Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: 3RJPbxRIYPIp8+upVLFZ/TRWx3kzWrjUAYAkt2ci+go=
Subject key identifier: 46:C3:05:66:B8:C6:BF:FC:37:70:97:40:64:F1:17:CC:DB:CC:DB:92
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48A3EEAC5FFC82B96C5FFB01F3A2E95E13C6F260
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Fri 11 Jul 2025 21:00:15 +0000
ROA not before: Fri 11 Jul 2025 21:00:15 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:a3:ee:ac:5f:fc:82:b9:6c:5f:fb:01:f3:a2:e9:5e:13:c6:f2:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:15 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=984f49aa1a1792ea8d96b8443c835c5843339d41822ea052b86bf4e5d12dc05b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bf:d8:a4:b0:ba:bf:63:b0:04:7b:84:a4:db:
23:cd:6e:52:21:08:50:bd:27:9f:99:6d:b4:66:53:
94:ac:49:dd:20:31:56:36:8d:ad:4a:16:4e:71:ba:
5a:31:39:d6:5d:0e:14:d1:4a:24:c6:a2:59:1c:7c:
2a:cc:fa:06:cb:14:a6:a9:4f:91:7f:c1:74:d4:39:
58:23:c4:4b:43:01:7e:e6:18:97:d7:57:7a:3c:6e:
62:99:6a:8d:de:c3:27:da:31:a9:13:4e:66:16:55:
00:3f:07:44:d5:6b:c1:40:33:76:f9:43:bc:99:31:
07:69:6f:2d:7d:ea:97:2d:e4:fe:51:96:f8:55:0c:
0c:be:f3:ed:52:c7:3f:76:64:fd:cc:1c:8c:19:3b:
b5:f2:15:66:f4:ec:75:dc:4d:6f:27:7d:0f:25:81:
27:7a:5d:78:e0:4f:f2:95:3d:7d:c5:30:98:c0:63:
ea:8b:aa:e4:f8:dc:86:72:1a:6d:e6:28:f8:be:7a:
e1:68:44:04:a2:f2:12:a0:a0:33:64:34:20:83:e7:
a4:5f:f6:4d:a1:ec:87:17:d0:6d:47:51:19:b3:f6:
10:97:cf:4b:83:d8:80:f2:3d:54:c1:de:8d:d1:da:
fb:cf:62:bb:6b:21:83:e3:d7:52:74:fc:63:50:85:
0e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C3:05:66:B8:C6:BF:FC:37:70:97:40:64:F1:17:CC:DB:CC:DB:92
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:42:72:fd:47:92:02:d9:c6:b7:b1:3f:a3:82:16:7b:05:7f:
46:57:ae:80:ad:90:c6:0b:fa:7e:21:93:57:68:e6:bd:70:4a:
04:04:a8:7b:3a:55:63:ba:17:6b:48:8e:26:d4:d6:5c:90:0b:
9f:24:02:92:1e:54:c1:ee:2f:2b:e2:df:d8:4f:81:4c:03:c0:
a0:b1:da:e5:f9:c0:83:9f:97:19:63:a7:5c:72:00:79:0d:f1:
14:c9:5b:0f:d7:8e:39:58:90:39:63:2d:c8:cc:64:8a:9e:37:
f9:d7:85:cd:00:e9:a0:64:a0:87:3b:a5:01:4f:c6:ef:86:b2:
f0:b6:1b:02:8f:02:d5:c7:98:4c:11:e8:e8:a9:e8:bb:4d:8d:
32:06:e6:74:be:67:41:01:91:9b:b8:8d:14:95:df:cc:5c:4c:
14:9c:ab:00:d8:a1:16:65:90:12:0f:3f:b2:c9:d4:e1:59:86:
e6:44:f6:d9:54:08:71:da:f9:0c:85:43:72:17:58:e9:47:76:
d9:35:eb:85:69:e3:b6:61:a3:87:f3:06:0b:f9:ca:b2:b6:c5:
eb:8d:8e:15:89:ad:41:53:47:fa:2d:c4:f0:7f:ff:e3:18:c7:
d1:a5:f6:15:70:de:1e:72:a9:1d:c1:f5:51:bb:65:1b:53:a4:
1c:5a:a4:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSKPurF/8grlsX/sB86LpXhPG8mAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4NGY0OWFhMWExNzkyZWE4ZDk2Yjg0NDNjODM1YzU4NDMzMzlkNDE4MjJl
YTA1MmI4NmJmNGU1ZDEyZGMwNWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2/2KSwur9jsAR7hKTbI81uUiEIUL0nn5lttGZTlKxJ3SAxVjaNrUoWTnG6
WjE51l0OFNFKJMaiWRx8Ksz6BssUpqlPkX/BdNQ5WCPES0MBfuYYl9dXejxuYplq
jd7DJ9oxqRNOZhZVAD8HRNVrwUAzdvlDvJkxB2lvLX3qly3k/lGW+FUMDL7z7VLH
P3Zk/cwcjBk7tfIVZvTsddxNbyd9DyWBJ3pdeOBP8pU9fcUwmMBj6ouq5PjchnIa
beYo+L564WhEBKLyEqCgM2Q0IIPnpF/2TaHshxfQbUdRGbP2EJfPS4PYgPI9VMHe
jdHa+89iu2shg+PXUnT8Y1CFDv8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGwwVm
uMa//Ddwl0Bk8RfM28zbkjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQCRQnL9R5IC2ca3sT+jghZ7BX9GV66ArZDGC/p+IZNX
aOa9cEoEBKh7OlVjuhdrSI4m1NZckAufJAKSHlTB7i8r4t/YT4FMA8Cgsdrl+cCD
n5cZY6dccgB5DfEUyVsP1445WJA5Yy3IzGSKnjf514XNAOmgZKCHO6UBT8bvhrLw
thsCjwLVx5hMEejoqei7TY0yBuZ0vmdBAZGbuI0Uld/MXEwUnKsA2KEWZZASDz+y
ydThWYbmRPbZVAhx2vkMhUNyF1jpR3bZNeuFaeO2YaOH8wYL+cqytsXrjY4Via1B
U0f6LcTwf//jGMfRpfYVcN4ecqkdwfVRu2UbU6QcWqQ4
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:29:33 2025 by rpki-client