Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json)
Hash identifier: Th6aKCklWyAWxe3K9IxbIxCRjZG9qpnogjKgH4xy5T8=
Subject key identifier: 7B:8F:80:9B:20:FF:C6:A5:09:6B:B4:F9:FD:8D:1F:FB:F2:4B:93:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63C06B320C2A52B560DCC3712411490F28980101
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
Signing time: Tue 05 Aug 2025 20:30:12 +0000
ROA not before: Tue 05 Aug 2025 20:30:12 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:c0:6b:32:0c:2a:52:b5:60:dc:c3:71:24:11:49:0f:28:98:01:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:12 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ff317d2e20123e17a188d43eae0d848cec1109b09155d044247e5a1199082c57, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:3b:e0:5a:b9:37:01:fe:f3:81:70:b0:3d:5d:
5b:ce:99:b5:de:20:d6:a8:aa:da:d1:a2:e2:e5:a4:
46:84:d9:38:4d:49:f0:7f:f0:2e:a4:5e:1a:95:bf:
07:43:c2:06:7c:a5:0a:62:f2:09:56:31:fe:40:73:
12:92:98:54:25:ea:4f:86:ab:31:f3:b8:7c:48:10:
ee:57:62:be:dc:dd:54:3e:9c:86:2c:76:da:f0:ed:
14:d3:33:ca:34:da:fd:31:f3:7b:19:39:92:75:ee:
b8:07:5d:f7:58:52:36:6f:fb:23:ac:98:2b:cc:84:
f6:68:50:d0:7f:56:cf:32:62:0d:66:5b:20:d4:20:
05:38:1c:c2:96:42:63:ee:35:1f:8b:75:d2:de:a8:
a4:d3:c8:40:52:00:96:9b:85:20:46:b0:c1:b5:b7:
f3:36:6d:31:1d:5f:5b:ca:fe:16:df:f4:a2:7c:21:
ce:47:75:b6:e3:b2:1b:c6:1a:04:2a:a4:fb:10:45:
5b:7c:b7:e8:c3:b7:5a:93:cd:81:44:44:59:d5:85:
06:9d:84:cf:ac:7b:f1:c3:3b:a7:80:be:a6:f3:49:
29:8a:30:31:02:1e:95:aa:f1:0f:ef:84:52:15:58:
89:13:5e:89:8c:9d:da:fc:a0:e2:36:ce:30:6d:7f:
00:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:8F:80:9B:20:FF:C6:A5:09:6B:B4:F9:FD:8D:1F:FB:F2:4B:93:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cd:9b:e4:a4:15:bf:fb:13:63:39:da:5b:84:95:c9:f0:16:a1:
69:2d:04:b5:b8:d7:3c:2f:af:9f:0b:44:76:a8:7c:09:98:b0:
e9:a5:65:78:b8:2d:7e:ed:f2:b8:6c:0a:53:9a:12:6b:fc:22:
a2:8a:3b:83:1d:15:4a:56:8f:01:27:9e:f1:fe:b0:27:00:aa:
72:c2:52:b1:fe:e5:52:b2:96:d4:9f:ab:d2:76:89:a3:48:19:
8e:82:5f:38:64:99:91:a0:cf:13:d1:83:6d:ec:80:23:58:3c:
16:87:a3:c3:2c:f0:7c:ae:89:ae:fe:d6:f4:e1:db:65:92:7f:
c9:ee:6d:72:5c:c2:d3:0e:f5:49:50:f4:29:04:25:9d:22:13:
cc:49:4b:e5:60:af:a0:b4:a1:56:0c:ae:70:72:07:93:d4:2a:
17:a3:5e:8f:18:24:76:d1:4e:a1:2d:07:ea:51:eb:2a:92:f8:
3b:77:b8:0e:5d:14:af:e6:ac:cd:80:2f:a5:57:b8:7d:38:26:
aa:f4:0f:d9:bd:6d:7c:5b:05:92:1d:92:59:80:dc:ed:0b:bb:
5d:69:f2:a1:a8:58:dd:d3:e9:fa:46:b0:0c:f0:36:06:c3:23:
53:d3:37:7f:a1:90:85:9f:22:85:c5:65:e5:3a:74:90:08:75:
de:44:a8:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY8BrMgwqUrVg3MNxJBFJDyiYAQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMTJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmMzE3ZDJlMjAxMjNlMTdhMTg4ZDQzZWFlMGQ4NDhjZWMxMTA5YjA5MTU1
ZDA0NDI0N2U1YTExOTkwODJjNTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPc74Fq5NwH+84FwsD1dW86Ztd4g1qiq2tGi4uWkRoTZOE1J8H/wLqReGpW/
B0PCBnylCmLyCVYx/kBzEpKYVCXqT4arMfO4fEgQ7ldivtzdVD6chix22vDtFNMz
yjTa/THzexk5knXuuAdd91hSNm/7I6yYK8yE9mhQ0H9WzzJiDWZbINQgBTgcwpZC
Y+41H4t10t6opNPIQFIAlpuFIEawwbW38zZtMR1fW8r+Ft/0onwhzkd1tuOyG8Ya
BCqk+xBFW3y36MO3WpPNgUREWdWFBp2Ez6x78cM7p4C+pvNJKYowMQIelarxD++E
UhVYiRNeiYyd2vyg4jbOMG1/AMcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7j4Cb
IP/GpQlrtPn9jR/78kuT8DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQDNm+SkFb/7E2M52luElcnwFqFpLQS1uNc8L6+fC0R2
qHwJmLDppWV4uC1+7fK4bApTmhJr/CKiijuDHRVKVo8BJ57x/rAnAKpywlKx/uVS
spbUn6vSdomjSBmOgl84ZJmRoM8T0YNt7IAjWDwWh6PDLPB8romu/tb04dtlkn/J
7m1yXMLTDvVJUPQpBCWdIhPMSUvlYK+gtKFWDK5wcgeT1CoXo16PGCR20U6hLQfq
Uesqkvg7d7gOXRSv5qzNgC+lV7h9OCaq9A/ZvW18WwWSHZJZgNztC7tdafKhqFjd
0+n6RrAM8DYGwyNT0zd/oZCFnyKFxWXlOnSQCHXeRKj4
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:09:32 2025 by rpki-client