Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
File: cf5e86ef-0733-4056-8b1b-683470ef90f1.roa (raw, json)
Hash identifier: ZqL6kQotI7Hd5RN8zmH9i+fpJjtx2E2aUtCMBflh6Gk=
Subject key identifier: 93:17:7A:BA:6A:49:AB:80:3A:A7:0E:5C:42:C6:4E:CE:76:D6:E9:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 413D2FA937891EF880810A906DD11722FDEBB2A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
Signing time: Mon 14 Jul 2025 15:30:43 +0000
ROA not before: Mon 14 Jul 2025 15:30:43 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:3d:2f:a9:37:89:1e:f8:80:81:0a:90:6d:d1:17:22:fd:eb:b2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:43 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=0992a7c35beb507f86f342a94f100b65fb4d95c667cffb8872c7040c40a66dc6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:18:2f:a8:0d:f9:80:49:a2:ef:d3:3b:94:de:
a9:22:87:67:53:5d:7f:d0:1c:d1:6a:e6:d9:10:59:
0a:40:0d:ad:4b:1c:f5:05:4f:0e:f6:03:46:a3:60:
ca:9c:c5:73:27:81:7f:8d:f7:72:65:d9:93:a3:5b:
cc:43:42:ac:68:ed:4e:76:82:0d:88:0e:23:ea:9a:
5d:a0:fa:1e:98:ad:f4:20:c4:a2:bb:81:07:55:c8:
7a:71:0a:a7:38:9b:53:19:7e:e3:5a:9c:9e:e7:4a:
0e:63:ec:75:c1:18:8a:f1:06:ea:dd:80:3a:f0:e0:
81:90:89:ce:57:31:18:1d:21:a9:78:30:01:08:44:
6a:3a:e4:fb:49:09:29:f8:1b:21:67:ad:dc:6c:2d:
6f:ba:3c:e5:91:ac:9d:fa:cd:33:14:ac:41:29:27:
8d:f2:81:f0:c7:aa:2e:08:64:35:e4:09:d6:83:23:
96:2e:6d:e5:5c:db:dc:be:79:2c:5e:b2:e7:86:a7:
78:83:2b:4b:e1:b0:72:b4:70:6c:1a:3f:b7:2b:df:
6a:1d:95:4b:9c:02:ee:f3:29:da:90:be:0e:73:02:
f5:7b:91:63:69:22:2e:bf:13:9b:62:b1:0d:7b:55:
6e:4d:bc:6a:09:97:fc:90:68:fa:df:2f:fc:1d:21:
20:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:17:7A:BA:6A:49:AB:80:3A:A7:0E:5C:42:C6:4E:CE:76:D6:E9:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:44:f6:d4:c7:06:f4:ec:6b:07:3e:88:c0:cc:94:c4:46:31:
d8:17:f3:5d:e3:82:d5:d2:e0:7b:e2:15:92:94:38:e0:28:1a:
40:90:d8:05:31:b7:c1:c9:85:1e:67:80:fc:93:a0:a4:f2:a5:
78:61:b8:c5:7d:3b:f6:3e:91:a9:c0:24:cf:3f:53:c8:d0:91:
d0:6f:fd:62:1a:f4:b5:3f:d9:4f:44:d5:1e:d5:74:3c:4b:07:
bb:1b:10:b3:4a:69:98:ec:d3:ed:30:9a:df:63:61:40:6d:ee:
fe:18:05:60:75:57:12:65:5a:95:aa:a0:09:fa:2f:23:59:15:
10:2e:84:45:f2:78:58:5b:61:86:77:dd:db:1a:d3:a4:53:db:
67:84:14:c0:49:6e:e4:0e:35:5d:87:e9:f0:02:52:e7:9d:24:
ef:32:e0:a0:62:36:f7:53:9e:2a:ec:b7:45:19:81:7f:80:7d:
86:ef:a8:6a:bc:eb:52:05:48:62:f2:01:a7:0a:91:f3:7b:71:
0b:ff:da:b3:b7:0b:6a:c8:5c:db:25:37:ac:87:b1:ec:cd:a9:
36:88:97:69:79:8f:99:df:44:a9:69:5f:ff:eb:be:7e:35:a3:
18:bf:48:21:84:e1:f4:70:c0:8f:e6:ac:1e:97:d9:f4:c5:78:
53:88:a1:72
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQT0vqTeJHviAgQqQbdEXIv3rsqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwNDNaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5OTJhN2MzNWJlYjUwN2Y4NmYzNDJhOTRmMTAwYjY1ZmI0ZDk1YzY2N2Nm
ZmI4ODcyYzcwNDBjNDBhNjZkYzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwYL6gN+YBJou/TO5TeqSKHZ1Ndf9Ac0Wrm2RBZCkANrUsc9QVPDvYDRqNg
ypzFcyeBf433cmXZk6NbzENCrGjtTnaCDYgOI+qaXaD6Hpit9CDEoruBB1XIenEK
pzibUxl+41qcnudKDmPsdcEYivEG6t2AOvDggZCJzlcxGB0hqXgwAQhEajrk+0kJ
KfgbIWet3Gwtb7o85ZGsnfrNMxSsQSknjfKB8MeqLghkNeQJ1oMjli5t5Vzb3L55
LF6y54aneIMrS+GwcrRwbBo/tyvfah2VS5wC7vMp2pC+DnMC9XuRY2kiLr8Tm2Kx
DXtVbk28agmX/JBo+t8v/B0hIMsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSTF3q6
akmrgDqnDlxCxk7OdtbpLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1ZTg2ZWYtMDczMy00MDU2LThiMWItNjgzNDcwZWY5MGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAbkT21McG9OxrBz6IwMyUxEYx2BfzXeOC1dLge+IV
kpQ44CgaQJDYBTG3wcmFHmeA/JOgpPKleGG4xX079j6RqcAkzz9TyNCR0G/9Yhr0
tT/ZT0TVHtV0PEsHuxsQs0ppmOzT7TCa32NhQG3u/hgFYHVXEmValaqgCfovI1kV
EC6ERfJ4WFthhnfd2xrTpFPbZ4QUwElu5A41XYfp8AJS550k7zLgoGI291OeKuy3
RRmBf4B9hu+oarzrUgVIYvIBpwqR83txC//as7cLashc2yU3rIex7M2pNoiXaXmP
md9EqWlf/+u+fjWjGL9IIYTh9HDAj+asHpfZ9MV4U4ihcg==
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:19:33 2025 by rpki-client