Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
File: 1daf6597-c039-470d-a015-f42507e1afef.roa (raw, json)
Hash identifier: 8hEnYfmuHhNfZgd758jgD7Yu890Mm0vJtMS9Sw8y0As=
Subject key identifier: 24:9A:15:16:F3:E1:FF:D8:0D:C6:FA:56:B8:61:83:88:4C:1A:71:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D42046C1DC88A40BA5E4496D7F84EDB5500BEC5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
Signing time: Tue 05 Aug 2025 20:20:14 +0000
ROA not before: Tue 05 Aug 2025 20:20:14 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:42:04:6c:1d:c8:8a:40:ba:5e:44:96:d7:f8:4e:db:55:00:be:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:14 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=665562923aef18fc7dc3251fd42c886cf85d98f020e74fa12b88b1c30df1f167, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5b:12:90:d1:1a:15:32:d8:08:67:eb:38:12:
83:ed:c4:4b:85:f7:ca:c7:0f:26:4f:60:2c:4e:64:
8c:2b:a5:44:c5:60:fd:c9:2c:83:38:24:32:aa:8a:
69:91:bd:82:af:b0:ae:ee:25:00:ad:94:d3:06:7b:
b2:01:6e:03:3f:05:51:4d:a3:79:4b:90:f5:fa:2a:
c3:10:e3:90:af:05:06:55:a8:21:53:57:51:c5:f2:
16:1c:21:0f:2d:d2:55:71:f8:20:89:40:bb:06:8e:
57:17:c9:65:e8:d9:4d:c9:db:1f:e3:c0:58:50:84:
f6:a6:97:da:62:b6:a3:6d:50:df:90:57:1e:62:33:
38:18:9a:43:5d:ba:b3:78:c0:69:77:1b:b2:02:89:
21:a9:cf:67:9f:1c:62:4c:56:ed:dd:e1:8e:91:6f:
00:30:a7:5d:b5:fe:bf:40:02:8f:e6:83:14:fc:0a:
4a:19:c3:a1:f7:2c:54:1a:29:02:da:7a:bc:4a:d5:
5d:1e:01:cc:96:36:a1:a7:aa:72:cf:f2:95:40:7e:
c1:4b:00:7e:36:8c:f3:aa:9d:9d:90:ed:13:94:69:
d5:e8:09:b9:2e:1d:fa:40:39:71:3d:aa:9a:d4:ee:
2f:f8:f2:5c:75:45:72:4b:47:97:1c:89:92:09:8e:
57:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9A:15:16:F3:E1:FF:D8:0D:C6:FA:56:B8:61:83:88:4C:1A:71:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
91:f2:55:9d:18:59:1a:00:0d:89:1c:8a:80:e8:c9:82:9f:8e:
95:73:a7:76:e2:16:60:9a:5c:c9:ad:17:e2:1d:1c:9f:56:c1:
f4:f0:d2:ed:6d:88:0d:c8:de:55:8b:e8:ac:ef:67:4d:96:1d:
34:ba:cf:06:74:a7:d1:37:a7:22:0d:91:97:ac:a6:25:8e:1c:
07:64:68:f3:28:8f:e3:de:84:ad:33:4b:1c:ea:75:5d:78:c1:
da:80:4b:78:4c:80:1f:5e:ed:11:2a:1d:b4:7b:65:74:53:41:
61:6b:06:f5:c4:9e:ae:9b:08:f5:c8:f8:0c:bb:69:92:b2:a9:
60:32:5b:89:85:a5:93:28:0f:57:a5:03:7c:64:d3:69:0c:8e:
bf:da:33:57:d9:e6:82:fb:76:14:dd:d2:9c:1b:b1:25:f1:8e:
83:cf:48:8c:e9:ef:0a:c8:dd:6a:65:34:79:f4:b1:94:26:26:
81:95:32:3f:cf:b6:8e:25:b8:21:40:3b:9b:49:72:ff:cb:44:
4c:35:06:3d:56:6b:c9:78:d0:1f:94:6f:e7:1c:cc:8d:af:a5:
87:9b:48:20:db:ec:af:c5:c8:6c:b4:46:d2:17:9a:91:3a:c3:
57:98:54:e7:52:d2:c7:3a:e1:85:14:25:49:06:9c:2d:e6:59:
c8:63:43:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXUIEbB3IikC6XkSW1/hO21UAvsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2NTU2MjkyM2FlZjE4ZmM3ZGMzMjUxZmQ0MmM4ODZjZjg1ZDk4ZjAyMGU3
NGZhMTJiODhiMWMzMGRmMWYxNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5bEpDRGhUy2Ahn6zgSg+3ES4X3yscPJk9gLE5kjCulRMVg/cksgzgkMqqK
aZG9gq+wru4lAK2U0wZ7sgFuAz8FUU2jeUuQ9foqwxDjkK8FBlWoIVNXUcXyFhwh
Dy3SVXH4IIlAuwaOVxfJZejZTcnbH+PAWFCE9qaX2mK2o21Q35BXHmIzOBiaQ126
s3jAaXcbsgKJIanPZ58cYkxW7d3hjpFvADCnXbX+v0ACj+aDFPwKShnDofcsVBop
Atp6vErVXR4BzJY2oaeqcs/ylUB+wUsAfjaM86qdnZDtE5Rp1egJuS4d+kA5cT2q
mtTuL/jyXHVFcktHlxyJkgmOV3sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQkmhUW
8+H/2A3G+la4YYOITBpxHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRhZjY1OTctYzAzOS00NzBkLWEwMTUtZjQyNTA3ZTFhZmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQCR8lWdGFkaAA2JHIqA6MmCn46Vc6d24hZgmlzJrRfi
HRyfVsH08NLtbYgNyN5Vi+is72dNlh00us8GdKfRN6ciDZGXrKYljhwHZGjzKI/j
3oStM0sc6nVdeMHagEt4TIAfXu0RKh20e2V0U0Fhawb1xJ6umwj1yPgMu2mSsqlg
MluJhaWTKA9XpQN8ZNNpDI6/2jNX2eaC+3YU3dKcG7El8Y6Dz0iM6e8KyN1qZTR5
9LGUJiaBlTI/z7aOJbghQDubSXL/y0RMNQY9VmvJeNAflG/nHMyNr6WHm0gg2+yv
xchstEbSF5qROsNXmFTnUtLHOuGFFCVJBpwt5lnIY0P3
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:23 2025 by rpki-client