Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
File: ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa (raw, json)
Hash identifier: w4Lxuoi8AfM6PSV+Pg7MFv54z79C7yenfNQyWbuLB68=
Subject key identifier: 04:B2:1D:FB:D9:D5:72:DD:34:94:E7:05:48:6C:81:E0:FF:5B:12:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15A49EAC61D02A079F08E32D0CBFB5EA2603306B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
Signing time: Mon 14 Jul 2025 15:40:17 +0000
ROA not before: Mon 14 Jul 2025 15:40:17 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:a4:9e:ac:61:d0:2a:07:9f:08:e3:2d:0c:bf:b5:ea:26:03:30:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:17 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=d48866f7faea8149df6c9010056d43843c9b4ddc1aff8c7869678a235891ff17, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1e:8f:0a:0e:85:51:66:e6:f4:1a:10:f6:ec:
d1:8e:96:11:70:bb:02:b1:90:d5:ed:72:69:78:71:
1c:cb:e3:e0:49:5a:60:a9:62:cd:74:31:5b:22:da:
59:42:22:f1:07:35:1e:61:19:2f:3c:71:6e:d6:d7:
98:d6:a2:a9:e3:06:de:c8:33:54:23:34:7c:00:b7:
30:e0:6f:d7:4f:c3:c4:b2:4f:5f:be:70:67:15:73:
52:6a:46:80:44:e6:05:9d:02:62:f0:36:55:13:d9:
4d:d1:8a:fe:dc:7f:3f:0f:e6:1e:df:7b:73:42:d4:
aa:e8:ec:c8:cf:fa:6a:bb:01:de:0a:e6:7b:52:27:
45:f2:99:56:8e:96:13:76:94:94:29:61:be:f7:48:
ec:c9:63:25:20:d0:6b:95:05:c8:b5:7e:eb:55:f1:
a7:19:8e:6a:2e:37:29:a6:1c:b4:23:00:52:ac:69:
fd:4b:07:28:16:0f:1b:ff:a8:65:25:4a:25:fa:c2:
4e:30:ac:fe:bf:fe:fe:8a:5f:7b:8e:f9:3f:13:2c:
43:0b:99:9e:f5:d2:4e:a1:6c:69:6e:2a:4b:f9:70:
ca:0a:93:e2:cb:86:e0:c5:3f:b9:2a:c2:70:f6:07:
a9:52:46:58:d7:16:6c:99:75:ec:d6:2e:c8:bc:e1:
44:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B2:1D:FB:D9:D5:72:DD:34:94:E7:05:48:6C:81:E0:FF:5B:12:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:bb:68:ae:3d:4d:44:e2:1d:e9:37:b9:47:2d:e9:0a:e5:4e:
f6:c4:61:cb:a0:87:10:37:f5:06:99:ee:17:04:65:e1:62:4e:
14:46:2a:5f:cc:08:38:2e:db:27:3f:4d:23:93:13:04:ee:7a:
b4:0f:79:c3:c5:1b:ab:33:5f:f8:b5:fd:8e:d7:82:78:e7:60:
a5:fe:39:d7:3d:15:7b:42:1e:85:18:63:50:c4:43:9c:e4:53:
1b:3a:79:93:cd:c6:22:23:08:c6:eb:9f:de:30:7a:27:7b:d8:
d6:15:e2:93:cd:6e:44:69:ee:07:7b:a1:a6:45:67:14:17:21:
3c:e1:39:cd:9a:d6:a3:1c:e2:32:52:29:a7:be:08:c2:24:93:
be:8c:a3:4d:f5:00:d1:84:c9:e9:ff:1c:33:73:ca:82:6c:e7:
11:f1:ca:7e:33:32:2b:cc:59:f2:27:54:36:39:6f:65:cd:12:
a2:70:bb:ad:76:0e:d1:78:52:4d:88:e0:88:26:87:37:85:51:
a4:08:6d:24:63:22:fa:05:7f:ac:1c:9c:52:62:b3:90:ea:ce:
6b:95:e3:d4:8c:c6:54:ba:c4:14:c9:df:44:37:dc:0a:a4:9f:
eb:ce:e9:53:01:8e:5b:4e:18:3b:69:b4:d5:04:54:1f:87:a8:
c0:73:c0:8c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFaSerGHQKgefCOMtDL+16iYDMGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMTdaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ODg2NmY3ZmFlYTgxNDlkZjZjOTAxMDA1NmQ0Mzg0M2M5YjRkZGMxYWZm
OGM3ODY5Njc4YTIzNTg5MWZmMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgejwoOhVFm5vQaEPbs0Y6WEXC7ArGQ1e1yaXhxHMvj4ElaYKlizXQxWyLa
WUIi8Qc1HmEZLzxxbtbXmNaiqeMG3sgzVCM0fAC3MOBv10/DxLJPX75wZxVzUmpG
gETmBZ0CYvA2VRPZTdGK/tx/Pw/mHt97c0LUqujsyM/6arsB3grme1InRfKZVo6W
E3aUlClhvvdI7MljJSDQa5UFyLV+61XxpxmOai43KaYctCMAUqxp/UsHKBYPG/+o
ZSVKJfrCTjCs/r/+/opfe475PxMsQwuZnvXSTqFsaW4qS/lwygqT4suG4MU/uSrC
cPYHqVJGWNcWbJl17NYuyLzhRAkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQEsh37
2dVy3TSU5wVIbIHg/1sSWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmNzE3NzYtZWY1NC00MTViLTg1NDMtN2VjNTVmOWIxZDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCnu2iuPU1E4h3pN7lHLekK5U72xGHLoIcQN/UGme4X
BGXhYk4URipfzAg4LtsnP00jkxME7nq0D3nDxRurM1/4tf2O14J452Cl/jnXPRV7
Qh6FGGNQxEOc5FMbOnmTzcYiIwjG65/eMHone9jWFeKTzW5Eae4He6GmRWcUFyE8
4TnNmtajHOIyUimnvgjCJJO+jKNN9QDRhMnp/xwzc8qCbOcR8cp+MzIrzFnyJ1Q2
OW9lzRKicLutdg7ReFJNiOCIJoc3hVGkCG0kYyL6BX+sHJxSYrOQ6s5rlePUjMZU
usQUyd9EN9wKpJ/rzulTAY5bThg7abTVBFQfh6jAc8CM
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:18:08 2025 by rpki-client