Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: 3d5rY4B0uIWE8HqxnsSBDuK+9faUlaNoQHPVnBjFQkM=
Subject key identifier: A4:DF:93:DE:63:99:FE:73:56:26:E7:F8:28:4E:18:B4:F1:83:CF:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27C732A585F5A6875F3CDA7993A230844B7027C7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Tue 05 Aug 2025 20:21:01 +0000
ROA not before: Tue 05 Aug 2025 20:21:01 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:c7:32:a5:85:f5:a6:87:5f:3c:da:79:93:a2:30:84:4b:70:27:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:01 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=34bbaff6dcde4b209075746a7af1a782f3c6237fdd64f06a8d5089b89b7ab197, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3a:a6:4f:16:bf:95:b5:d5:6c:b3:1a:57:19:
87:ed:6d:1a:2e:c4:59:7e:59:22:9f:2e:2c:26:50:
ac:84:e7:5d:85:72:88:73:22:8b:df:41:e6:cb:48:
23:ac:58:5e:3b:2f:c6:2d:40:8a:b0:8f:ce:4a:72:
74:b7:8d:4a:04:04:81:dc:c4:e6:63:75:06:f4:a0:
b7:21:45:74:bf:63:83:e6:9e:29:2a:f6:af:e2:9c:
11:46:63:53:a2:08:72:a5:cd:d2:e6:de:15:b7:5b:
f0:21:34:8a:ba:f6:b5:ea:9f:90:67:c0:23:41:63:
cf:79:a4:80:a7:7c:1d:b9:5b:1e:4a:31:86:76:63:
cd:33:4c:aa:1f:fc:fd:c7:22:18:a2:5e:c4:58:16:
63:ae:d6:d1:d7:62:f0:78:17:c9:3a:a9:74:c9:f1:
b3:ec:18:a0:d7:cf:7d:9f:1e:df:a2:57:bd:0f:78:
3b:53:4a:d4:09:ab:15:ac:1e:62:37:82:cd:ef:bd:
1f:92:9f:98:ce:e7:15:d4:e8:3e:e3:aa:7d:21:4c:
8e:04:0d:3e:b0:35:f7:2c:b0:7d:4f:a6:89:6f:82:
0e:da:08:89:aa:43:0b:b3:bc:7b:55:52:1b:36:34:
d8:b7:9a:c2:ba:16:e1:c4:d2:1c:8a:4f:11:9f:d5:
15:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DF:93:DE:63:99:FE:73:56:26:E7:F8:28:4E:18:B4:F1:83:CF:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c2:5a:c2:b9:6b:25:75:1d:cf:3c:e7:5f:13:fb:65:a0:30:95:
9a:83:2e:41:70:86:34:27:01:13:b2:08:40:29:cb:51:d4:bb:
29:f5:d5:35:43:fb:20:dd:82:53:fa:87:7f:89:20:8b:bb:68:
0b:2a:73:03:6a:ba:e7:67:81:a7:a6:ea:3a:7b:79:7c:7e:54:
b6:4e:f0:9d:05:29:4c:3c:9e:a6:e9:99:64:a7:8f:58:3d:02:
2c:20:ca:91:34:59:f4:ac:2f:9a:3e:23:a9:6e:f1:ff:d9:4a:
0e:62:12:aa:db:02:8a:ca:78:82:55:45:20:7e:e4:fd:ea:35:
b9:28:30:ce:34:ed:95:24:d7:2b:a3:fa:81:7f:da:df:f7:26:
95:3d:d9:66:4e:50:9a:46:a5:6c:30:d8:e3:cc:97:40:08:23:
f4:75:5d:e3:6d:ed:cb:b2:c1:5a:43:e3:53:c5:cd:a2:87:5b:
c1:f0:a1:bf:c6:ca:fd:b7:4b:5e:78:05:64:be:57:3e:99:3b:
cf:a9:cc:44:01:a6:09:9a:0f:19:bc:30:8d:07:de:9a:a3:47:
a5:ba:11:12:8a:f5:62:1f:cc:e8:e8:72:a7:c9:08:e7:a2:df:
cb:bc:83:51:94:87:af:27:ca:11:e1:4f:a0:35:d8:75:ab:ef:
21:4e:0b:62
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ8cypYX1podfPNp5k6IwhEtwJ8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMDFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0YmJhZmY2ZGNkZTRiMjA5MDc1NzQ2YTdhZjFhNzgyZjNjNjIzN2ZkZDY0
ZjA2YThkNTA4OWI4OWI3YWIxOTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMU6pk8Wv5W11WyzGlcZh+1tGi7EWX5ZIp8uLCZQrITnXYVyiHMii99B5stI
I6xYXjsvxi1AirCPzkpydLeNSgQEgdzE5mN1BvSgtyFFdL9jg+aeKSr2r+KcEUZj
U6IIcqXN0ubeFbdb8CE0irr2teqfkGfAI0Fjz3mkgKd8HblbHkoxhnZjzTNMqh/8
/cciGKJexFgWY67W0ddi8HgXyTqpdMnxs+wYoNfPfZ8e36JXvQ94O1NK1AmrFawe
YjeCze+9H5KfmM7nFdToPuOqfSFMjgQNPrA19yywfU+miW+CDtoIiapDC7O8e1VS
GzY02LeawroW4cTSHIpPEZ/VFSECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSk35Pe
Y5n+c1Ym5/goThi08YPPSTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQDCWsK5ayV1Hc88518T+2WgMJWagy5BcIY0JwETsghA
KctR1Lsp9dU1Q/sg3YJT+od/iSCLu2gLKnMDarrnZ4Gnpuo6e3l8flS2TvCdBSlM
PJ6m6Zlkp49YPQIsIMqRNFn0rC+aPiOpbvH/2UoOYhKq2wKKyniCVUUgfuT96jW5
KDDONO2VJNcro/qBf9rf9yaVPdlmTlCaRqVsMNjjzJdACCP0dV3jbe3LssFaQ+NT
xc2ih1vB8KG/xsr9t0teeAVkvlc+mTvPqcxEAaYJmg8ZvDCNB96ao0eluhESivVi
H8zo6HKnyQjnot/LvINRlIevJ8oR4U+gNdh1q+8hTgti
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:19 2025 by rpki-client