Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: CGxvX9fYe2POnFkybmeleQSt9Wj4EqrbW3vH6NmSFh8=
Subject key identifier: 68:1D:8A:B4:35:BE:BD:16:41:2C:DC:79:66:55:37:F5:D1:BC:4F:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70F17C30E6E810C4439C2E722D966261E12EA9AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Fri 11 Jul 2025 21:01:01 +0000
ROA not before: Fri 11 Jul 2025 21:01:01 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:f1:7c:30:e6:e8:10:c4:43:9c:2e:72:2d:96:62:61:e1:2e:a9:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:01 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=708984ef7e4667ade95c46304179d7048722c7930e6d4b2deeb4fbe7ad7646a8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c5:49:bf:6b:a1:c1:96:e1:cf:98:00:cb:4c:
82:bf:fa:6f:37:cb:f5:bc:39:fb:58:01:90:43:4b:
93:55:2e:50:02:ae:f5:3c:8b:90:b6:5f:86:7d:c2:
ae:14:39:df:c8:22:a3:94:d6:96:d0:6a:f4:99:ce:
46:bc:b2:f5:2e:39:e5:ff:60:76:d7:95:61:58:7d:
47:6a:be:7a:2d:05:53:46:fb:54:78:5a:1d:ab:b6:
8f:64:33:8b:08:dc:17:c8:50:6c:e2:cf:13:f5:36:
a6:2f:d9:c8:ca:59:d9:d3:c2:3e:ae:14:fd:ac:26:
89:df:0c:a8:b6:39:2f:ef:8f:4a:0b:7e:f0:3c:39:
f7:c0:31:1e:a3:d0:71:72:88:c5:83:ec:02:0d:87:
76:9a:4a:29:5f:90:d2:69:7b:4c:15:33:5d:93:5d:
fd:93:aa:e3:84:e9:bd:e5:f5:fc:d6:2b:cc:8c:29:
1d:83:88:44:0f:5d:a8:ac:4c:74:a0:55:c7:a6:22:
b3:60:d1:b3:4e:de:c8:4a:df:94:df:c1:f7:e8:12:
4c:9f:53:0b:60:24:ef:2a:e3:62:dc:5d:99:d1:bb:
aa:65:ab:0e:46:f9:97:f3:b3:80:02:86:67:fe:fd:
5f:3d:b9:44:d5:00:99:90:7c:a3:3c:9a:fd:22:88:
e7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1D:8A:B4:35:BE:BD:16:41:2C:DC:79:66:55:37:F5:D1:BC:4F:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
43:df:16:6b:5a:8f:03:7c:30:7e:2b:bb:10:bb:cc:e7:22:4d:
32:97:f0:c1:c8:43:e8:bb:76:49:77:a0:3b:64:19:aa:fd:9b:
22:ac:9c:0d:1a:d7:61:9b:00:97:0b:60:7a:1c:6c:4d:96:7e:
c6:21:fc:c2:34:aa:6c:76:c2:f4:4d:02:28:37:01:7e:ac:fd:
d8:e6:c7:87:6e:99:01:3d:22:2c:b6:27:3f:56:90:19:56:4d:
af:47:59:b6:7c:94:5c:c7:2d:f5:2f:22:e0:63:28:44:b0:c0:
03:dd:6a:7b:9a:c8:c0:30:b9:27:b7:ab:c7:fc:88:7e:53:f4:
2d:9c:42:6d:39:c3:36:95:d8:56:58:4d:64:78:74:8c:93:9c:
92:fe:c6:16:7c:8c:bb:a4:8b:c7:d7:8d:eb:7b:25:d1:1b:f3:
1f:cf:ba:a3:56:dd:e4:22:70:90:12:db:a3:1a:15:16:2b:3c:
55:e5:0e:a6:48:87:28:2c:d0:ab:ca:08:66:b3:19:b1:d3:d7:
a3:29:f1:23:f9:d8:44:c4:ce:5a:dc:be:9f:5b:69:23:0d:66:
22:d9:1d:51:cf:af:c5:3a:85:09:00:49:1a:ce:80:31:71:0f:
25:e6:8d:d6:7a:c5:4f:4b:82:35:05:e1:1a:6a:77:be:cc:f1:
48:48:4e:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcPF8MOboEMRDnC5yLZZiYeEuqa8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMDFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwODk4NGVmN2U0NjY3YWRlOTVjNDYzMDQxNzlkNzA0ODcyMmM3OTMwZTZk
NGIyZGVlYjRmYmU3YWQ3NjQ2YTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfFSb9rocGW4c+YAMtMgr/6bzfL9bw5+1gBkENLk1UuUAKu9TyLkLZfhn3C
rhQ538gio5TWltBq9JnORryy9S455f9gdteVYVh9R2q+ei0FU0b7VHhaHau2j2Qz
iwjcF8hQbOLPE/U2pi/ZyMpZ2dPCPq4U/awmid8MqLY5L++PSgt+8Dw598AxHqPQ
cXKIxYPsAg2HdppKKV+Q0ml7TBUzXZNd/ZOq44TpveX1/NYrzIwpHYOIRA9dqKxM
dKBVx6Yis2DRs07eyErflN/B9+gSTJ9TC2Ak7yrjYtxdmdG7qmWrDkb5l/OzgAKG
Z/79Xz25RNUAmZB8ozya/SKI5xcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRoHYq0
Nb69FkEs3HlmVTf10bxP6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQBD3xZrWo8DfDB+K7sQu8znIk0yl/DByEPou3ZJd6A7
ZBmq/ZsirJwNGtdhmwCXC2B6HGxNln7GIfzCNKpsdsL0TQIoNwF+rP3Y5seHbpkB
PSIstic/VpAZVk2vR1m2fJRcxy31LyLgYyhEsMAD3Wp7msjAMLknt6vH/Ih+U/Qt
nEJtOcM2ldhWWE1keHSMk5yS/sYWfIy7pIvH143reyXRG/Mfz7qjVt3kInCQEtuj
GhUWKzxV5Q6mSIcoLNCryghmsxmx09ejKfEj+dhExM5a3L6fW2kjDWYi2R1Rz6/F
OoUJAEkazoAxcQ8l5o3WesVPS4I1BeEaane+zPFISE4S
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:10:42 2025 by rpki-client