Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: xjsy2akYkfrkU/rH2GS1tTYWGUse1buzt62T9YLt41s=
Subject key identifier: C2:48:9E:DB:B1:63:10:0F:77:90:08:D5:BA:75:7E:26:D0:9B:28:89
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D8F1E95502B4E0139A4CDC23A5B948A37A6DAC0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Fri 11 Jul 2025 21:00:40 +0000
ROA not before: Fri 11 Jul 2025 21:00:40 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:8f:1e:95:50:2b:4e:01:39:a4:cd:c2:3a:5b:94:8a:37:a6:da:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:40 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6d40c677e385891757f5c3c457f20c4b0fa38c49eb3ab396637c249d43776aff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3d:e2:e6:f7:f1:2e:8c:93:1a:fe:95:75:24:
2a:8f:0c:de:96:5e:9e:45:a2:f7:96:49:34:96:d2:
29:1f:26:48:25:27:d7:c6:84:f8:05:51:34:a9:56:
30:64:44:01:7c:af:a5:e9:99:e1:61:f7:6b:35:82:
52:7d:1c:94:c9:4d:39:91:2c:79:06:d1:f1:e3:c2:
fc:0f:76:4e:1d:90:5f:9b:45:53:af:48:33:37:fd:
e7:31:e7:1e:14:6f:04:be:7c:25:74:81:4a:99:60:
f5:6c:e0:c1:fe:03:25:0e:d1:78:03:d7:f4:c2:f9:
0e:0f:9a:c6:47:82:19:ef:b0:e4:8f:8a:9f:12:42:
8e:d6:bf:ec:9e:53:07:aa:0d:76:7b:cd:8f:8e:65:
5c:b4:69:c4:cf:14:a6:14:6d:c6:62:b4:aa:ec:64:
ec:c9:b7:0c:04:76:7e:45:2a:e3:04:e5:44:c1:db:
35:49:66:00:e1:d8:77:ce:a7:b7:0e:d6:3b:1f:37:
98:37:86:63:23:d9:84:32:40:9c:9d:4a:33:a9:9a:
80:e9:5f:ad:29:7f:18:53:56:b3:4b:9e:b0:c2:4e:
53:9d:89:dd:b0:17:a0:df:b3:d7:57:b6:2a:a7:f7:
b7:b5:b1:7e:59:e6:1d:6c:82:9f:84:b4:7a:b8:b2:
f1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:48:9E:DB:B1:63:10:0F:77:90:08:D5:BA:75:7E:26:D0:9B:28:89
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:fa:6a:66:52:46:81:b8:f1:71:c0:42:99:69:1a:e8:ac:43:
9b:c2:8a:eb:e8:1c:28:2e:be:8b:87:7f:aa:0d:bd:7e:19:d1:
57:81:9b:4c:12:54:66:e1:2b:2d:de:8b:5d:5d:fd:dc:67:9c:
eb:f9:e8:ff:8c:89:21:a4:60:c9:2b:84:6f:41:26:4a:81:a1:
ce:2f:eb:45:a9:d5:ba:7d:8c:76:20:aa:0f:cf:a7:3f:82:06:
45:ff:9f:a3:9e:e4:22:76:bc:fb:a7:d5:dd:99:57:4f:c9:26:
09:98:02:fa:70:ce:dd:ad:d5:91:ef:8e:6b:f4:dd:4e:c4:d1:
7d:a3:21:c0:14:1d:26:2d:6f:c9:eb:93:ed:9f:6b:26:6f:bb:
4a:e1:84:9b:93:4b:fe:8a:ee:b3:94:f5:54:6c:8e:f6:6c:7a:
90:08:56:5e:dc:da:da:f7:3f:7e:57:94:c2:fc:bb:88:fb:0c:
6b:ee:1c:b6:06:82:9f:84:32:d9:8f:96:78:e6:7f:a0:86:07:
8d:a0:98:1a:1b:95:8e:78:5a:cc:4e:97:06:89:7c:92:55:da:
35:f8:90:64:a7:0e:82:01:f6:7d:08:cc:bd:24:3d:37:b5:26:
41:f3:73:e2:bf:49:c0:44:a6:c6:07:ec:81:f3:1b:21:ba:60:
65:d3:70:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfY8elVArTgE5pM3COluUijem2sAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwNDBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkNDBjNjc3ZTM4NTg5MTc1N2Y1YzNjNDU3ZjIwYzRiMGZhMzhjNDllYjNh
YjM5NjYzN2MyNDlkNDM3NzZhZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL494ub38S6Mkxr+lXUkKo8M3pZenkWi95ZJNJbSKR8mSCUn18aE+AVRNKlW
MGREAXyvpemZ4WH3azWCUn0clMlNOZEseQbR8ePC/A92Th2QX5tFU69IMzf95zHn
HhRvBL58JXSBSplg9Wzgwf4DJQ7ReAPX9ML5Dg+axkeCGe+w5I+KnxJCjta/7J5T
B6oNdnvNj45lXLRpxM8UphRtxmK0quxk7Mm3DAR2fkUq4wTlRMHbNUlmAOHYd86n
tw7WOx83mDeGYyPZhDJAnJ1KM6magOlfrSl/GFNWs0uesMJOU52J3bAXoN+z11e2
Kqf3t7WxflnmHWyCn4S0eriy8WUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTCSJ7b
sWMQD3eQCNW6dX4m0JsoiTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQBk+mpmUkaBuPFxwEKZaRrorEObworr6BwoLr6Lh3+q
Db1+GdFXgZtMElRm4Sst3otdXf3cZ5zr+ej/jIkhpGDJK4RvQSZKgaHOL+tFqdW6
fYx2IKoPz6c/ggZF/5+jnuQidrz7p9XdmVdPySYJmAL6cM7drdWR745r9N1OxNF9
oyHAFB0mLW/J65Ptn2smb7tK4YSbk0v+iu6zlPVUbI72bHqQCFZe3Nra9z9+V5TC
/LuI+wxr7hy2BoKfhDLZj5Z45n+ghgeNoJgaG5WOeFrMTpcGiXySVdo1+JBkpw6C
AfZ9CMy9JD03tSZB83Piv0nARKbGB+yB8xshumBl03Cm
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:34:47 2025 by rpki-client