Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: uVVeSSNGRMbEfXbE0LEbYFc5nrjvAZw0NXy8BTfYLE4=
Subject key identifier: 86:59:32:95:E6:DF:30:FA:A2:0B:A8:8B:60:61:F9:41:00:AD:D3:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25C55B0865A15BEB5A611F5071C1DD8E47F5D977
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Fri 11 Jul 2025 21:01:19 +0000
ROA not before: Fri 11 Jul 2025 21:01:19 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:c5:5b:08:65:a1:5b:eb:5a:61:1f:50:71:c1:dd:8e:47:f5:d9:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:19 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2f984bfff390a92e86861a30dbc58321714156aa692386d46e3b9803f29eb12f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cf:a4:08:10:cb:39:a9:14:cf:ac:0d:30:fd:
35:c5:7d:54:f4:03:ca:d2:7c:de:b3:f7:aa:fe:f4:
09:48:94:8b:3a:72:46:6a:ce:e3:74:6b:16:30:56:
89:bb:76:db:6c:e6:d9:9e:e7:f8:16:2d:f9:75:04:
ff:40:33:a8:bf:98:57:ac:7d:31:9d:e6:8b:8b:b1:
52:9a:25:be:82:00:cf:9d:46:97:83:fc:31:c9:1a:
dc:95:8a:16:32:a0:2b:29:5e:99:6a:9c:97:26:a4:
60:b3:23:8e:d6:0f:97:49:34:32:84:75:f5:a4:b7:
eb:a7:57:ba:7f:82:a4:ea:43:7f:71:fc:c0:08:83:
60:3d:c2:81:dd:9d:d8:fa:35:21:43:9c:75:8f:46:
8b:ae:9c:9b:cd:ee:df:be:10:b9:44:2d:34:84:36:
18:a4:f3:4a:2c:b0:a7:9f:c1:7b:0e:29:24:05:04:
3b:02:e9:da:b5:1d:ef:02:ff:0c:e7:3d:26:97:06:
c4:2b:4d:ea:de:2e:d1:9b:86:fd:6b:75:74:11:1f:
80:c4:50:62:f3:d1:8c:29:ee:ae:0a:03:49:32:79:
eb:b6:e8:89:32:91:8b:a1:97:7d:92:48:86:c2:f6:
2e:30:ad:7e:6b:4a:c0:5e:7b:e9:d0:f9:fb:28:20:
72:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:59:32:95:E6:DF:30:FA:A2:0B:A8:8B:60:61:F9:41:00:AD:D3:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:b8:d8:66:97:b2:b9:96:44:93:b1:9b:dc:1b:26:11:1c:fb:
48:d4:18:44:99:cd:92:35:66:4e:1a:ab:6e:42:03:3f:40:05:
66:e6:9a:3e:d6:3a:14:47:c0:45:d3:38:6c:c8:46:1a:87:c0:
f6:22:92:bf:fb:b0:0f:a9:34:12:35:f4:41:ad:f6:72:95:57:
51:f8:a5:b1:5a:cb:08:25:e1:fa:73:08:d2:58:2b:da:19:e2:
0d:63:83:80:19:62:dc:83:23:f2:14:63:86:d9:ee:ce:dc:83:
52:e3:70:7a:91:98:03:86:3e:d6:68:69:8a:f5:e4:4f:ab:a5:
ea:74:4e:cd:61:d2:1b:03:70:8c:be:49:b4:63:39:c8:63:72:
89:ef:a2:3c:70:0e:ca:98:5c:d2:4e:7a:dd:3d:34:ad:2f:75:
93:31:da:9a:09:e1:d6:92:61:9c:ff:fa:b6:4b:b4:42:03:6a:
ee:15:97:60:c4:19:c9:bb:08:ea:32:3c:76:01:98:2b:b5:07:
e3:85:55:d5:c9:bf:fe:20:c7:6b:5d:05:91:ca:5b:42:a7:bf:
a8:cc:9b:1c:30:63:b1:09:af:4b:61:03:3c:00:2c:38:90:fe:
1a:ca:67:22:67:1a:74:a4:cf:8f:9b:c1:b3:0e:70:9b:07:6a:
c4:6e:30:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJcVbCGWhW+taYR9QccHdjkf12XcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMTlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmOTg0YmZmZjM5MGE5MmU4Njg2MWEzMGRiYzU4MzIxNzE0MTU2YWE2OTIz
ODZkNDZlM2I5ODAzZjI5ZWIxMmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbPpAgQyzmpFM+sDTD9NcV9VPQDytJ83rP3qv70CUiUizpyRmrO43RrFjBW
ibt222zm2Z7n+BYt+XUE/0AzqL+YV6x9MZ3mi4uxUpolvoIAz51Gl4P8Mcka3JWK
FjKgKylemWqclyakYLMjjtYPl0k0MoR19aS366dXun+CpOpDf3H8wAiDYD3Cgd2d
2Po1IUOcdY9Gi66cm83u374QuUQtNIQ2GKTzSiywp5/Bew4pJAUEOwLp2rUd7wL/
DOc9JpcGxCtN6t4u0ZuG/Wt1dBEfgMRQYvPRjCnurgoDSTJ567boiTKRi6GXfZJI
hsL2LjCtfmtKwF576dD5+yggcg8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSGWTKV
5t8w+qILqItgYflBAK3TIDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBPuNhml7K5lkSTsZvcGyYRHPtI1BhEmc2SNWZOGqtu
QgM/QAVm5po+1joUR8BF0zhsyEYah8D2IpK/+7APqTQSNfRBrfZylVdR+KWxWssI
JeH6cwjSWCvaGeINY4OAGWLcgyPyFGOG2e7O3INS43B6kZgDhj7WaGmK9eRPq6Xq
dE7NYdIbA3CMvkm0YznIY3KJ76I8cA7KmFzSTnrdPTStL3WTMdqaCeHWkmGc//q2
S7RCA2ruFZdgxBnJuwjqMjx2AZgrtQfjhVXVyb/+IMdrXQWRyltCp7+ozJscMGOx
Ca9LYQM8ACw4kP4aymciZxp0pM+Pm8GzDnCbB2rEbjDC
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:26:48 2025 by rpki-client