Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json)
Hash identifier: JZ5zrX8a8CaGXbrXepBIU/NDtoyHlL4XLvF8hqRIEWY=
Subject key identifier: 3B:50:74:A2:85:FE:6A:52:1B:9B:A1:13:57:AF:25:5C:1F:EA:0F:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5A7E622DAF019561AF6B81DB0E0E8D882205682C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
Signing time: Fri 22 Aug 2025 15:10:02 +0000
ROA not before: Fri 22 Aug 2025 15:10:02 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:7e:62:2d:af:01:95:61:af:6b:81:db:0e:0e:8d:88:22:05:68:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 22 15:10:02 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=5ff3f820fa3c5772bf125e99852eeaddf503baed297f53b9e26ae9ea0218ee42, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:17:66:ca:0e:04:df:c2:6e:41:73:f4:bc:ce:
d2:20:5a:20:56:7d:1e:20:87:1d:e2:cb:7d:a9:90:
64:c8:4e:00:6a:09:57:5e:7a:16:d7:61:9b:a9:2f:
a5:b5:1b:fb:86:90:1c:cc:89:4e:08:33:bc:d9:a3:
69:17:63:7d:03:2e:4a:cb:2d:f7:fe:ae:dd:45:ff:
dc:59:6d:a1:3c:a7:c2:f8:3b:c4:f6:3a:f6:1f:92:
af:e1:be:02:f4:1f:93:26:d2:7a:37:2f:46:4d:88:
9e:94:00:a5:60:9a:81:a6:16:af:45:da:5a:b0:cd:
76:f9:43:f7:ca:05:61:7c:06:b2:f8:0e:29:34:36:
11:c1:7a:67:4b:cd:56:16:7f:cc:14:40:aa:e0:d5:
f7:f8:64:3c:95:be:98:ed:92:0f:98:11:7d:ad:48:
f4:48:04:cb:57:4f:bb:aa:05:69:2c:98:6e:27:16:
8b:ea:77:45:30:e6:a4:b0:ec:07:64:07:80:b1:08:
51:db:8a:20:68:9d:9e:57:90:6e:62:3b:d7:27:80:
35:72:b8:56:54:a2:d8:7c:0d:b3:26:ff:88:c2:b4:
3c:b4:64:01:03:8f:26:ea:e6:bb:5a:8e:04:34:d3:
8a:05:d3:db:1b:66:63:77:59:2e:13:44:c0:81:c3:
f4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:50:74:A2:85:FE:6A:52:1B:9B:A1:13:57:AF:25:5C:1F:EA:0F:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
53:cd:fa:d9:e2:16:d3:fc:c7:1f:c7:8b:bb:ed:8b:8c:fc:4a:
2a:26:ec:f5:a8:f1:1e:32:a7:30:1e:2c:23:0a:6e:64:78:34:
79:be:65:45:88:25:79:97:79:0b:61:c3:23:76:1e:4c:40:a7:
3f:5f:aa:e6:fe:67:de:22:1a:5a:34:e9:e4:42:17:94:31:98:
f0:42:b1:c1:5a:21:7a:a7:9a:9c:c0:ae:eb:8a:d8:b5:8b:20:
84:a0:c2:71:f3:3a:7d:cb:4d:d9:6a:70:9c:88:08:d5:d2:f3:
79:d2:a7:9b:1c:49:39:2a:9c:98:b4:6e:ed:ee:62:79:a1:b2:
ce:25:5d:e0:22:97:18:22:df:af:08:cf:b5:6d:41:44:5c:b9:
c4:90:fb:8e:2c:12:95:ed:03:72:c7:2d:e8:37:db:7e:2c:77:
16:f0:ae:8f:27:18:1f:de:7c:6d:20:2d:5e:34:ba:90:bf:76:
71:d5:4a:8a:a9:1a:5c:75:d7:21:a4:21:88:d5:0f:96:f3:02:
ca:57:78:24:a6:b7:12:41:8c:57:af:7d:7a:f4:de:3c:49:e9:
71:78:11:fb:1d:dc:b0:f9:3c:5a:fd:31:6c:2e:36:f9:95:a2:
d4:ee:6d:71:e8:65:11:8c:fe:08:1d:0e:c1:aa:c1:ee:36:54:
59:e4:b5:cb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWn5iLa8BlWGva4HbDg6NiCIFaCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MjIxNTEwMDJaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmZjNmODIwZmEzYzU3NzJiZjEyNWU5OTg1MmVlYWRkZjUwM2JhZWQyOTdm
NTNiOWUyNmFlOWVhMDIxOGVlNDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4XZsoOBN/CbkFz9LzO0iBaIFZ9HiCHHeLLfamQZMhOAGoJV156Ftdhm6kv
pbUb+4aQHMyJTggzvNmjaRdjfQMuSsst9/6u3UX/3FltoTynwvg7xPY69h+Sr+G+
AvQfkybSejcvRk2InpQApWCagaYWr0XaWrDNdvlD98oFYXwGsvgOKTQ2EcF6Z0vN
VhZ/zBRAquDV9/hkPJW+mO2SD5gRfa1I9EgEy1dPu6oFaSyYbicWi+p3RTDmpLDs
B2QHgLEIUduKIGidnleQbmI71yeANXK4VlSi2HwNsyb/iMK0PLRkAQOPJurmu1qO
BDTTigXT2xtmY3dZLhNEwIHD9M8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ7UHSi
hf5qUhuboRNXryVcH+oPoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQBTzfrZ4hbT/Mcfx4u77YuM/EoqJuz1qPEeMqcwHiwj
Cm5keDR5vmVFiCV5l3kLYcMjdh5MQKc/X6rm/mfeIhpaNOnkQheUMZjwQrHBWiF6
p5qcwK7riti1iyCEoMJx8zp9y03ZanCciAjV0vN50qebHEk5KpyYtG7t7mJ5obLO
JV3gIpcYIt+vCM+1bUFEXLnEkPuOLBKV7QNyxy3oN9t+LHcW8K6PJxgf3nxtIC1e
NLqQv3Zx1UqKqRpcddchpCGI1Q+W8wLKV3gkprcSQYxXr3169N48SelxeBH7Hdyw
+Txa/TFsLjb5laLU7m1x6GURjP4IHQ7BqsHuNlRZ5LXL
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:04:04 2025 by rpki-client