Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: RU/SYllF2yI6K3w9NsnmoiLyXwyW6pAf1/WgHw/8gNM=
Subject key identifier: 3E:6D:8D:C2:27:A5:BB:51:86:31:3F:A2:79:9C:8E:57:69:E7:C1:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76E94A3447D183A4A1B5CAFA9A83F59FD09658CF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Tue 05 Aug 2025 20:30:37 +0000
ROA not before: Tue 05 Aug 2025 20:30:37 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:e9:4a:34:47:d1:83:a4:a1:b5:ca:fa:9a:83:f5:9f:d0:96:58:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:37 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b5ded66b8bc068aefb976b0b0972d256343ec6aec4e30e11cbc852088571b6dd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ec:34:80:8b:0f:6c:af:8a:bb:f7:2e:15:ec:
af:e1:c9:d1:84:c3:16:21:2f:e0:53:fc:06:e5:99:
6f:33:5a:bd:7c:eb:0f:5b:8c:83:40:9a:40:2b:f2:
35:67:73:f8:94:ce:17:1d:2b:d3:2f:ec:71:ac:ca:
dd:2a:9d:06:85:75:f4:0c:64:c6:93:0a:87:3e:fe:
8e:fa:8f:d4:58:80:e3:95:0b:8e:5c:30:52:21:8b:
8f:d8:f1:c5:1e:6f:9b:60:e0:37:b6:82:e8:41:a3:
f0:64:b3:e0:55:bf:97:33:96:7e:9a:0f:03:f5:1d:
27:c1:87:bf:e9:e4:50:da:14:19:59:73:ef:ef:df:
f3:bd:88:0c:0d:3d:6a:64:ef:6c:be:73:c7:a9:1b:
c9:64:bf:44:71:2f:a5:61:41:92:0c:7b:7a:1b:fc:
69:9f:a2:58:c2:00:57:36:a9:00:ab:2b:f3:4b:1f:
98:0c:2f:34:90:fe:81:83:68:7a:7d:68:9b:f0:98:
7b:5f:0e:96:f4:b1:48:88:ff:54:2b:d5:fc:f6:4c:
68:5c:b5:97:45:b1:79:6e:0f:40:b5:64:5b:f3:fc:
2d:2a:8d:a8:c1:d8:13:c9:8b:e5:94:cb:3e:77:12:
ca:af:5b:bf:73:64:40:60:06:0e:c4:3d:08:3b:ca:
a5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6D:8D:C2:27:A5:BB:51:86:31:3F:A2:79:9C:8E:57:69:E7:C1:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:5e:26:9b:14:72:58:b8:96:11:c8:eb:cd:b5:1a:a7:68:a2:
af:59:0a:d3:2b:3f:38:bf:e6:d2:83:e3:15:cf:7f:f8:ee:ec:
98:cd:ef:7e:ba:2a:d8:3e:dc:f7:13:bc:d1:7b:64:ff:39:bb:
65:ed:8b:10:3a:8d:8b:1f:c2:b5:d0:34:3d:42:5c:10:f3:1a:
48:44:30:ec:34:0e:93:f1:29:31:3e:ec:03:86:21:85:50:c4:
ae:73:5f:a4:6e:2c:f7:91:b9:0a:6b:85:2e:40:ad:a1:9c:f3:
51:b4:8a:33:12:63:67:88:82:f6:75:1c:58:59:a4:1f:c2:77:
bb:36:f3:b8:b4:74:0a:f5:fc:ad:31:08:06:37:81:0d:c9:17:
49:b6:bf:21:71:a5:46:db:77:83:d5:df:8b:ff:1c:5c:45:27:
84:3c:d9:dd:18:40:5b:38:57:b4:ea:3e:e8:e8:fc:3f:5c:ad:
cd:c7:f8:fa:b2:6b:31:89:08:44:de:ce:67:54:38:97:59:4d:
13:6f:46:ce:72:8b:37:90:8d:c9:6c:05:c9:d8:5d:d7:ef:83:
4a:c1:de:42:4f:ac:24:00:78:66:08:f8:ab:ac:49:79:8a:d9:
12:e2:44:14:48:5a:e1:4d:75:42:f4:ed:b5:69:a2:7b:81:bd:
e9:1b:d3:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdulKNEfRg6Shtcr6moP1n9CWWM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMzdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ZGVkNjZiOGJjMDY4YWVmYjk3NmIwYjA5NzJkMjU2MzQzZWM2YWVjNGUz
MGUxMWNiYzg1MjA4ODU3MWI2ZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7sNICLD2yvirv3LhXsr+HJ0YTDFiEv4FP8BuWZbzNavXzrD1uMg0CaQCvy
NWdz+JTOFx0r0y/scazK3SqdBoV19AxkxpMKhz7+jvqP1FiA45ULjlwwUiGLj9jx
xR5vm2DgN7aC6EGj8GSz4FW/lzOWfpoPA/UdJ8GHv+nkUNoUGVlz7+/f872IDA09
amTvbL5zx6kbyWS/RHEvpWFBkgx7ehv8aZ+iWMIAVzapAKsr80sfmAwvNJD+gYNo
en1om/CYe18OlvSxSIj/VCvV/PZMaFy1l0WxeW4PQLVkW/P8LSqNqMHYE8mL5ZTL
PncSyq9bv3NkQGAGDsQ9CDvKpWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ+bY3C
J6W7UYYxP6J5nI5XaefB7jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQAxXiabFHJYuJYRyOvNtRqnaKKvWQrTKz84v+bSg+MV
z3/47uyYze9+uirYPtz3E7zRe2T/Obtl7YsQOo2LH8K10DQ9QlwQ8xpIRDDsNA6T
8SkxPuwDhiGFUMSuc1+kbiz3kbkKa4UuQK2hnPNRtIozEmNniIL2dRxYWaQfwne7
NvO4tHQK9fytMQgGN4ENyRdJtr8hcaVG23eD1d+L/xxcRSeEPNndGEBbOFe06j7o
6Pw/XK3Nx/j6smsxiQhE3s5nVDiXWU0Tb0bOcos3kI3JbAXJ2F3X74NKwd5CT6wk
AHhmCPirrEl5itkS4kQUSFrhTXVC9O21aaJ7gb3pG9ND
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:34 2025 by rpki-client