Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json)
Hash identifier: fdIU3kMeWyL1CxIkCY6ZzU8x2LESiSqeY2z+DoUUIns=
Subject key identifier: C7:0A:49:D3:D7:EC:E1:F9:39:28:0C:D5:3B:1F:60:F5:D2:2E:C7:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 643341219E364C903D6E37EE556BBD7C178E1C5D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
Signing time: Mon 14 Jul 2025 15:40:06 +0000
ROA not before: Mon 14 Jul 2025 15:40:06 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:33:41:21:9e:36:4c:90:3d:6e:37:ee:55:6b:bd:7c:17:8e:1c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:06 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=a94282f96ed84e5e28bda9bed06ecfe0c3709cadcd015109aa0abe325453ffb2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b1:14:b1:8c:07:02:7c:a0:75:48:2d:01:41:
1b:f9:c5:01:dd:e9:f7:41:7c:17:72:56:00:75:cf:
23:3f:2f:56:80:7c:7e:96:85:44:1a:c1:3e:da:ad:
8e:7e:ef:fe:69:49:38:8d:4a:c1:9d:c4:87:cc:3b:
23:63:60:d2:24:8f:ac:c1:14:5b:65:cd:ba:e5:4a:
fb:a5:a1:cd:77:30:25:19:2b:9f:0a:fa:a6:e7:cd:
67:bb:81:dd:72:f0:2d:5f:e7:89:dc:b9:5a:81:7f:
4c:d6:f1:3e:11:cf:78:89:94:39:09:dd:43:8f:a1:
9b:02:a0:5a:c2:ba:0b:8e:3f:78:0b:c2:9e:1b:ea:
41:e4:da:8e:49:aa:f4:be:39:26:d4:f4:c9:48:cf:
ac:80:c5:f3:5d:b2:09:39:01:ba:1b:06:fa:28:3c:
e7:d3:bb:06:3f:4e:73:ce:34:49:7f:10:5b:5c:37:
9a:9c:a5:4b:9d:cf:0d:e7:ce:1c:e3:d7:8e:ac:00:
de:4f:b9:96:4a:28:b5:81:9b:24:d4:05:54:62:af:
58:ef:98:4e:34:b1:ed:fa:58:4a:72:b7:70:84:b0:
5a:a1:f5:58:b5:fd:16:e3:af:17:f8:5d:b9:5b:5b:
d3:2d:b2:38:7a:76:52:37:a4:c6:46:f0:5d:3b:4e:
53:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0A:49:D3:D7:EC:E1:F9:39:28:0C:D5:3B:1F:60:F5:D2:2E:C7:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.240.0/22
Signature Algorithm: sha256WithRSAEncryption
51:18:70:8d:15:f5:f3:a5:ad:db:1c:bc:89:64:8f:56:ae:66:
66:37:d8:24:88:3d:e7:12:1b:fb:9a:68:4d:15:cf:1c:97:ec:
0a:ac:ff:18:6f:35:df:5c:74:a6:1c:8c:d4:5a:45:2b:2f:a1:
8a:ee:d6:7a:e7:67:c4:f6:2b:2a:b2:0a:65:54:4f:cf:a6:30:
dd:4d:56:45:73:9a:f4:39:74:f7:df:c8:d4:db:6f:80:70:69:
4b:88:58:ef:56:b1:da:f3:35:4b:83:8a:73:9e:6d:f3:5b:af:
67:d8:62:41:d5:70:f6:f4:3a:0c:33:0c:9b:08:69:63:57:6e:
34:3a:47:b7:d3:a1:5d:10:2f:50:66:de:6d:a8:d0:64:c2:5e:
1f:2d:5d:6a:fb:24:e5:90:58:80:67:90:5d:5f:99:45:58:32:
c7:0b:15:5b:48:be:83:0a:e0:58:af:77:8a:85:5f:3e:04:08:
11:e6:5f:10:a3:85:4d:71:35:b1:e7:93:1e:bd:56:0b:02:63:
70:30:d5:f8:fd:86:e5:63:3d:a2:9b:c1:70:ff:8c:b1:ef:d1:
a3:fc:37:ef:3d:36:f5:ae:8e:62:4e:ea:3c:71:a3:28:d4:93:
77:63:20:b1:a8:8b:66:b1:fc:d5:cf:66:d6:e9:49:1b:ac:b7:
cd:8a:1e:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZDNBIZ42TJA9bjfuVWu9fBeOHF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMDZaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5NDI4MmY5NmVkODRlNWUyOGJkYTliZWQwNmVjZmUwYzM3MDljYWRjZDAx
NTEwOWFhMGFiZTMyNTQ1M2ZmYjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6xFLGMBwJ8oHVILQFBG/nFAd3p90F8F3JWAHXPIz8vVoB8fpaFRBrBPtqt
jn7v/mlJOI1KwZ3Eh8w7I2Ng0iSPrMEUW2XNuuVK+6WhzXcwJRkrnwr6pufNZ7uB
3XLwLV/nidy5WoF/TNbxPhHPeImUOQndQ4+hmwKgWsK6C44/eAvCnhvqQeTajkmq
9L45JtT0yUjPrIDF812yCTkBuhsG+ig859O7Bj9Oc840SX8QW1w3mpylS53PDefO
HOPXjqwA3k+5lkootYGbJNQFVGKvWO+YTjSx7fpYSnK3cISwWqH1WLX9FuOvF/hd
uVtb0y2yOHp2UjekxkbwXTtOU0MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHCknT
1+zh+TkoDNU7H2D10i7HQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN
BgkqhkiG9w0BAQsFAAOCAQEAURhwjRX186Wt2xy8iWSPVq5mZjfYJIg95xIb+5po
TRXPHJfsCqz/GG8131x0phyM1FpFKy+hiu7WeudnxPYrKrIKZVRPz6Yw3U1WRXOa
9Dl099/I1NtvgHBpS4hY71ax2vM1S4OKc55t81uvZ9hiQdVw9vQ6DDMMmwhpY1du
NDpHt9OhXRAvUGbebajQZMJeHy1davsk5ZBYgGeQXV+ZRVgyxwsVW0i+gwrgWK93
ioVfPgQIEeZfEKOFTXE1seeTHr1WCwJjcDDV+P2G5WM9opvBcP+Mse/Ro/w37z02
9a6OYk7qPHGjKNSTd2MgsaiLZrH81c9m1ulJG6y3zYoelQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:31:43 2025 by rpki-client