Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: NGDRhrEyACMtCRRWHpPzkF7g0+6iFonJbo+Us5SSE3o=
Subject key identifier: 16:38:2C:8B:CE:46:AF:14:76:7A:E6:C0:1C:05:FF:B3:FF:C9:7D:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 294D73DAA597B4670D9D9937BFBB5BFD54C90E96
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Fri 11 Jul 2025 21:01:10 +0000
ROA not before: Fri 11 Jul 2025 21:01:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:4d:73:da:a5:97:b4:67:0d:9d:99:37:bf:bb:5b:fd:54:c9:0e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=f7b7ce7f720a7cb8aa121c00347f8712304faf54299b14630c22724623930719, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0e:89:45:47:e9:d8:cb:02:6a:54:d2:4a:8f:
d7:ad:2c:32:b5:b5:15:dc:e2:f7:32:4b:89:c4:7b:
2c:16:b1:c6:a5:83:64:81:e1:79:5a:5c:ee:d7:e5:
dc:60:ad:86:76:76:f9:09:47:3d:e6:96:2a:dc:9d:
1f:b0:2d:17:b4:dd:f1:be:7c:1e:e4:74:36:66:9b:
8c:8c:f7:9b:39:4b:fd:91:a9:0d:59:76:59:69:b0:
5f:a9:96:09:e4:bf:bc:d5:f3:6f:dd:1b:23:85:b4:
04:81:bf:fc:59:17:d0:43:63:fe:85:16:67:11:8e:
ae:3d:c3:7c:d1:e1:21:2a:fc:78:a2:d0:64:22:99:
27:98:84:c1:71:b8:6f:b3:f9:14:80:43:8b:f9:7f:
4f:6d:68:c3:e3:59:58:21:c4:97:30:84:24:ce:3a:
89:24:7f:ad:bc:e4:e9:bb:b2:50:17:cb:82:de:48:
c7:76:41:0c:c8:50:7e:67:45:8a:b0:8f:e2:bc:b0:
3b:4c:fb:ba:01:e3:70:8b:48:74:f0:2b:e6:ec:60:
12:f3:06:66:b5:4b:5f:2f:6e:c1:d0:96:57:3c:7c:
eb:38:34:6a:1b:58:c0:35:f9:de:8e:8d:85:3a:bf:
9c:51:b5:48:90:4e:5f:19:51:a9:e5:c2:d8:70:9a:
55:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:38:2C:8B:CE:46:AF:14:76:7A:E6:C0:1C:05:FF:B3:FF:C9:7D:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5f:c1:75:56:38:71:f8:3f:e5:08:42:d9:f8:9d:92:44:65:fe:
4c:2a:b0:b8:15:a0:ce:aa:4f:a9:23:d3:bb:af:e1:75:7d:b9:
b9:a2:f6:bb:00:67:c6:5a:1c:3c:d7:45:03:f6:6a:aa:86:af:
a8:16:37:c6:ba:64:f9:c0:92:5b:d4:03:26:8d:e9:45:fa:37:
e4:e9:84:9d:16:37:bc:f9:63:d6:5d:a9:6b:7c:91:59:11:36:
88:4e:a4:42:38:53:dd:03:98:d8:da:b5:f8:fd:ea:f5:0c:c4:
f0:aa:94:9c:bd:f9:2d:01:1d:c8:7b:6e:09:65:cb:2f:fd:8b:
35:40:b5:30:b3:93:91:4f:b4:ff:88:3d:87:5c:72:43:55:20:
91:29:84:df:c7:e3:66:5c:18:8d:49:6f:f9:6a:32:cb:38:5f:
f0:a2:0a:e0:b4:a4:95:a9:6c:4d:5d:cb:97:43:18:20:33:e1:
3f:ce:5f:d7:c2:68:1d:32:a2:34:4c:ee:48:83:f3:2e:38:2b:
e6:e4:8a:a0:dc:88:9b:df:fb:a1:14:47:f8:7e:ad:18:01:f9:
8d:70:ba:0b:22:db:b0:8a:fc:80:7c:af:b2:9b:ba:bb:71:00:
a7:5c:a0:24:17:85:85:11:f8:cd:20:a3:68:0d:15:86:57:60:
00:8e:ed:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKU1z2qWXtGcNnZk3v7tb/VTJDpYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3YjdjZTdmNzIwYTdjYjhhYTEyMWMwMDM0N2Y4NzEyMzA0ZmFmNTQyOTli
MTQ2MzBjMjI3MjQ2MjM5MzA3MTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUOiUVH6djLAmpU0kqP160sMrW1Fdzi9zJLicR7LBaxxqWDZIHheVpc7tfl
3GCthnZ2+QlHPeaWKtydH7AtF7Td8b58HuR0NmabjIz3mzlL/ZGpDVl2WWmwX6mW
CeS/vNXzb90bI4W0BIG//FkX0ENj/oUWZxGOrj3DfNHhISr8eKLQZCKZJ5iEwXG4
b7P5FIBDi/l/T21ow+NZWCHElzCEJM46iSR/rbzk6buyUBfLgt5Ix3ZBDMhQfmdF
irCP4rywO0z7ugHjcItIdPAr5uxgEvMGZrVLXy9uwdCWVzx86zg0ahtYwDX53o6N
hTq/nFG1SJBOXxlRqeXC2HCaVTMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQWOCyL
zkavFHZ65sAcBf+z/8l9CTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBfwXVWOHH4P+UIQtn4nZJEZf5MKrC4FaDOqk+pI9O7
r+F1fbm5ova7AGfGWhw810UD9mqqhq+oFjfGumT5wJJb1AMmjelF+jfk6YSdFje8
+WPWXalrfJFZETaITqRCOFPdA5jY2rX4/er1DMTwqpScvfktAR3Ie24JZcsv/Ys1
QLUws5ORT7T/iD2HXHJDVSCRKYTfx+NmXBiNSW/5ajLLOF/wogrgtKSVqWxNXcuX
QxggM+E/zl/XwmgdMqI0TO5Ig/MuOCvm5Iqg3Iib3/uhFEf4fq0YAfmNcLoLItuw
ivyAfK+ym7q7cQCnXKAkF4WFEfjNIKNoDRWGV2AAju3d
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:32:39 2025 by rpki-client