Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: tJnsVhH/k/me3XC6ag7GB+DffAeBR6LfIo/mIFrdqGk=
Subject key identifier: F7:D0:34:A0:A8:0C:31:B7:CE:69:3F:91:99:A2:B8:99:BE:A7:DF:22
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5255C6DFD305145774657F7D4EB0CA22451B7188
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Tue 05 Aug 2025 20:30:40 +0000
ROA not before: Tue 05 Aug 2025 20:30:40 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:55:c6:df:d3:05:14:57:74:65:7f:7d:4e:b0:ca:22:45:1b:71:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:40 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=54b1763a77e05a946663f8f5a0aac5344c0b7794e230229548bc651c8f7ddc78, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3c:05:fe:95:34:87:1f:a3:08:e4:77:c7:f6:
4e:bb:29:22:46:69:09:a9:9a:24:0b:13:a2:30:85:
72:f3:84:9e:dd:54:33:a3:b3:9f:c7:22:36:2e:01:
cb:a8:de:ae:01:8a:6b:c2:dd:14:68:c0:24:10:ad:
a2:46:d1:64:9f:cc:40:04:07:5a:82:e8:b1:02:d3:
df:7f:d3:4e:d9:1f:31:9a:71:37:cf:22:db:b2:c0:
94:b0:fd:94:a4:92:bc:0b:f2:73:21:2c:da:d8:4c:
53:54:1a:57:e0:dc:35:70:e0:26:d3:72:de:dc:e1:
c8:57:8f:27:e7:8d:46:ed:1a:70:ad:b3:0f:1e:0b:
e3:47:2b:45:6f:11:92:9f:e8:82:66:1e:a7:6b:fe:
4e:7f:a1:eb:a7:7e:3c:88:2a:67:49:55:78:b7:9e:
a0:42:b7:8d:af:ad:fe:5f:1f:4e:20:90:a3:b1:92:
a4:86:13:be:a1:c0:a0:27:3b:fe:de:65:78:00:64:
e9:78:4a:7a:6a:0b:5a:be:12:c9:fa:d3:ac:5e:62:
fd:6d:1d:95:a0:61:48:89:59:e6:3c:ed:2f:17:ed:
ce:46:c1:12:1b:fc:b2:1c:22:92:97:be:d0:25:eb:
bf:35:e7:4f:f2:b5:7a:df:dc:0b:6b:77:80:43:f7:
0d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D0:34:A0:A8:0C:31:B7:CE:69:3F:91:99:A2:B8:99:BE:A7:DF:22
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:ea:3a:b2:6d:34:b8:14:b5:1b:70:8e:c6:a9:ba:74:6b:e4:
71:46:8a:cc:12:e8:6c:6f:d9:5c:bc:a7:d5:2e:e8:ae:1c:81:
79:6d:ba:9c:33:22:41:2a:18:f2:11:a1:ed:e7:9d:23:08:aa:
17:02:b7:bf:34:31:69:47:4a:ac:8d:6c:54:02:84:42:2f:4e:
0f:28:73:d1:f5:f1:a9:e4:3b:22:86:3e:8a:a8:f9:ff:62:89:
34:de:69:ee:b7:1e:5a:92:67:b2:1a:25:86:3d:64:9f:89:c5:
75:3b:10:7c:0d:93:df:e1:c2:f0:1c:a5:b2:b9:ed:21:ab:f0:
45:9a:6f:e1:04:85:2a:ea:a7:19:99:91:14:99:26:75:3c:64:
e2:bc:fd:04:dd:6c:ea:68:1e:05:b0:7f:9d:15:f0:de:48:6f:
d7:97:92:f3:69:d5:ca:e4:d4:2f:fa:60:ae:c2:15:00:ee:d8:
71:74:5d:fd:51:0d:60:70:68:f8:c9:83:1b:4e:23:8f:a9:ee:
35:a1:71:9c:66:6b:b7:9b:66:58:94:22:f8:34:68:5f:47:77:
9f:8e:55:3d:b2:2b:ca:e3:9d:54:ca:05:ba:82:25:96:15:a4:
02:66:bc:8b:eb:36:12:c0:81:2b:2f:fd:55:6b:d2:1f:1c:50:
8c:be:ba:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUlXG39MFFFd0ZX99TrDKIkUbcYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwNDBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0YjE3NjNhNzdlMDVhOTQ2NjYzZjhmNWEwYWFjNTM0NGMwYjc3OTRlMjMw
MjI5NTQ4YmM2NTFjOGY3ZGRjNzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALo8Bf6VNIcfowjkd8f2TrspIkZpCamaJAsTojCFcvOEnt1UM6Ozn8ciNi4B
y6jergGKa8LdFGjAJBCtokbRZJ/MQAQHWoLosQLT33/TTtkfMZpxN88i27LAlLD9
lKSSvAvycyEs2thMU1QaV+DcNXDgJtNy3tzhyFePJ+eNRu0acK2zDx4L40crRW8R
kp/ogmYep2v+Tn+h66d+PIgqZ0lVeLeeoEK3ja+t/l8fTiCQo7GSpIYTvqHAoCc7
/t5leABk6XhKemoLWr4SyfrTrF5i/W0dlaBhSIlZ5jztLxftzkbBEhv8shwikpe+
0CXrvzXnT/K1et/cC2t3gEP3DXcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT30DSg
qAwxt85pP5GZoriZvqffIjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQBr6jqybTS4FLUbcI7Gqbp0a+RxRorMEuhsb9lcvKfV
LuiuHIF5bbqcMyJBKhjyEaHt550jCKoXAre/NDFpR0qsjWxUAoRCL04PKHPR9fGp
5Dsihj6KqPn/Yok03mnutx5akmeyGiWGPWSficV1OxB8DZPf4cLwHKWyue0hq/BF
mm/hBIUq6qcZmZEUmSZ1PGTivP0E3WzqaB4FsH+dFfDeSG/Xl5LzadXK5NQv+mCu
whUA7thxdF39UQ1gcGj4yYMbTiOPqe41oXGcZmu3m2ZYlCL4NGhfR3efjlU9sivK
451UygW6giWWFaQCZryL6zYSwIErL/1Va9IfHFCMvroj
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:43:26 2025 by rpki-client