Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: PKdlfk9Z1J/SYXplOyLkH4A7l4+eJjpP5CH3gYrL5oU=
Subject key identifier: 26:6B:23:48:2D:2F:23:3D:F7:D0:89:96:4E:D5:27:5B:72:4A:1A:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 563F86D56F8B98F804767B0198AD026CD0B224ED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Fri 11 Jul 2025 21:00:07 +0000
ROA not before: Fri 11 Jul 2025 21:00:07 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:3f:86:d5:6f:8b:98:f8:04:76:7b:01:98:ad:02:6c:d0:b2:24:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:07 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c935f9653c5746d765ba8ae5e9ea091c2c601e41d4fedc06aac057f2a4b2d963, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e0:4d:1f:f0:4f:da:c3:00:29:f2:dd:55:b0:
81:02:6b:fd:2f:90:e9:f4:7b:36:a6:ca:32:47:80:
3a:e6:44:3c:d3:38:df:15:37:76:6f:79:16:c2:f1:
fe:8e:d4:45:dc:89:9e:d3:5d:0f:c9:3a:36:cd:7c:
8e:4c:41:ce:69:c1:aa:1f:3e:9d:5e:d1:79:87:c1:
a0:8d:7f:24:f8:c2:66:22:7f:5d:05:7b:2b:a3:61:
2c:ab:72:42:59:c1:5b:6c:de:cd:48:e2:d4:28:13:
26:48:52:da:69:90:fc:18:41:5f:64:25:8a:36:e8:
8f:d5:e4:b0:e5:f5:a8:ac:e0:1b:7f:53:5e:a6:2d:
34:8a:1f:2f:05:32:f6:71:c7:40:2e:f0:15:46:5f:
5e:e6:6b:f5:a0:7e:01:1c:3b:a3:7b:ba:65:9b:b8:
77:54:8b:a8:3a:88:39:48:30:65:41:43:bf:c5:58:
35:14:01:cf:a3:e9:2e:de:d3:4c:00:5d:fc:09:6b:
52:6f:92:40:fd:c5:8e:ea:93:43:81:d9:ef:18:fa:
01:db:02:3d:5f:cc:e6:2c:69:cd:e9:a9:72:38:cb:
a2:96:5c:e4:75:94:b2:36:27:d4:74:0a:a0:86:8d:
9d:11:6f:ac:1d:ff:c4:53:e5:8a:0c:36:53:35:bd:
ff:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:6B:23:48:2D:2F:23:3D:F7:D0:89:96:4E:D5:27:5B:72:4A:1A:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:39:80:a9:37:5f:10:e1:e9:50:a5:2a:53:78:4c:66:14:e6:
40:46:a5:cc:65:f2:25:6c:de:ae:35:02:ac:18:96:83:b2:d7:
22:a8:f0:b4:be:62:22:74:79:39:da:93:0d:0f:6e:3c:aa:fe:
49:29:b9:41:e6:62:6f:a8:a7:64:53:41:5c:56:5c:cc:80:33:
bf:b1:61:e3:68:37:e8:2b:27:91:39:6b:06:e4:c3:6e:ff:ef:
5e:90:9d:e3:63:fb:73:d6:43:21:6a:fa:7d:e5:9b:b0:10:d3:
19:b7:9b:6c:88:a9:11:87:8a:86:e9:5a:8a:69:c2:e9:cd:e0:
df:19:14:cf:e5:db:47:23:ce:62:1c:9d:d7:e5:e4:28:a3:e1:
c0:fe:b0:2a:ed:ce:f2:e9:78:53:61:45:06:26:ed:bb:67:92:
c7:04:35:c1:6a:b2:33:af:3b:1a:32:db:17:66:2d:19:f4:70:
c8:78:a1:7c:92:2c:41:55:aa:f1:1e:97:f5:0a:08:f4:a7:ee:
2f:ef:e9:4f:27:07:e7:69:b6:b6:65:28:b8:0f:da:d7:1d:c5:
3e:21:03:93:f7:ce:1a:66:62:86:01:50:09:6e:74:11:c3:2e:
39:8a:26:40:2b:f1:94:63:50:e6:eb:58:23:32:80:a3:b5:05:
6c:c7:d3:09
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVj+G1W+LmPgEdnsBmK0CbNCyJO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5MzVmOTY1M2M1NzQ2ZDc2NWJhOGFlNWU5ZWEwOTFjMmM2MDFlNDFkNGZl
ZGMwNmFhYzA1N2YyYTRiMmQ5NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrgTR/wT9rDACny3VWwgQJr/S+Q6fR7NqbKMkeAOuZEPNM43xU3dm95FsLx
/o7URdyJntNdD8k6Ns18jkxBzmnBqh8+nV7ReYfBoI1/JPjCZiJ/XQV7K6NhLKty
QlnBW2zezUji1CgTJkhS2mmQ/BhBX2Qlijboj9XksOX1qKzgG39TXqYtNIofLwUy
9nHHQC7wFUZfXuZr9aB+ARw7o3u6ZZu4d1SLqDqIOUgwZUFDv8VYNRQBz6PpLt7T
TABd/AlrUm+SQP3FjuqTQ4HZ7xj6AdsCPV/M5ixpzempcjjLopZc5HWUsjYn1HQK
oIaNnRFvrB3/xFPligw2UzW9//sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQmayNI
LS8jPffQiZZO1SdbckoaKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCGOYCpN18Q4elQpSpTeExmFOZARqXMZfIlbN6uNQKs
GJaDstciqPC0vmIidHk52pMND248qv5JKblB5mJvqKdkU0FcVlzMgDO/sWHjaDfo
KyeROWsG5MNu/+9ekJ3jY/tz1kMhavp95ZuwENMZt5tsiKkRh4qG6VqKacLpzeDf
GRTP5dtHI85iHJ3X5eQoo+HA/rAq7c7y6XhTYUUGJu27Z5LHBDXBarIzrzsaMtsX
Zi0Z9HDIeKF8kixBVarxHpf1Cgj0p+4v7+lPJwfnaba2ZSi4D9rXHcU+IQOT984a
ZmKGAVAJbnQRwy45iiZAK/GUY1Dm61gjMoCjtQVsx9MJ
-----END CERTIFICATE-----
Generated at Tue Aug 5 21:36:54 2025 by rpki-client