Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
File: ef3e6945-57bf-41fe-9e98-2db6c2800547.roa (raw, json)
Hash identifier: o2p0yq2GrmD6Ey+zdQSrm42tUPR1wi61Xs4ZWE9PEcA=
Subject key identifier: 1A:37:97:7C:BA:08:C1:48:35:CD:55:98:4C:99:4E:1E:A7:D4:80:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B2069C634E3B14E6B354644F9F35E27EA2D80BE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
Signing time: Fri 11 Jul 2025 21:01:05 +0000
ROA not before: Fri 11 Jul 2025 21:01:05 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:20:69:c6:34:e3:b1:4e:6b:35:46:44:f9:f3:5e:27:ea:2d:80:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:05 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a69da8bc232c2eac9e0187a23463ead59fd4276b7052e0f899fa7de5789684b2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:46:65:6b:c2:e0:33:bf:ce:b8:1d:a9:21:4e:
0c:85:ad:2d:d1:81:53:80:52:af:b6:f8:b6:76:7c:
a8:81:02:2b:0e:29:e6:2f:36:ff:df:92:fe:75:fd:
6c:6b:71:74:d6:89:2f:ca:b7:d3:5e:46:7c:4e:cd:
73:51:5f:c2:c1:56:16:21:40:ac:15:12:ca:92:80:
e2:8a:d9:e2:54:cd:67:1f:3c:d9:29:62:5a:8e:0a:
fc:4a:70:54:ce:c1:d7:1a:5a:98:21:da:12:3b:77:
0f:5d:ee:c0:d9:78:0c:e5:26:85:39:72:d6:f6:11:
f8:33:88:18:15:09:d0:97:6e:6b:80:ea:62:e6:97:
eb:22:2d:c3:c9:5f:b8:a0:44:60:02:52:39:4f:e5:
d9:9c:be:ea:5b:5c:01:ed:11:46:47:4c:61:b7:8a:
2d:c0:2b:2c:de:c4:54:ac:02:47:62:f3:37:f5:ae:
92:e7:a8:a7:f5:ce:ab:65:be:16:cb:39:a6:73:ec:
50:b9:df:93:b4:f8:30:aa:e9:a1:a6:84:96:da:91:
16:a4:fa:2d:fc:2d:ed:50:b6:51:b1:e8:b3:7a:e5:
bc:9d:b3:6a:6c:e4:27:1e:07:9a:fb:33:11:c1:7e:
07:b6:ed:46:88:ec:a6:c2:a2:12:cd:5b:bb:3c:94:
85:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:37:97:7C:BA:08:C1:48:35:CD:55:98:4C:99:4E:1E:A7:D4:80:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4a:ef:55:78:db:11:39:c7:c7:a8:e4:c3:24:95:46:52:d1:06:
57:82:0b:f2:6c:08:36:20:73:71:1d:8b:4d:59:fe:37:b5:9c:
d3:80:28:26:ce:e6:88:92:e8:66:24:8f:cf:49:c0:a1:79:19:
57:1e:23:bf:3e:27:59:c5:58:86:c1:40:3c:8f:27:2d:ce:b2:
da:e0:a2:39:f4:5a:9c:32:7e:c2:f8:e5:78:dc:84:f8:f4:27:
aa:02:fd:09:f3:77:fb:ce:f7:62:3c:7c:bd:29:a3:2b:0f:be:
45:7d:58:47:f9:58:c4:fe:e6:52:d3:1f:0d:c5:73:db:53:a7:
9e:22:90:09:54:0b:f7:5b:07:9b:40:40:2d:57:46:52:37:bb:
9d:5a:fb:a1:ef:be:b9:e8:33:2d:48:3e:a4:00:c5:2f:7a:f8:
ed:6d:f2:52:cb:98:28:b4:69:f6:f3:35:4d:28:18:d2:3c:04:
45:01:b8:de:d9:de:2c:52:18:66:24:64:2d:d8:21:60:35:3e:
7e:04:da:08:bc:ed:32:be:8e:a7:cb:52:8c:ff:71:ac:af:7f:
20:00:33:3a:68:fc:e0:2c:fa:06:d5:94:54:6f:ae:90:68:3b:
a1:a9:0e:60:d9:f3:7e:bc:df:06:50:3e:81:aa:3b:c3:a3:e4:
f9:cd:a2:89
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSyBpxjTjsU5rNUZE+fNeJ+otgL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2OWRhOGJjMjMyYzJlYWM5ZTAxODdhMjM0NjNlYWQ1OWZkNDI3NmI3MDUy
ZTBmODk5ZmE3ZGU1Nzg5Njg0YjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxGZWvC4DO/zrgdqSFODIWtLdGBU4BSr7b4tnZ8qIECKw4p5i82/9+S/nX9
bGtxdNaJL8q3015GfE7Nc1FfwsFWFiFArBUSypKA4orZ4lTNZx882SliWo4K/Epw
VM7B1xpamCHaEjt3D13uwNl4DOUmhTly1vYR+DOIGBUJ0Jdua4DqYuaX6yItw8lf
uKBEYAJSOU/l2Zy+6ltcAe0RRkdMYbeKLcArLN7EVKwCR2LzN/Wukueop/XOq2W+
Fss5pnPsULnfk7T4MKrpoaaEltqRFqT6Lfwt7VC2UbHos3rlvJ2zamzkJx4Hmvsz
EcF+B7btRojspsKiEs1buzyUhbUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQaN5d8
ugjBSDXNVZhMmU4ep9SAljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYzZTY5NDUtNTdiZi00MWZlLTllOTgtMmRiNmMyODAwNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQBK71V42xE5x8eo5MMklUZS0QZXggvybAg2IHNxHYtN
Wf43tZzTgCgmzuaIkuhmJI/PScCheRlXHiO/PidZxViGwUA8jyctzrLa4KI59Fqc
Mn7C+OV43IT49CeqAv0J83f7zvdiPHy9KaMrD75FfVhH+VjE/uZS0x8NxXPbU6ee
IpAJVAv3WwebQEAtV0ZSN7udWvuh77656DMtSD6kAMUvevjtbfJSy5gotGn28zVN
KBjSPARFAbje2d4sUhhmJGQt2CFgNT5+BNoIvO0yvo6ny1KM/3Gsr38gADM6aPzg
LPoG1ZRUb66QaDuhqQ5g2fN+vN8GUD6BqjvDo+T5zaKJ
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:40:10 2025 by rpki-client