Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
File: f060e190-89f7-4009-9831-b2d429343b80.roa (raw, json)
Hash identifier: nuAOzbCpIxv57m+j78keZSDCwLYbgU+Omhfm6jZEoss=
Subject key identifier: D1:B5:32:85:2A:42:45:FB:A1:AF:98:51:06:FF:0A:9D:F7:A0:68:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1652070BAA9FB7B7C2162D7A5C8B47B46552EEB4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
Signing time: Mon 14 Jul 2025 15:40:06 +0000
ROA not before: Mon 14 Jul 2025 15:40:06 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:52:07:0b:aa:9f:b7:b7:c2:16:2d:7a:5c:8b:47:b4:65:52:ee:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:06 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=760695b3edc821902b19981a0cbf05cc8535245c2dd51a96ce8c5490b8a80f73, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6d:30:4c:ff:21:4c:fa:64:98:39:6f:22:46:
bf:25:40:fa:aa:4a:55:e8:9a:c3:9c:e0:7f:fd:2b:
7e:f3:a3:3d:42:54:6f:95:5f:5c:aa:7c:f2:33:b3:
a2:c2:bd:40:20:00:dd:e7:bb:59:f7:12:51:5e:4e:
9c:e7:e6:5e:7c:81:a1:19:42:cf:37:bd:f6:0d:18:
a6:7b:92:c1:fb:93:5e:76:9b:5f:96:62:e9:82:ce:
5d:eb:e4:bb:25:39:f7:a7:43:22:58:4f:d4:f1:05:
79:2d:cc:b4:34:26:52:93:49:c3:20:fb:cd:29:8c:
de:ce:a8:da:0c:cf:d7:1a:b8:3f:b7:2f:19:dc:4b:
0d:10:f4:9d:38:3b:37:e8:fd:e1:f6:4b:0f:4d:98:
ad:90:a2:40:4e:14:82:d7:8c:71:30:ea:f8:6a:fc:
b3:d1:b3:9b:2e:e7:40:8b:66:27:bd:d1:92:55:be:
09:09:eb:62:8f:6e:8c:eb:71:09:8c:61:56:b4:87:
91:11:83:02:83:39:c9:e6:ed:38:fd:04:ac:4c:2a:
50:6b:b8:3b:61:9e:13:2b:83:3c:6d:e2:51:22:ab:
76:38:32:15:f2:c0:76:75:eb:4c:11:e7:5d:36:2a:
a9:e4:e2:16:f0:a4:9e:89:ef:50:a7:8a:20:e5:f0:
b1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B5:32:85:2A:42:45:FB:A1:AF:98:51:06:FF:0A:9D:F7:A0:68:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c7:76:43:98:d3:aa:c5:ff:15:0d:4f:a0:cc:23:f9:e0:83:5e:
9e:9a:83:17:fa:f4:d6:73:83:2e:8e:50:1f:79:36:a4:51:8f:
ca:29:da:58:28:ed:be:57:66:c1:17:62:d4:e6:1c:36:60:4b:
90:75:d5:e5:db:3a:e2:5b:3e:63:00:f1:85:f4:06:05:b0:c1:
7b:c4:ff:a2:2e:ca:ff:1d:d4:c9:0b:f8:d0:d9:fc:aa:d1:7d:
88:42:a6:b9:07:b1:cb:a1:54:b2:96:ae:15:ac:88:78:e1:f1:
d8:03:d6:5d:df:e0:ba:6d:13:f7:a3:2d:d1:51:c9:4c:3f:d1:
93:b0:da:db:70:e4:ea:e7:5d:2f:5e:5a:96:10:77:bd:e4:d5:
61:d3:4a:c8:83:ca:67:04:62:6d:98:72:e9:16:93:e9:9a:91:
6a:93:9f:8c:b6:a4:97:e8:2d:8d:51:84:43:c2:cc:62:09:6e:
c2:46:98:b6:10:33:89:91:2d:98:1b:60:bc:de:71:98:cd:65:
14:c3:d6:65:c7:30:07:72:e5:7c:11:40:dc:95:27:5b:8f:9f:
60:a1:32:68:49:ac:39:6a:d9:51:fb:10:b9:00:65:5c:63:1b:
41:ab:f2:b3:7b:55:62:34:15:e6:01:da:fe:ba:3f:80:ad:9d:
63:c6:bf:53
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFlIHC6qft7fCFi16XItHtGVS7rQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMDZaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2MDY5NWIzZWRjODIxOTAyYjE5OTgxYTBjYmYwNWNjODUzNTI0NWMyZGQ1
MWE5NmNlOGM1NDkwYjhhODBmNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIdtMEz/IUz6ZJg5byJGvyVA+qpKVeiaw5zgf/0rfvOjPUJUb5VfXKp88jOz
osK9QCAA3ee7WfcSUV5OnOfmXnyBoRlCzze99g0YpnuSwfuTXnabX5Zi6YLOXevk
uyU596dDIlhP1PEFeS3MtDQmUpNJwyD7zSmM3s6o2gzP1xq4P7cvGdxLDRD0nTg7
N+j94fZLD02YrZCiQE4UgteMcTDq+Gr8s9Gzmy7nQItmJ73RklW+CQnrYo9ujOtx
CYxhVrSHkRGDAoM5yebtOP0ErEwqUGu4O2GeEyuDPG3iUSKrdjgyFfLAdnXrTBHn
XTYqqeTiFvCknonvUKeKIOXwsXkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTRtTKF
KkJF+6GvmFEG/wqd96BoCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA2MGUxOTAtODlmNy00MDA5LTk4MzEtYjJkNDI5MzQzYjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQDHdkOY06rF/xUNT6DMI/ngg16emoMX+vTWc4MujlAf
eTakUY/KKdpYKO2+V2bBF2LU5hw2YEuQddXl2zriWz5jAPGF9AYFsMF7xP+iLsr/
HdTJC/jQ2fyq0X2IQqa5B7HLoVSylq4VrIh44fHYA9Zd3+C6bRP3oy3RUclMP9GT
sNrbcOTq510vXlqWEHe95NVh00rIg8pnBGJtmHLpFpPpmpFqk5+MtqSX6C2NUYRD
wsxiCW7CRpi2EDOJkS2YG2C83nGYzWUUw9ZlxzAHcuV8EUDclSdbj59goTJoSaw5
atlR+xC5AGVcYxtBq/Kze1ViNBXmAdr+uj+ArZ1jxr9T
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:17:37 2025 by rpki-client