Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: Yn3r50NOqae7LJ071ZePOsSKZUzwe0xUbHARZi66q6c=
Subject key identifier: 12:F1:76:13:BE:73:4D:48:F7:7B:B1:80:5A:59:FC:CA:E5:7F:A1:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 510D7EB48DB39B97A626BE0B69AB62BE34AE0B90
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Mon 14 Jul 2025 15:30:36 +0000
ROA not before: Mon 14 Jul 2025 15:30:36 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:0d:7e:b4:8d:b3:9b:97:a6:26:be:0b:69:ab:62:be:34:ae:0b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:36 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=e6c6a5625e10b50474e507b1320fc6b026983f86f153bec587bf6156fd206c5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a8:2e:bd:3e:7d:88:4f:39:0a:b8:55:3f:11:
da:30:5a:c7:58:a5:a1:ea:8d:40:10:bf:a9:60:a0:
9a:89:39:25:22:9c:cd:cc:7e:4d:89:b8:d1:52:b5:
a0:19:c6:d5:86:f8:14:84:66:90:e7:1c:be:56:6e:
4d:91:a7:c9:13:12:fb:3d:54:5c:09:98:8a:c5:92:
ff:2d:f8:5d:09:67:40:f2:d8:2a:52:df:22:df:9a:
1f:61:c7:8b:52:86:bd:07:14:0f:69:87:a5:44:40:
43:97:d5:c0:e1:37:3e:a6:36:5d:73:a3:75:ba:82:
cc:f0:75:5e:7b:e2:3a:c7:75:75:33:de:e7:4a:a3:
84:ea:d3:12:c9:75:05:81:d1:68:14:55:7f:48:a8:
71:08:34:23:5e:a6:cc:02:66:bb:f3:c2:ce:47:2e:
5a:8f:15:71:23:96:fa:05:49:96:b4:6d:eb:67:4d:
32:6d:29:a3:85:9e:93:01:e7:da:38:6e:5c:a3:44:
8d:fe:a5:72:6c:ba:b5:92:76:12:aa:2c:e3:1a:7e:
7c:1f:bb:d1:b7:21:cd:19:e3:3a:f7:a6:79:fb:fe:
28:6d:4a:da:37:c0:fa:b8:97:22:99:bb:42:a4:04:
22:12:10:4a:70:eb:3f:24:36:d5:4d:ed:10:c0:b4:
12:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F1:76:13:BE:73:4D:48:F7:7B:B1:80:5A:59:FC:CA:E5:7F:A1:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
92:6a:17:0a:af:55:64:1e:53:ec:2d:12:23:ed:3f:ab:57:c4:
d7:87:2e:2b:fa:97:4c:e7:c9:96:c4:38:2a:81:1d:8a:4c:13:
7a:ad:f2:8e:ec:d9:48:7d:08:d3:38:d7:4a:75:47:cd:9d:04:
72:13:e4:71:b5:f1:a9:03:50:0d:f8:3c:0a:ee:d2:3b:6f:91:
93:6c:0d:be:e5:ac:13:6a:99:d7:61:fb:c2:5b:2e:67:c7:13:
d2:33:6d:f8:cd:58:5c:42:81:84:8a:89:8a:55:ce:4d:46:47:
91:9c:5e:1f:a4:fc:c5:bf:33:25:d7:e2:59:85:78:70:11:98:
82:8d:67:1e:61:1f:11:a2:47:72:c5:d3:bf:6e:8e:8c:39:b9:
fc:17:82:77:61:cc:96:71:34:9f:c2:1f:f3:be:98:bb:47:ea:
d9:2e:c9:9b:71:75:ef:87:15:08:7a:fa:76:56:83:b2:d7:be:
48:39:d1:80:e8:86:f7:14:28:d9:dd:47:c6:ab:54:1b:bf:39:
93:3a:c6:78:78:d5:3f:7a:54:e9:33:17:8a:84:3c:b9:b5:ce:
2b:aa:fb:6a:f8:ec:de:ab:80:f5:6a:a7:02:41:48:28:7e:3e:
5a:7a:f9:e8:18:c6:98:a1:2b:a4:4b:ea:89:fb:3f:54:ce:d6:
35:d3:3e:93
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUQ1+tI2zm5emJr4LaativjSuC5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwMzZaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2YzZhNTYyNWUxMGI1MDQ3NGU1MDdiMTMyMGZjNmIwMjY5ODNmODZmMTUz
YmVjNTg3YmY2MTU2ZmQyMDZjNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKoLr0+fYhPOQq4VT8R2jBax1iloeqNQBC/qWCgmok5JSKczcx+TYm40VK1
oBnG1Yb4FIRmkOccvlZuTZGnyRMS+z1UXAmYisWS/y34XQlnQPLYKlLfIt+aH2HH
i1KGvQcUD2mHpURAQ5fVwOE3PqY2XXOjdbqCzPB1XnviOsd1dTPe50qjhOrTEsl1
BYHRaBRVf0iocQg0I16mzAJmu/PCzkcuWo8VcSOW+gVJlrRt62dNMm0po4WekwHn
2jhuXKNEjf6lcmy6tZJ2Eqos4xp+fB+70bchzRnjOvemefv+KG1K2jfA+riXIpm7
QqQEIhIQSnDrPyQ21U3tEMC0EvUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQS8XYT
vnNNSPd7sYBaWfzK5X+h8TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAkmoXCq9VZB5T7C0SI+0/q1fE14cuK/qXTOfJlsQ4
KoEdikwTeq3yjuzZSH0I0zjXSnVHzZ0EchPkcbXxqQNQDfg8Cu7SO2+Rk2wNvuWs
E2qZ12H7wlsuZ8cT0jNt+M1YXEKBhIqJilXOTUZHkZxeH6T8xb8zJdfiWYV4cBGY
go1nHmEfEaJHcsXTv26OjDm5/BeCd2HMlnE0n8If876Yu0fq2S7Jm3F174cVCHr6
dlaDste+SDnRgOiG9xQo2d1HxqtUG785kzrGeHjVP3pU6TMXioQ8ubXOK6r7avjs
3quA9WqnAkFIKH4+Wnr56BjGmKErpEvqifs/VM7WNdM+kw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:48:52 2025 by rpki-client