7:
39:60:e0:7b:49:65:f8:41:4f:10:4c:88:9a:1b:c9:
9c:be:d4:19:1c:a5:5d:1b:1a:9f:17:97:f9:dc:4a:
d0:89:8f:e6:a2:a8:26:6d:76:ad:87:fa:db:ec:5b:
d2:74:3a:3f:ca:3b:46:ce:04:27:4b:2f:dd:a8:f6:
89:90:dd:b0:f7:98:bc:94:27:37:3c:01:f5:ad:16:
b3:a7:45:6e:16:98:db:a1:8b:80:53:dc:9c:94:f6:
1c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:29:1F:D5:C4:AA:10:7E:76:F4:0F:DD:13:DC:F3:72:D6:00:AA:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
75:4a:18:17:0c:2b:b3:0e:1d:85:e6:0c:1d:96:b2:6a:7f:53:
32:f7:db:7a:de:68:ad:0e:79:8f:ca:d8:39:ea:5c:be:62:85:
b0:d1:64:6e:28:3f:51:15:03:ae:9e:ee:32:58:05:da:7f:a7:
a4:e6:c8:5f:62:4d:60:31:b6:22:d2:97:03:7a:67:61:5a:6c:
3b:39:d8:2f:02:ba:20:35:ca:27:64:e2:6a:ca:ee:0e:5d:dc:
43:a5:e3:8a:0b:ea:39:79:b3:e5:82:bf:fc:af:31:d3:38:6c:
c7:07:f4:4d:d1:2b:51:4b:2d:0f:1e:9f:be:bb:c9:ce:4f:88:
d4:d5:6c:e0:09:e1:f4:34:2d:b5:cb:9b:3a:67:9d:dc:f8:c3:
3e:ab:ad:bf:e9:48:2a:a9:a2:25:12:81:cd:8e:0b:a2:82:c5:
87:8d:25:8d:e4:e7:0f:f2:7a:44:8b:88:6e:59:bd:7d:f3:4d:
a7:8f:91:74:7f:27:8e:a2:9a:5d:e9:90:17:06:11:ba:64:aa:
36:1a:83:66:29:e4:66:2f:96:2a:43:06:42:61:db:59:a4:51:
29:3b:fb:83:2b:08:44:51:ad:f7:b3:c1:2b:54:06:32:ad:c1:
43:4a:b4:aa:52:32:2e:b0:4b:5d:0c:8c:a2:29:84:50:a6:06:
50:ff:cb:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQv6Zl5jqBn5GQNBENaVY200F0CkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1ZGM0YTA2ZDdjNDEyZGIwZWY0ZGI1ZTcyMjQxYzFmZTUzZjcxNzZhM2Jk
MmI3ODVjNzk5ODkzYTBlZDJjMmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqL47bsR126SnqWgmmnUrPf2nH/rGgB1gbVKSZ6JtPWhuZYP2XKtwM1OTIP
ix8gIlcx74U9hW1Rrlq7btalJvxM2ZOztPsx2F86KJyZAgdnTCbHYdZBGQaSNfk5
I9lLkloL7IHL9ewlK+l24LP45zABGvMYgt3pzNzYJlsXjEdFzO23e/Ott8Pr/qI3
eLVTLlPDHsFQBLHje5NW4FzNfCrRsJ3nOWDge0ll+EFPEEyImhvJnL7UGRylXRsa
nxeX+dxK0ImP5qKoJm12rYf62+xb0nQ6P8o7Rs4EJ0sv3aj2iZDdsPeYvJQnNzwB
9a0Ws6dFbhaY26GLgFPcnJT2HFcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSEKR/V
xKoQfnb0D90T3PNy1gCq/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQB1ShgXDCuzDh2F5gwdlrJqf1My99t63mitDnmPytg5
6ly+YoWw0WRuKD9RFQOunu4yWAXaf6ek5shfYk1gMbYi0pcDemdhWmw7OdgvArog
NconZOJqyu4OXdxDpeOKC+o5ebPlgr/8rzHTOGzHB/RN0StRSy0PHp++u8nOT4jU
1WzgCeH0NC21y5s6Z53c+MM+q62/6UgqqaIlEoHNjguigsWHjSWN5OcP8npEi4hu
Wb19802nj5F0fyeOoppd6ZAXBhG6ZKo2GoNmKeRmL5YqQwZCYdtZpFEpO/uDKwhE
Ua33s8ErVAYyrcFDSrSqUjIusEtdDIyiKYRQpgZQ/8s1
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:28:35 2025 by rpki-client