Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
File: 54f9687d-a273-4060-846b-ce640aca7c79.roa (raw, json)
Hash identifier: zIHH5GNApmOD+sWZQ1pbJEmcJD50OPq8pAiulHWkz1w=
Subject key identifier: 3A:48:A9:A5:AB:02:D8:6D:D2:D9:B8:75:73:1A:2E:62:F9:D3:D7:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77B65F42708E1A6AA814AA138EA572AFDBB5408E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
Signing time: Fri 08 Aug 2025 00:40:13 +0000
ROA not before: Fri 08 Aug 2025 00:40:13 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:b6:5f:42:70:8e:1a:6a:a8:14:aa:13:8e:a5:72:af:db:b5:40:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:13 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=a4807c9f90b7b527e68ca12e78f0db03f7ff8897892856fc39be99d2d6f4cde7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7b:b4:14:4f:07:18:e9:5e:d1:77:07:ba:2c:
4b:e6:f9:d8:c3:ba:ba:29:af:7a:a3:20:97:e8:cd:
03:f2:e1:c0:11:76:db:4c:ce:11:de:53:c0:c9:a2:
fe:60:01:b0:d2:b8:92:c5:0e:07:da:89:31:90:b9:
8a:7a:11:38:1b:2c:41:26:e5:df:03:61:b0:d6:01:
43:c6:b6:cc:5d:c3:13:86:95:b7:5a:ef:38:df:c4:
f7:41:2d:ed:02:51:4d:bc:7c:f9:52:74:64:02:95:
69:7c:2f:18:f5:d6:27:cf:dd:c7:03:b6:ee:ed:33:
35:08:85:c3:fb:42:d5:98:a7:f8:9d:f0:31:ff:22:
93:ad:07:95:ec:b0:f1:28:8d:69:29:14:ed:c2:80:
ae:98:30:7b:3c:a1:c4:ac:55:33:9e:ce:80:c0:e5:
c6:95:2b:de:23:78:82:4b:35:3e:da:d6:08:68:01:
58:33:ea:a2:32:50:12:cd:1b:69:7b:2e:83:8e:45:
44:96:d9:3d:ca:14:36:30:bf:dc:f9:db:3b:eb:40:
84:05:7f:a0:a5:8b:01:15:79:65:c4:72:30:95:2b:
2b:4a:00:7a:5f:1b:6f:f4:1b:64:11:a4:b0:9b:63:
ab:c5:84:33:de:44:e9:22:a5:a5:4b:f2:b5:3c:98:
56:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:48:A9:A5:AB:02:D8:6D:D2:D9:B8:75:73:1A:2E:62:F9:D3:D7:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
cf:17:9f:76:ea:a1:60:eb:92:f4:bf:90:d1:9d:4a:0d:6c:3b:
f5:d6:a7:b8:ae:1d:b5:82:6b:f2:f6:e5:d3:ef:ca:53:44:92:
4d:37:b9:ff:a3:19:57:8e:1b:22:f9:62:c8:b5:36:9b:0c:9a:
26:24:06:99:3b:b8:09:80:64:cc:e3:82:a0:76:15:67:0d:5e:
53:37:ea:7b:86:ac:8f:cc:8a:6d:8a:6b:8e:82:77:57:27:19:
94:b9:5f:2e:a9:c5:e1:c1:4f:3b:26:95:76:f7:6d:c7:95:9c:
f7:7e:1a:99:bf:12:11:6e:24:19:40:44:a2:9a:f3:96:49:16:
c3:2a:72:fe:79:8e:e5:dd:3c:bb:d9:24:0a:29:bf:ff:e2:d6:
6f:28:80:c4:4b:6c:0b:47:b5:8a:45:66:bd:91:7c:ad:11:1b:
9f:ff:55:0a:84:13:0b:96:93:0d:43:75:38:be:01:1c:35:3a:
f4:5f:6b:3e:c5:44:69:b1:30:c2:cd:e0:84:99:2f:de:a2:5e:
71:49:c1:8a:22:fb:0c:9b:71:7f:01:8c:43:da:9c:2a:80:13:
75:ce:8c:59:f1:43:1d:ad:bd:65:a1:24:75:7c:33:11:ca:e2:
4e:29:c7:8b:d3:dc:20:5c:2b:c9:63:28:59:9a:c1:04:f0:78:
d2:58:eb:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd7ZfQnCOGmqoFKoTjqVyr9u1QI4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMTNaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0ODA3YzlmOTBiN2I1MjdlNjhjYTEyZTc4ZjBkYjAzZjdmZjg4OTc4OTI4
NTZmYzM5YmU5OWQyZDZmNGNkZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZ7tBRPBxjpXtF3B7osS+b52MO6uimveqMgl+jNA/LhwBF220zOEd5TwMmi
/mABsNK4ksUOB9qJMZC5inoROBssQSbl3wNhsNYBQ8a2zF3DE4aVt1rvON/E90Et
7QJRTbx8+VJ0ZAKVaXwvGPXWJ8/dxwO27u0zNQiFw/tC1Zin+J3wMf8ik60Hleyw
8SiNaSkU7cKArpgwezyhxKxVM57OgMDlxpUr3iN4gks1PtrWCGgBWDPqojJQEs0b
aXsug45FRJbZPcoUNjC/3PnbO+tAhAV/oKWLARV5ZcRyMJUrK0oAel8bb/QbZBGk
sJtjq8WEM95E6SKlpUvytTyYVqUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6SKml
qwLYbdLZuHVzGi5i+dPX0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTRmOTY4N2QtYTI3My00MDYwLTg0NmItY2U2NDBhY2E3Yzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQDPF5926qFg65L0v5DRnUoNbDv11qe4rh21gmvy9uXT
78pTRJJNN7n/oxlXjhsi+WLItTabDJomJAaZO7gJgGTM44KgdhVnDV5TN+p7hqyP
zIptimuOgndXJxmUuV8uqcXhwU87JpV2923HlZz3fhqZvxIRbiQZQESimvOWSRbD
KnL+eY7l3Ty72SQKKb//4tZvKIDES2wLR7WKRWa9kXytERuf/1UKhBMLlpMNQ3U4
vgEcNTr0X2s+xURpsTDCzeCEmS/eol5xScGKIvsMm3F/AYxD2pwqgBN1zoxZ8UMd
rb1loSR1fDMRyuJOKceL09wgXCvJYyhZmsEE8HjSWOv0
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:45:25 2025 by rpki-client