Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: c+SYXRMnlXefXpnbjXG6OFhqmbBqrVoYGdYiWVuWkV4=
Subject key identifier: 1B:C4:BD:3F:AC:67:30:5F:E1:EE:FC:56:FF:A5:C2:D5:68:FA:14:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63F6BC489F0E38FFFB856F40A211991C3BF38E72
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Fri 08 Aug 2025 00:40:22 +0000
ROA not before: Fri 08 Aug 2025 00:40:22 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:f6:bc:48:9f:0e:38:ff:fb:85:6f:40:a2:11:99:1c:3b:f3:8e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:22 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=ab600e4590baf544316860b66ea10c386a0c83672ab0cd338a47146caef53c3d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:86:ac:36:56:21:39:a8:db:db:5f:dd:c1:1a:
81:ce:d9:ca:8f:ba:10:84:43:1f:5c:07:6b:af:42:
be:a9:99:3f:63:1f:91:ec:cf:a4:4e:c3:4a:f3:ee:
32:e8:b6:a6:f8:d4:58:af:1a:6c:c3:83:6a:a3:fa:
24:c3:f7:08:36:14:0d:ff:d2:7d:31:c3:a7:f3:9b:
ad:cb:9d:a0:e9:ea:af:a9:c4:01:6b:29:ec:81:3b:
79:3f:38:9b:9f:84:4d:53:a6:44:96:fb:06:09:be:
da:32:e3:ce:61:bb:51:29:7c:14:eb:2c:55:79:60:
02:ce:a2:1a:61:5d:2a:84:95:90:b5:68:35:bf:ec:
8f:00:b4:45:b3:b7:05:c5:60:18:0a:af:9b:a5:82:
e9:33:64:22:96:8e:35:06:c6:73:0e:ee:6b:a7:68:
2b:f9:14:46:f3:04:c6:77:58:71:bb:1e:48:c4:85:
90:ad:00:90:53:39:d2:4a:a5:69:0b:c7:74:f3:6b:
d0:03:30:40:46:00:f6:1f:8a:c3:bf:56:f5:9a:6c:
c0:08:07:54:d4:95:9b:ab:8b:f8:e1:68:a4:5d:b8:
9c:c2:97:1c:e2:af:7c:c3:f0:34:46:f2:d4:70:c1:
26:3c:63:30:44:70:a1:f8:fc:39:b5:97:07:2e:8d:
00:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C4:BD:3F:AC:67:30:5F:E1:EE:FC:56:FF:A5:C2:D5:68:FA:14:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:3d:05:d5:d3:37:7a:12:ec:b6:49:75:66:a7:f6:cf:8a:47:
98:29:ca:d7:02:d4:7b:54:74:d0:b4:88:df:b4:70:25:99:96:
d2:32:1e:f2:f7:a0:e0:7a:df:bc:91:fb:a2:b5:f6:eb:48:47:
9c:c2:28:cd:5d:5d:ac:eb:37:82:93:73:57:cb:08:c4:4c:ac:
c0:0b:19:b0:be:da:59:1b:0e:15:19:98:13:76:2b:ac:b9:4c:
f2:9c:2c:13:b0:31:3d:4f:ca:e6:34:73:1e:d4:e3:5d:8f:34:
1a:1d:b0:10:ef:26:e0:b5:c8:4e:ac:ca:ff:35:f2:5a:39:26:
3f:86:69:9b:2f:6e:76:81:dc:1a:2d:43:c2:5c:32:e7:07:b0:
b0:ad:fd:54:39:a4:c3:1f:4c:36:1d:b7:ef:f1:ab:c2:78:2f:
e4:96:8d:83:f8:5b:77:bc:8c:8f:37:ca:c8:22:27:71:9c:78:
5d:68:c8:11:c3:7e:a3:f9:28:23:be:03:44:9f:45:90:46:c9:
19:94:b6:15:0a:8d:99:db:54:63:5d:6c:43:a8:0f:27:34:82:
53:5c:07:e3:9f:03:3c:e5:bd:c2:c4:7e:10:b2:dc:9a:ee:81:
bd:06:35:0b:af:9a:49:be:2b:38:de:bd:fa:34:f8:91:b7:97:
95:00:70:50
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY/a8SJ8OOP/7hW9AohGZHDvzjnIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMjJaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiNjAwZTQ1OTBiYWY1NDQzMTY4NjBiNjZlYTEwYzM4NmEwYzgzNjcyYWIw
Y2QzMzhhNDcxNDZjYWVmNTNjM2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOGrDZWITmo29tf3cEagc7Zyo+6EIRDH1wHa69CvqmZP2MfkezPpE7DSvPu
Mui2pvjUWK8abMODaqP6JMP3CDYUDf/SfTHDp/ObrcudoOnqr6nEAWsp7IE7eT84
m5+ETVOmRJb7Bgm+2jLjzmG7USl8FOssVXlgAs6iGmFdKoSVkLVoNb/sjwC0RbO3
BcVgGAqvm6WC6TNkIpaONQbGcw7ua6doK/kURvMExndYcbseSMSFkK0AkFM50kql
aQvHdPNr0AMwQEYA9h+Kw79W9ZpswAgHVNSVm6uL+OFopF24nMKXHOKvfMPwNEby
1HDBJjxjMERwofj8ObWXBy6NAJsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQbxL0/
rGcwX+Hu/Fb/pcLVaPoUJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQDBPQXV0zd6Euy2SXVmp/bPikeYKcrXAtR7VHTQtIjf
tHAlmZbSMh7y96Dget+8kfuitfbrSEecwijNXV2s6zeCk3NXywjETKzACxmwvtpZ
Gw4VGZgTdiusuUzynCwTsDE9T8rmNHMe1ONdjzQaHbAQ7ybgtchOrMr/NfJaOSY/
hmmbL252gdwaLUPCXDLnB7Cwrf1UOaTDH0w2Hbfv8avCeC/klo2D+Ft3vIyPN8rI
IidxnHhdaMgRw36j+SgjvgNEn0WQRskZlLYVCo2Z21RjXWxDqA8nNIJTXAfjnwM8
5b3CxH4Qstya7oG9BjULr5pJvis43r36NPiRt5eVAHBQ
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:49 2025 by rpki-client