Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: xHgkGP104V0M6xm3BfxLdPmvU41D5NjnQIvIbKP4s/0=
Subject key identifier: 24:07:50:94:5B:D9:2E:84:89:C0:01:DF:BF:AD:02:C6:E7:60:65:A8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3DDC94CD563DD5A9C80698C53CA41ED28F647475
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Fri 11 Jul 2025 21:00:44 +0000
ROA not before: Fri 11 Jul 2025 21:00:44 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:dc:94:cd:56:3d:d5:a9:c8:06:98:c5:3c:a4:1e:d2:8f:64:74:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:44 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=09f774bbffda8c93d8d115785a5e4011a09341a75c12c4f8f28e43bf8ee810ce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ef:3f:db:7f:b7:4b:f6:86:54:40:36:20:17:
4e:c4:4f:fd:e4:f4:67:72:6c:08:f2:86:3a:7a:64:
b4:f1:cc:b8:e0:e6:07:a5:eb:e8:28:59:8d:e1:59:
55:bc:f6:0f:c1:d9:05:42:c7:59:ae:eb:62:f8:02:
83:b0:65:a4:98:13:46:a1:af:36:8c:88:f2:01:5d:
95:ed:e8:84:84:d6:76:13:97:15:6e:df:df:62:5e:
37:0e:09:cb:7f:c6:1a:c1:55:0b:dc:a3:9a:e0:60:
2a:86:dc:b5:fc:34:1a:c7:57:c2:79:7a:e1:91:e7:
04:c5:c5:02:4f:3c:24:dd:93:37:88:a2:95:2f:86:
74:a3:8b:e7:35:24:52:20:5b:4b:c2:c8:86:91:1c:
6c:78:f4:90:b2:a4:66:47:20:1c:fe:65:26:8c:f8:
94:0d:7f:22:db:e5:7e:d4:55:30:05:d2:e5:5c:ed:
3e:ed:95:c5:7c:cd:d5:ba:d6:35:81:f0:fe:cd:94:
c2:14:57:bd:9c:f8:bd:f7:94:81:86:04:df:d6:de:
b0:93:fc:1c:8d:79:d3:e7:63:81:1c:57:eb:83:cb:
89:ee:34:c4:f0:21:16:2a:61:c3:ac:26:89:7e:69:
03:99:04:9f:61:9e:fe:83:b4:d6:1b:4a:fd:9e:e5:
71:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:07:50:94:5B:D9:2E:84:89:C0:01:DF:BF:AD:02:C6:E7:60:65:A8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:41:6d:b5:2d:2f:28:90:a5:40:0e:4c:76:7f:cb:0d:c4:43:
c0:fe:f5:f1:af:63:f5:08:70:dd:1b:d3:72:e8:74:bd:bf:21:
98:73:e3:a4:2c:bb:30:b0:0b:e3:bf:48:d9:5d:c5:ad:5a:5c:
0c:32:ed:d4:d0:00:ca:6a:bd:bd:25:43:e7:43:99:24:0a:99:
ec:9c:b4:db:6c:2d:d7:86:5f:8a:50:9e:dc:27:d3:38:9e:96:
77:eb:37:27:c8:a8:29:69:c6:59:ee:e5:25:a3:49:c7:2d:f3:
f6:d6:e8:41:29:84:56:35:8c:a6:a9:78:36:4d:56:ca:c2:e1:
36:b1:58:44:ad:92:50:bb:30:dd:44:6c:ef:4f:87:d6:ca:11:
a0:18:f8:b4:92:e4:4d:b0:ac:c4:d7:98:c9:94:08:e1:7e:6d:
e8:44:4c:60:a5:b6:09:66:f2:2b:c5:f0:64:f4:1c:e0:43:65:
cb:fc:c7:74:63:93:71:d5:c1:0f:5c:19:66:3e:38:9d:35:39:
43:a6:42:40:85:fa:f1:d3:73:94:db:6e:7f:f4:94:84:01:30:
7b:26:66:19:2d:4b:25:9a:14:cb:d4:2a:d2:ae:94:d2:10:e8:
85:ef:2d:c4:71:19:b8:f7:d5:21:72:84:42:02:e3:91:c9:a6:
20:c6:62:ce
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPdyUzVY91anIBpjFPKQe0o9kdHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwNDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5Zjc3NGJiZmZkYThjOTNkOGQxMTU3ODVhNWU0MDExYTA5MzQxYTc1YzEy
YzRmOGYyOGU0M2JmOGVlODEwY2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDvP9t/t0v2hlRANiAXTsRP/eT0Z3JsCPKGOnpktPHMuODmB6Xr6ChZjeFZ
Vbz2D8HZBULHWa7rYvgCg7BlpJgTRqGvNoyI8gFdle3ohITWdhOXFW7f32JeNw4J
y3/GGsFVC9yjmuBgKobctfw0GsdXwnl64ZHnBMXFAk88JN2TN4iilS+GdKOL5zUk
UiBbS8LIhpEcbHj0kLKkZkcgHP5lJoz4lA1/ItvlftRVMAXS5VztPu2VxXzN1brW
NYHw/s2UwhRXvZz4vfeUgYYE39besJP8HI150+djgRxX64PLie40xPAhFiphw6wm
iX5pA5kEn2Ge/oO01htK/Z7lceUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQkB1CU
W9kuhInAAd+/rQLG52BlqDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQBDQW21LS8okKVADkx2f8sNxEPA/vXxr2P1CHDdG9Ny
6HS9vyGYc+OkLLswsAvjv0jZXcWtWlwMMu3U0ADKar29JUPnQ5kkCpnsnLTbbC3X
hl+KUJ7cJ9M4npZ36zcnyKgpacZZ7uUlo0nHLfP21uhBKYRWNYymqXg2TVbKwuE2
sVhErZJQuzDdRGzvT4fWyhGgGPi0kuRNsKzE15jJlAjhfm3oRExgpbYJZvIrxfBk
9BzgQ2XL/Md0Y5Nx1cEPXBlmPjidNTlDpkJAhfrx03OU225/9JSEATB7JmYZLUsl
mhTL1CrSrpTSEOiF7y3EcRm499UhcoRCAuORyaYgxmLO
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:21:46 2025 by rpki-client