Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: QbO01NtzXIjeIGhm/S8apjN9rNMiiavowEGtieBVWrY=
Subject key identifier: 70:D3:E7:3B:B6:8E:5B:D0:5B:29:2C:6C:31:2C:0F:16:24:93:8C:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BD6A07537F6C4BB8D46AFA1D9BD4D0A6F88B5BE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Fri 15 Aug 2025 15:50:51 +0000
ROA not before: Fri 15 Aug 2025 15:50:51 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d6:a0:75:37:f6:c4:bb:8d:46:af:a1:d9:bd:4d:0a:6f:88:b5:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:51 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=bd4ad4c801abbeef21ff855540ccdd6f32d62177fed36b4b6ef06274e2883800, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:45:cd:a0:45:27:86:7e:60:9a:5a:ab:61:30:
c1:74:33:82:47:22:ca:49:ff:d5:21:f4:51:65:ff:
1d:88:a2:a9:03:e5:6d:b6:02:cb:71:67:40:c2:e2:
ff:35:a6:d2:a1:93:f5:f8:3e:1c:87:a1:dc:ba:df:
1a:38:9a:13:fd:cf:aa:b7:e0:5d:03:ee:9e:f2:8f:
9e:64:05:cd:47:d1:2f:c6:c8:e5:0e:b5:3e:b6:94:
ed:83:13:fb:21:2d:1b:f9:94:5a:12:67:8e:d7:14:
df:83:89:73:60:57:84:18:ac:26:97:02:f6:a3:26:
bb:f3:af:31:5d:34:7d:6c:a5:01:de:1f:87:63:ac:
29:dc:89:5d:e4:9e:85:b2:ea:6b:49:2d:60:26:95:
a1:cf:4a:0a:0f:d3:83:8f:7e:66:9d:e0:04:91:a4:
44:0b:7c:5d:c9:53:06:8e:2e:c9:75:d5:0a:3e:d9:
8a:58:54:64:4c:24:9d:5e:89:9e:dc:95:94:15:69:
38:ef:77:94:2c:39:69:2b:7d:47:19:fc:9e:bd:d8:
ae:7f:10:24:54:56:7e:8d:ee:ce:48:27:4d:16:77:
77:f0:f1:9d:47:f2:68:c9:fd:e0:e6:66:3f:8e:58:
b0:66:ef:85:d3:83:c8:95:8e:30:73:47:31:23:61:
32:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D3:E7:3B:B6:8E:5B:D0:5B:29:2C:6C:31:2C:0F:16:24:93:8C:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
75:3a:f8:6d:05:98:55:ac:e5:d1:f1:9e:d4:e5:25:de:5c:3c:
77:67:aa:dd:a3:4d:0b:5b:4f:b9:62:6b:b7:e9:38:37:8e:63:
c9:82:8b:86:25:b2:8a:c6:30:ba:03:9e:f6:79:00:cc:7b:20:
53:b9:a7:1e:07:59:67:84:f7:04:7e:cf:11:c9:9f:e9:c8:2b:
bd:d9:10:3c:80:e2:bc:21:85:5a:31:49:a0:d4:9e:83:53:e8:
1c:87:af:08:b1:e7:8d:79:76:c9:f7:b2:52:55:53:63:68:a6:
52:0f:b6:41:1e:25:84:42:15:07:38:dd:1a:93:71:bd:a8:90:
75:b5:d9:c5:42:fb:f2:22:05:9f:cc:af:a4:61:2e:a0:78:b4:
8a:68:3a:38:1d:3d:73:34:db:34:5f:dd:1c:3c:d4:7c:72:25:
ce:de:36:ab:86:c9:68:b2:ed:93:8d:89:b7:11:df:d5:87:1f:
f8:ba:37:6e:6c:94:21:66:12:bb:e6:53:cc:a2:6d:b3:e0:13:
88:87:11:6c:ff:36:c6:18:80:2d:96:dc:98:eb:e4:cd:f9:5e:
c8:92:7d:a5:ee:3a:3f:61:42:12:d1:ae:59:87:e7:32:c9:8e:
8e:69:2e:7a:5c:c5:44:46:84:7e:30:58:72:1e:74:13:d1:6c:
bc:e2:e6:58
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS9agdTf2xLuNRq+h2b1NCm+Itb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNTFaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNGFkNGM4MDFhYmJlZWYyMWZmODU1NTQwY2NkZDZmMzJkNjIxNzdmZWQz
NmI0YjZlZjA2Mjc0ZTI4ODM4MDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtFzaBFJ4Z+YJpaq2EwwXQzgkciykn/1SH0UWX/HYiiqQPlbbYCy3FnQMLi
/zWm0qGT9fg+HIeh3LrfGjiaE/3PqrfgXQPunvKPnmQFzUfRL8bI5Q61PraU7YMT
+yEtG/mUWhJnjtcU34OJc2BXhBisJpcC9qMmu/OvMV00fWylAd4fh2OsKdyJXeSe
hbLqa0ktYCaVoc9KCg/Tg49+Zp3gBJGkRAt8XclTBo4uyXXVCj7ZilhUZEwknV6J
ntyVlBVpOO93lCw5aSt9Rxn8nr3Yrn8QJFRWfo3uzkgnTRZ3d/DxnUfyaMn94OZm
P45YsGbvhdODyJWOMHNHMSNhMkkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRw0+c7
to5b0FspLGwxLA8WJJOMbzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQB1OvhtBZhVrOXR8Z7U5SXeXDx3Z6rdo00LW0+5Ymu3
6Tg3jmPJgouGJbKKxjC6A572eQDMeyBTuaceB1lnhPcEfs8RyZ/pyCu92RA8gOK8
IYVaMUmg1J6DU+gch68IseeNeXbJ97JSVVNjaKZSD7ZBHiWEQhUHON0ak3G9qJB1
tdnFQvvyIgWfzK+kYS6geLSKaDo4HT1zNNs0X90cPNR8ciXO3jarhslosu2TjYm3
Ed/Vhx/4ujdubJQhZhK75lPMom2z4BOIhxFs/zbGGIAtltyY6+TN+V7Ikn2l7jo/
YUIS0a5Zh+cyyY6OaS56XMVERoR+MFhyHnQT0Wy84uZY
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:14 2025 by rpki-client