Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
File: 226b8c83-9647-47e2-847b-1787f3d54040.roa (raw, json)
Hash identifier: 5DazsZwJ3lrwa75MDWud5ZLN7rI4q9IlN43Ea346yx4=
Subject key identifier: D1:01:D8:A8:8C:39:E9:9E:FE:F3:5A:84:59:56:F1:D8:14:4D:88:77
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 474977343DD67418C4D838A1339FEEEE064B10A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
Signing time: Fri 08 Aug 2025 00:40:37 +0000
ROA not before: Fri 08 Aug 2025 00:40:37 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.94.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:49:77:34:3d:d6:74:18:c4:d8:38:a1:33:9f:ee:ee:06:4b:10:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:37 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=f669086d37dafcb87ec0731b158b690d71465de0f15f62506667684ae88fa4de, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a8:4f:05:ec:3f:bc:87:d9:73:8d:ff:4e:0f:
1a:c4:a9:fc:36:ec:93:eb:30:ad:d4:30:12:89:f5:
78:ca:61:67:17:e3:b0:56:7e:93:c4:27:21:11:0b:
4e:42:63:73:da:88:80:10:a2:e4:e6:ea:43:17:56:
8f:91:de:3b:e1:53:a7:0b:4d:a4:ba:bb:34:03:e5:
8c:5e:99:d8:96:a1:3f:4e:85:8c:4f:b7:73:5d:20:
79:f3:cf:4b:2c:95:67:aa:d1:0a:29:8a:39:a6:c2:
b9:ea:9f:b8:50:ea:5d:b9:7a:a3:89:a4:33:95:79:
bf:37:cc:3b:c5:c5:bc:c7:6e:3a:64:1c:17:b3:da:
3b:8d:02:31:f2:fe:54:8b:cb:a0:53:e8:1e:dd:28:
48:c8:94:aa:ea:b1:eb:62:fe:d7:f5:19:79:ed:76:
99:27:76:94:25:87:93:0a:62:d0:b4:af:0f:3f:b1:
b1:25:55:6b:e1:2a:fe:52:20:14:b2:56:21:88:c1:
ff:4e:07:03:34:88:a5:82:a9:56:dd:9c:b4:ff:59:
49:47:77:3b:24:60:70:6d:df:24:3b:17:e7:42:e1:
ee:05:8f:d2:c6:c5:b1:84:b7:92:a5:45:f7:f4:7b:
41:c6:8a:1c:b4:99:28:aa:d3:fe:24:c0:d9:eb:eb:
74:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:01:D8:A8:8C:39:E9:9E:FE:F3:5A:84:59:56:F1:D8:14:4D:88:77
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.94.0.0/15
Signature Algorithm: sha256WithRSAEncryption
48:4e:65:ab:86:06:e6:62:ec:6f:3a:26:07:4b:17:4c:fe:e8:
96:33:f2:e1:f1:9e:01:44:e7:b1:e6:d1:fe:b8:f6:2e:ca:98:
61:7a:a7:69:d0:c3:40:49:7c:83:84:5d:e4:4f:e1:8c:38:82:
25:07:96:74:56:30:09:ea:09:b9:7b:19:d6:e5:71:13:f1:cc:
86:dc:5a:ae:83:87:cb:ff:67:d8:cf:2a:ae:c5:48:ba:85:d2:
6c:8a:18:17:06:3f:72:8b:12:f2:2b:29:94:fb:e1:e2:05:ed:
6d:e6:7d:56:ed:99:d6:da:6d:0b:75:28:79:bb:41:16:bd:64:
8c:a9:da:b4:b2:19:80:2a:28:f1:3a:d9:74:7f:ce:88:89:fc:
b6:39:ee:16:c0:3d:34:4e:fc:c0:dc:6e:35:11:f7:1d:00:c4:
79:65:c1:7d:67:c8:5a:d7:ee:0a:51:c8:6a:7d:1d:6a:3f:47:
ce:71:b1:b5:5e:52:11:3d:53:74:6e:48:95:90:07:ab:83:56:
c9:83:a2:f9:e6:fa:43:59:a7:3b:45:5b:4c:c7:d7:6b:c7:d6:
dc:be:ae:5e:68:2e:ea:e9:80:d1:26:83:fe:95:b2:35:bd:ec:
b5:11:1c:58:fb:e3:8f:fa:ae:a4:8b:56:06:b3:0e:a1:d1:dd:
08:14:4d:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR0l3ND3WdBjE2DihM5/u7gZLEKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMzdaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2NjkwODZkMzdkYWZjYjg3ZWMwNzMxYjE1OGI2OTBkNzE0NjVkZTBmMTVm
NjI1MDY2Njc2ODRhZTg4ZmE0ZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeoTwXsP7yH2XON/04PGsSp/Dbsk+swrdQwEon1eMphZxfjsFZ+k8QnIREL
TkJjc9qIgBCi5ObqQxdWj5HeO+FTpwtNpLq7NAPljF6Z2JahP06FjE+3c10gefPP
SyyVZ6rRCimKOabCueqfuFDqXbl6o4mkM5V5vzfMO8XFvMduOmQcF7PaO40CMfL+
VIvLoFPoHt0oSMiUquqx62L+1/UZee12mSd2lCWHkwpi0LSvDz+xsSVVa+Eq/lIg
FLJWIYjB/04HAzSIpYKpVt2ctP9ZSUd3OyRgcG3fJDsX50Lh7gWP0sbFsYS3kqVF
9/R7QcaKHLSZKKrT/iTA2evrdNkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTRAdio
jDnpnv7zWoRZVvHYFE2IdzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjI2YjhjODMtOTY0Ny00N2UyLTg0N2ItMTc4N2YzZDU0MDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNeMA0G
CSqGSIb3DQEBCwUAA4IBAQBITmWrhgbmYuxvOiYHSxdM/uiWM/Lh8Z4BROex5tH+
uPYuyphheqdp0MNASXyDhF3kT+GMOIIlB5Z0VjAJ6gm5exnW5XET8cyG3Fqug4fL
/2fYzyquxUi6hdJsihgXBj9yixLyKymU++HiBe1t5n1W7ZnW2m0LdSh5u0EWvWSM
qdq0shmAKijxOtl0f86Iify2Oe4WwD00TvzA3G41EfcdAMR5ZcF9Z8ha1+4KUchq
fR1qP0fOcbG1XlIRPVN0bkiVkAerg1bJg6L55vpDWac7RVtMx9drx9bcvq5eaC7q
6YDRJoP+lbI1vey1ERxY++OP+q6ki1YGsw6h0d0IFE1H
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:53 2025 by rpki-client