
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
File: fd04a54b-459a-491a-a013-59d0ed55825f.roa (raw, json)
Hash identifier: 40sIdqezgJ2r3Guy5vgEnakv2kzqntSlG3pMXv827qw=
Subject key identifier: 14:DA:E9:BD:C9:40:80:C2:6A:35:AF:87:0C:65:00:6B:91:1C:2C:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A77B7C23551206F7D25E97CE5D244BA40A2397E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
Signing time: Fri 11 Jul 2025 21:00:10 +0000
ROA not before: Fri 11 Jul 2025 21:00:10 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:77:b7:c2:35:51:20:6f:7d:25:e9:7c:e5:d2:44:ba:40:a2:39:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:10 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=fe3bf516521990d368174d65ef201b406f76dbb99762e3820892e101538aa06f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bb:a8:03:69:c7:38:e0:e6:17:77:f1:74:ac:
ca:56:dd:4a:8b:11:85:af:26:83:87:a9:42:1a:55:
09:58:0d:92:57:7d:b6:fb:9d:d9:57:cd:89:03:ab:
43:de:dd:94:5f:45:bd:01:07:3c:b3:e0:7f:0a:c9:
c9:e6:80:a5:d1:d5:00:9c:41:5a:e4:26:eb:9d:dc:
a9:16:97:a6:f4:b3:17:f2:47:51:1a:3e:1d:f1:40:
a5:69:b4:0c:a6:09:36:28:dd:4c:bb:e2:ce:1f:c7:
a5:83:93:18:34:51:32:ca:9e:62:51:d7:da:be:f6:
8b:25:87:33:86:dd:59:4f:ec:d3:5f:03:b2:1a:78:
26:f6:4d:c5:32:67:56:6a:af:e8:ca:f3:87:25:1b:
2f:41:14:ee:4b:3e:c3:25:97:84:6c:c3:01:cb:27:
4a:87:04:e9:5f:c6:c6:b8:a7:ff:8f:3b:f6:b0:c5:
7e:77:77:46:d5:6d:64:65:e5:9d:3f:dd:68:d3:9e:
af:2d:3a:5c:fb:55:6d:94:8f:be:1b:cb:f2:16:78:
c0:8d:b0:64:9a:3e:8b:ff:db:23:b7:76:ab:61:7c:
7f:5b:c5:c7:97:f7:78:c8:83:00:51:8b:6e:9b:83:
19:43:0c:a2:8f:ea:b2:d3:a3:4f:9e:b3:e6:8b:db:
3a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DA:E9:BD:C9:40:80:C2:6A:35:AF:87:0C:65:00:6B:91:1C:2C:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:5b:31:9c:18:dc:a3:23:ca:d7:2b:6f:31:9e:e3:42:92:26:
1b:0c:4a:b9:b6:c8:8d:e4:e7:e9:d0:f7:36:dc:f2:f0:f1:88:
66:2e:fc:68:4c:19:e3:d0:ba:46:95:a6:3d:0f:99:6a:0f:0b:
66:2f:cd:80:d3:85:a4:2b:69:cd:d2:51:8e:f1:2a:fb:0e:66:
d4:10:50:91:03:30:09:0b:2d:34:4b:83:02:e1:23:92:09:58:
4e:bd:f7:58:d0:68:65:1b:7c:bc:1b:71:6b:a7:ec:72:fd:a3:
c1:20:71:db:23:7e:bc:1d:16:66:ac:fa:c5:87:5e:76:bc:47:
41:c9:d3:2e:02:d2:e7:9c:b9:32:1f:94:19:39:18:4c:85:53:
28:46:ea:63:57:8d:c9:5c:bf:9f:3c:98:5c:3f:b1:a9:75:2f:
64:9f:12:c7:2b:17:d8:72:39:1c:2d:3e:d7:5e:55:46:04:0f:
09:9d:2e:41:90:e5:9b:03:0f:80:ca:75:42:4f:79:61:a8:62:
f8:6f:ae:f3:7f:5c:05:1f:6d:e5:5a:10:f5:1b:f1:c9:9c:89:
6e:c0:74:b8:57:61:54:a6:ff:f4:93:02:0c:b4:c9:fd:d3:36:
2d:c9:f1:f3:cf:cc:38:80:43:f9:6a:58:90:41:43:c6:62:38:
db:f1:7a:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUane3wjVRIG99Jel85dJEukCiOX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMTBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlM2JmNTE2NTIxOTkwZDM2ODE3NGQ2NWVmMjAxYjQwNmY3NmRiYjk5NzYy
ZTM4MjA4OTJlMTAxNTM4YWEwNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANC7qANpxzjg5hd38XSsylbdSosRha8mg4epQhpVCVgNkld9tvud2VfNiQOr
Q97dlF9FvQEHPLPgfwrJyeaApdHVAJxBWuQm653cqRaXpvSzF/JHURo+HfFApWm0
DKYJNijdTLvizh/HpYOTGDRRMsqeYlHX2r72iyWHM4bdWU/s018Dshp4JvZNxTJn
Vmqv6MrzhyUbL0EU7ks+wyWXhGzDAcsnSocE6V/Gxrin/4879rDFfnd3RtVtZGXl
nT/daNOery06XPtVbZSPvhvL8hZ4wI2wZJo+i//bI7d2q2F8f1vFx5f3eMiDAFGL
bpuDGUMMoo/qstOjT56z5ovbOm8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQU2um9
yUCAwmo1r4cMZQBrkRwsZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmQwNGE1NGItNDU5YS00OTFhLWEwMTMtNTlkMGVkNTU4MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQBxWzGcGNyjI8rXK28xnuNCkiYbDEq5tsiN5Ofp0Pc2
3PLw8YhmLvxoTBnj0LpGlaY9D5lqDwtmL82A04WkK2nN0lGO8Sr7DmbUEFCRAzAJ
Cy00S4MC4SOSCVhOvfdY0GhlG3y8G3Frp+xy/aPBIHHbI368HRZmrPrFh152vEdB
ydMuAtLnnLkyH5QZORhMhVMoRupjV43JXL+fPJhcP7GpdS9knxLHKxfYcjkcLT7X
XlVGBA8JnS5BkOWbAw+AynVCT3lhqGL4b67zf1wFH23lWhD1G/HJnIluwHS4V2FU
pv/0kwIMtMn90zYtyfHzz8w4gEP5aliQQUPGYjjb8Xp9
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:37:59 2025 by rpki-client