Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: tAJxiN1DjWDN+TrbpsUfvRBdGJFNsW6fy+JgVMKZGGI=
Subject key identifier: 04:65:CE:58:90:88:97:E5:D9:6A:25:A7:18:F2:F5:88:A3:ED:72:FF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76468C767AB6429E72C8DC17E5CD4E30E60EB27D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Fri 11 Jul 2025 21:00:09 +0000
ROA not before: Fri 11 Jul 2025 21:00:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:46:8c:76:7a:b6:42:9e:72:c8:dc:17:e5:cd:4e:30:e6:0e:b2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8ab26302d5b0fa5f0a960a8f9c345a720cfcc8c388b42ec00f6141877e8a3643, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:12:fc:4c:dc:e6:b1:c3:9e:85:d1:81:d2:ef:
2e:a8:cd:d1:c8:76:5f:cb:8e:01:b7:4d:ed:50:19:
a1:82:6d:6f:3b:2c:b2:ac:99:fc:95:98:d4:1c:db:
c2:98:6b:ec:41:cf:31:1d:83:d2:39:4c:b6:e5:fb:
e4:da:37:42:60:d0:23:3e:28:9a:9c:09:4c:0e:81:
d1:a3:ae:ab:ab:95:04:14:48:5a:60:e7:7b:f5:ed:
9d:e3:64:4e:b9:16:79:b6:f7:b9:48:a2:97:f0:48:
96:ae:1e:11:d8:8b:03:9d:eb:97:78:e3:af:43:58:
86:f0:57:8d:5b:a9:7b:6f:6c:c1:b2:e8:be:62:a7:
7f:39:26:0a:0b:4f:3c:d5:5c:49:f7:5f:5a:48:8c:
3e:a6:24:b5:8d:e0:cf:04:04:a0:62:3e:55:de:40:
9a:95:ec:8d:77:1a:79:27:8e:eb:3e:4f:9a:8a:39:
d5:1a:77:3e:cc:fb:4b:5f:7a:c1:c3:e7:76:1d:3c:
88:23:15:a2:b9:c8:d2:44:4e:bb:e7:3e:81:07:0a:
15:04:b3:b0:3b:89:03:fe:9f:20:d7:e5:67:40:3b:
3d:86:bb:7d:7f:38:17:03:60:30:13:c7:e0:4e:db:
a4:ea:ee:e8:f4:36:9a:45:26:9b:f5:12:52:46:35:
8f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:65:CE:58:90:88:97:E5:D9:6A:25:A7:18:F2:F5:88:A3:ED:72:FF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:b0:b2:37:2e:17:35:72:75:65:95:2a:fc:1b:1a:67:7e:9c:
ea:34:78:0e:9d:74:6d:2b:0d:e9:1a:54:f3:a9:1b:63:5f:99:
d9:fd:1b:22:84:5d:d8:20:55:4c:2a:9b:b8:e5:2d:71:c1:ca:
8d:00:4e:7c:17:3e:24:34:28:1c:e1:88:af:84:44:9e:2a:91:
1c:92:86:fc:a8:f0:52:c1:0a:3b:15:1f:76:e6:8f:af:f6:c0:
9f:03:bf:27:0e:b0:f7:fb:9c:1c:c5:16:a5:7c:82:4c:a7:ea:
4d:3a:40:32:31:6a:5d:eb:c6:04:fa:65:bb:07:a0:f1:7e:ff:
e8:ab:d3:8c:a8:81:0a:23:4e:f0:fa:1d:a6:43:c5:c2:a1:3b:
ad:52:4d:02:89:30:d4:1c:21:b2:17:f1:ac:79:42:cf:c9:bb:
ad:1b:31:44:39:68:91:55:5e:90:54:af:d0:f0:f9:80:e2:84:
32:81:0f:e6:16:36:b5:bd:a0:de:6a:03:c8:63:ce:d3:0d:5e:
6d:b3:11:e8:92:40:e0:94:aa:76:23:01:a9:26:d8:cd:78:c6:
1a:d7:d8:98:bb:57:85:81:da:25:76:d9:8f:08:d1:65:05:a7:
d5:d0:a3:8f:39:81:f4:a7:85:66:a1:1f:b1:2e:77:a5:62:70:
dd:5f:9c:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdkaMdnq2Qp5yyNwX5c1OMOYOsn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhYjI2MzAyZDViMGZhNWYwYTk2MGE4ZjljMzQ1YTcyMGNmY2M4YzM4OGI0
MmVjMDBmNjE0MTg3N2U4YTM2NDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMS/Ezc5rHDnoXRgdLvLqjN0ch2X8uOAbdN7VAZoYJtbzsssqyZ/JWY1Bzb
wphr7EHPMR2D0jlMtuX75No3QmDQIz4ompwJTA6B0aOuq6uVBBRIWmDne/XtneNk
TrkWebb3uUiil/BIlq4eEdiLA53rl3jjr0NYhvBXjVupe29swbLovmKnfzkmCgtP
PNVcSfdfWkiMPqYktY3gzwQEoGI+Vd5AmpXsjXcaeSeO6z5Pmoo51Rp3Psz7S196
wcPndh08iCMVornI0kROu+c+gQcKFQSzsDuJA/6fINflZ0A7PYa7fX84FwNgMBPH
4E7bpOru6PQ2mkUmm/USUkY1j5MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQEZc5Y
kIiX5dlqJacY8vWIo+1y/zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBCsLI3Lhc1cnVllSr8GxpnfpzqNHgOnXRtKw3pGlTz
qRtjX5nZ/RsihF3YIFVMKpu45S1xwcqNAE58Fz4kNCgc4YivhESeKpEckob8qPBS
wQo7FR925o+v9sCfA78nDrD3+5wcxRalfIJMp+pNOkAyMWpd68YE+mW7B6Dxfv/o
q9OMqIEKI07w+h2mQ8XCoTutUk0CiTDUHCGyF/GseULPybutGzFEOWiRVV6QVK/Q
8PmA4oQygQ/mFja1vaDeagPIY87TDV5tsxHokkDglKp2IwGpJtjNeMYa19iYu1eF
gdoldtmPCNFlBafV0KOPOYH0p4VmoR+xLnelYnDdX5yj
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:26 2025 by rpki-client