Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: vMPOrveD7wTLfYrZUMcORNQdd3Ld1O4KwKKI7ihpvP8=
Subject key identifier: D2:2E:3D:B1:73:13:B2:D4:2B:83:53:81:8C:D8:3B:DF:18:DA:59:C0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65505FE55F2E8D9110AE81275AEC1EF538A39D7D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Mon 16 Jun 2025 21:51:29 +0000
ROA not before: Mon 16 Jun 2025 21:51:29 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:50:5f:e5:5f:2e:8d:91:10:ae:81:27:5a:ec:1e:f5:38:a3:9d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:29 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=d425c956b693a420ec4c14cbe0d1c20521ca36dea29a7848cf9e77c6943308b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:6e:25:73:f4:fe:ab:a7:aa:b7:1f:9c:6c:
6e:12:4d:18:5d:06:2e:47:b3:bd:f9:63:7b:12:6d:
bb:cc:80:82:7d:99:81:80:83:ce:00:21:62:ff:3c:
01:11:68:82:44:89:7b:f4:db:88:2b:83:d7:cb:42:
d7:eb:99:30:6e:10:d3:d7:af:26:0e:ba:8f:04:69:
15:ae:b5:8a:70:50:cd:da:86:7d:89:ce:28:1a:65:
c8:f8:f1:3a:08:e9:90:bd:46:60:09:ce:00:80:e2:
95:ac:cc:c7:aa:6e:db:4e:ef:3a:2a:ab:bf:55:84:
f7:78:7f:68:e3:4d:42:fc:53:23:15:89:96:88:1d:
f3:7c:b4:5d:f2:31:63:7c:0a:fa:45:69:86:eb:67:
43:40:a4:a7:cb:63:9d:e0:c6:bf:4a:ac:4b:bb:f5:
59:32:46:1e:a6:80:8d:f7:8a:28:4a:80:66:9f:6b:
fa:ba:76:0b:4e:4d:f9:de:e5:de:61:6d:dd:12:bd:
cf:1e:38:47:87:c2:85:54:77:5e:0d:59:13:d7:48:
6f:a6:22:f0:2d:c9:c7:b8:3c:d2:ce:fa:ef:c0:58:
be:eb:33:d5:ef:12:df:e1:a9:1f:f3:9b:a9:40:b0:
29:eb:c1:66:df:12:5f:36:8d:4a:94:7b:48:22:9a:
89:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2E:3D:B1:73:13:B2:D4:2B:83:53:81:8C:D8:3B:DF:18:DA:59:C0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b2:1c:4a:e7:cd:22:54:bb:83:d1:89:5e:23:af:91:1c:1a:2d:
e9:3c:34:28:b4:fc:91:11:b9:6f:8a:23:d4:7c:cb:fa:a9:2e:
93:43:bc:2c:0b:e2:6b:cf:6e:b0:ed:41:83:ee:f3:72:01:9d:
1d:79:8a:eb:4e:ae:a0:1d:e8:52:fa:1f:70:fd:8b:56:70:05:
07:7f:aa:6a:ea:55:bb:bd:0d:24:0d:c7:0b:13:e4:31:1c:86:
1e:6a:2c:6c:98:bf:7a:15:e6:c8:ee:a0:68:c1:b7:9e:25:83:
9f:37:dd:34:cf:83:55:c9:d3:42:51:9f:22:a5:9e:ca:3d:89:
0e:8e:7b:cb:e2:a4:48:27:9b:7b:28:ea:22:4c:95:dd:27:b5:
0a:15:3f:1b:39:1c:27:d4:23:68:0e:ce:b6:fb:c1:39:9e:5a:
a1:07:9c:4a:6c:e1:4f:7b:6f:06:67:0f:b6:c8:3a:60:14:34:
78:01:10:1f:84:c9:51:84:e6:84:33:d6:5c:44:ad:8a:8f:8c:
7e:c5:9a:61:f0:1d:cc:15:ee:47:aa:90:54:13:ed:69:e0:5a:
96:59:5e:e8:c8:b3:fd:38:96:af:3f:47:48:c9:49:d7:51:dc:
73:2f:ba:45:14:65:71:3e:13:41:aa:4e:1b:e2:4c:7c:65:08:
51:25:9f:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZVBf5V8ujZEQroEnWuwe9TijnX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMjlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0MjVjOTU2YjY5M2E0MjBlYzRjMTRjYmUwZDFjMjA1MjFjYTM2ZGVhMjlh
Nzg0OGNmOWU3N2M2OTQzMzA4YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNlbiVz9P6rp6q3H5xsbhJNGF0GLkezvfljexJtu8yAgn2ZgYCDzgAhYv88
ARFogkSJe/TbiCuD18tC1+uZMG4Q09evJg66jwRpFa61inBQzdqGfYnOKBplyPjx
OgjpkL1GYAnOAIDilazMx6pu207vOiqrv1WE93h/aONNQvxTIxWJlogd83y0XfIx
Y3wK+kVphutnQ0Ckp8tjneDGv0qsS7v1WTJGHqaAjfeKKEqAZp9r+rp2C05N+d7l
3mFt3RK9zx44R4fChVR3Xg1ZE9dIb6Yi8C3Jx7g80s7678BYvusz1e8S3+GpH/Ob
qUCwKevBZt8SXzaNSpR7SCKaiUsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTSLj2x
cxOy1CuDU4GM2DvfGNpZwDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQCyHErnzSJUu4PRiV4jr5EcGi3pPDQotPyREblviiPU
fMv6qS6TQ7wsC+Jrz26w7UGD7vNyAZ0deYrrTq6gHehS+h9w/YtWcAUHf6pq6lW7
vQ0kDccLE+QxHIYeaixsmL96FebI7qBowbeeJYOfN900z4NVydNCUZ8ipZ7KPYkO
jnvL4qRIJ5t7KOoiTJXdJ7UKFT8bORwn1CNoDs62+8E5nlqhB5xKbOFPe28GZw+2
yDpgFDR4ARAfhMlRhOaEM9ZcRK2Kj4x+xZph8B3MFe5HqpBUE+1p4FqWWV7oyLP9
OJavP0dIyUnXUdxzL7pFFGVxPhNBqk4b4kx8ZQhRJZ9A
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:57:38 2025 by rpki-client