Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: ICgiuK+WrdlCSPPVMIu8HPP/rYhAcAZYD8ez9vHwALc=
Subject key identifier: 15:C1:97:43:FC:E7:3A:07:A4:43:7A:9B:98:11:D7:E6:30:3E:18:34
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6D4CE3C62B519C15D3A8B45486528D5E43966251
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Mon 01 Sep 2025 21:30:25 +0000
ROA not before: Mon 01 Sep 2025 21:30:25 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 22:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:4c:e3:c6:2b:51:9c:15:d3:a8:b4:54:86:52:8d:5e:43:96:62:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:25 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=e3ab9e79269889fee25aed6f073985bf86ef327c67a6a5ee42a95c954ea9aac5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3b:9a:e1:82:17:cc:94:f3:1b:1a:e7:01:76:
45:3d:68:7f:9f:1d:0f:97:09:be:9a:bd:b2:c0:a4:
07:fe:51:e8:8c:2f:46:20:a1:b7:ab:b0:a3:4e:01:
b7:56:62:1a:b1:b1:bc:9d:b7:4a:0b:ca:f2:59:30:
a7:35:0f:12:76:24:b2:21:0d:53:de:27:1a:8b:64:
d0:87:01:5b:78:c1:28:d8:78:3f:ea:db:29:e1:47:
e4:e5:c6:c7:c4:bd:7d:81:15:6b:ec:d3:14:70:00:
3b:dc:fb:34:81:34:c5:86:f9:e7:f1:98:29:65:b7:
26:39:0f:08:ec:fb:2b:89:36:05:4f:67:b4:96:0e:
76:bd:e3:80:0f:93:8a:db:e0:07:39:fd:53:07:32:
7c:05:d8:9b:00:e4:99:c9:f3:a9:f6:30:9a:7b:64:
53:7a:7a:1a:6c:ef:01:bd:f7:eb:db:2e:8b:b8:75:
1b:18:0b:5b:65:71:78:71:74:f5:92:32:e9:d9:b2:
88:1f:35:a2:e9:6c:19:7a:27:42:e7:5a:48:af:fe:
0e:1d:b8:e7:5d:59:f1:c5:53:ad:0d:60:96:ef:cb:
63:2f:de:ed:3a:f9:c4:75:02:e7:03:7d:db:16:74:
cc:e1:ae:d2:a9:bd:8e:07:53:88:d3:95:e6:b1:2e:
3e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C1:97:43:FC:E7:3A:07:A4:43:7A:9B:98:11:D7:E6:30:3E:18:34
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:c8:93:19:cf:26:a9:fe:46:1e:ce:66:bf:69:01:d5:a9:68:
4f:7d:bb:0b:15:c4:6d:ec:95:69:be:e1:f3:6c:e8:63:eb:fa:
22:f2:83:8c:c9:50:b5:9a:25:13:f9:7f:a2:2d:c0:4f:77:da:
eb:c1:ee:4c:0f:0c:aa:84:d3:42:54:72:b4:80:00:04:b9:03:
ab:52:cd:c4:2b:f5:33:9a:66:69:da:93:7c:91:f7:bf:e8:09:
95:5c:e8:39:88:19:65:6b:4d:ce:f4:06:24:38:94:8a:d7:09:
a2:33:83:88:c8:97:82:23:f9:73:bd:60:f9:c4:fb:d3:fa:17:
bd:97:0a:e9:3e:8d:dd:75:3e:18:5e:f5:e2:45:43:50:75:fa:
d3:71:00:63:75:d9:5b:58:97:56:6c:c3:1f:24:b3:7d:4e:45:
02:21:65:1f:66:38:40:6e:da:bb:35:f8:54:03:28:f1:2b:b7:
1c:f2:82:57:44:e0:56:e1:61:62:f8:2e:06:70:94:05:1c:52:
77:29:41:40:39:32:cf:c8:fb:f8:8d:46:92:63:29:13:c9:ad:
ff:46:b1:8f:ba:06:ef:e6:25:42:7d:82:2b:55:6c:bc:e8:86:
8c:75:86:44:d3:4b:dc:28:ca:62:c7:bd:89:6f:0b:db:ea:19:
02:ee:72:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbUzjxitRnBXTqLRUhlKNXkOWYlEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwMjVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzYWI5ZTc5MjY5ODg5ZmVlMjVhZWQ2ZjA3Mzk4NWJmODZlZjMyN2M2N2E2
YTVlZTQyYTk1Yzk1NGVhOWFhYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAME7muGCF8yU8xsa5wF2RT1of58dD5cJvpq9ssCkB/5R6IwvRiCht6uwo04B
t1ZiGrGxvJ23SgvK8lkwpzUPEnYksiENU94nGotk0IcBW3jBKNh4P+rbKeFH5OXG
x8S9fYEVa+zTFHAAO9z7NIE0xYb55/GYKWW3JjkPCOz7K4k2BU9ntJYOdr3jgA+T
itvgBzn9UwcyfAXYmwDkmcnzqfYwmntkU3p6GmzvAb3369sui7h1GxgLW2VxeHF0
9ZIy6dmyiB81oulsGXonQudaSK/+Dh24511Z8cVTrQ1glu/LYy/e7Tr5xHUC5wN9
2xZ0zOGu0qm9jgdTiNOV5rEuPr0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQVwZdD
/Oc6B6RDepuYEdfmMD4YNDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQAjyJMZzyap/kYezma/aQHVqWhPfbsLFcRt7JVpvuHz
bOhj6/oi8oOMyVC1miUT+X+iLcBPd9rrwe5MDwyqhNNCVHK0gAAEuQOrUs3EK/Uz
mmZp2pN8kfe/6AmVXOg5iBlla03O9AYkOJSK1wmiM4OIyJeCI/lzvWD5xPvT+he9
lwrpPo3ddT4YXvXiRUNQdfrTcQBjddlbWJdWbMMfJLN9TkUCIWUfZjhAbtq7NfhU
AyjxK7cc8oJXROBW4WFi+C4GcJQFHFJ3KUFAOTLPyPv4jUaSYykTya3/RrGPugbv
5iVCfYIrVWy86IaMdYZE00vcKMpix72Jbwvb6hkC7nJO
-----END CERTIFICATE-----
Generated at Fri Sep 19 03:50:53 2025 by rpki-client