Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: 9mTjE1mudumEp3MC4PdPtwCH0They4iC9DRRe//SGAA=
Subject key identifier: 54:E9:14:87:0F:53:CE:E0:54:3E:6C:A1:58:44:E3:AD:8D:41:6F:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54F9F41D57375D60D4C1608EC39D9CBB35F19A4D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Tue 20 May 2025 20:50:06 +0000
ROA not before: Tue 20 May 2025 20:50:06 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:f9:f4:1d:57:37:5d:60:d4:c1:60:8e:c3:9d:9c:bb:35:f1:9a:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:06 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=1163ef203976f686634e1ba03b4fae1af3d88139a557c51a314b775a6d533d4c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:29:65:bc:fb:6d:6c:50:ab:79:63:82:65:46:
98:c3:e6:f3:af:58:aa:8c:8d:0e:25:10:b2:11:9d:
4f:e2:25:a7:ed:77:0f:76:81:44:ca:68:dc:a9:d5:
bb:b0:e9:b5:a0:04:e2:b3:57:05:97:6f:1d:b2:47:
f8:db:f8:e3:ac:d3:20:41:32:0f:53:25:4e:19:58:
74:50:c8:d8:cc:bf:d3:2d:f7:34:4e:11:a5:1d:bb:
9f:b6:9a:32:4a:a7:18:13:c1:73:e0:e1:6b:a3:0b:
bf:45:c3:cb:d8:cd:67:89:3f:73:4d:f0:bc:aa:0a:
04:cf:82:d8:5c:b1:a5:46:40:2b:e8:0f:9f:3f:4f:
d7:bd:f5:2c:05:35:62:74:75:d2:a4:ab:03:69:c6:
07:d1:4f:2f:66:ed:fe:7d:d3:7a:33:df:5d:18:d6:
f9:a0:dd:c7:f3:4e:52:c5:66:f3:08:5e:27:ca:09:
a1:81:70:ef:9b:01:2e:d2:e2:53:33:0b:a5:75:a6:
fd:6a:62:05:18:b3:d6:fd:52:75:24:0a:ec:0d:18:
33:4b:ac:86:cf:85:bc:b2:36:77:6e:ed:37:d4:59:
ff:f2:c0:5f:6c:5c:e9:65:fd:4e:30:9b:0c:4a:33:
1b:2f:95:67:8d:26:fe:ed:2e:d5:4b:a9:57:66:21:
67:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E9:14:87:0F:53:CE:E0:54:3E:6C:A1:58:44:E3:AD:8D:41:6F:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:9e:f3:e6:c7:c1:e7:bc:3e:88:1a:37:3c:f9:1e:99:02:cc:
f8:b6:63:51:4c:ea:c7:35:44:93:d7:20:fe:08:97:b9:41:2a:
a7:fa:72:76:bc:ae:d7:bf:eb:25:82:58:e5:b6:c5:6c:2a:d7:
a6:da:53:44:3e:e5:32:1b:7a:e7:31:1e:94:fc:86:d0:99:57:
3e:1e:3f:fe:e5:37:1f:2a:d8:db:84:c2:39:45:47:be:d6:fb:
14:ce:3d:20:ae:4c:2a:9a:ff:81:5a:56:18:1f:59:ce:20:29:
0f:62:b7:80:5f:4e:40:3e:a1:d2:d5:62:b8:74:4d:71:35:e7:
b0:de:4c:a4:0f:8b:92:62:3c:ec:3e:b8:28:f6:de:83:b1:e2:
91:66:bf:50:c4:79:fd:32:c6:6a:77:70:8f:8a:45:e1:04:79:
c3:05:14:9f:f7:b4:0f:cb:20:e4:a8:ce:0a:89:af:41:aa:f9:
a9:dc:d7:4d:cd:eb:e1:04:8c:45:58:bc:39:ba:70:1c:bd:ed:
8c:53:f3:d4:c6:54:f4:1c:cc:cf:18:0f:57:c1:3c:15:03:8c:
5b:b3:8f:1e:17:1b:f7:5f:5f:db:5a:ba:68:26:72:cb:b4:49:
f7:43:68:b4:ec:1b:18:b4:cf:a9:7b:e5:28:69:d8:49:bb:c7:
54:d7:ce:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVPn0HVc3XWDUwWCOw52cuzXxmk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMDZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNjNlZjIwMzk3NmY2ODY2MzRlMWJhMDNiNGZhZTFhZjNkODgxMzlhNTU3
YzUxYTMxNGI3NzVhNmQ1MzNkNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4pZbz7bWxQq3ljgmVGmMPm869YqoyNDiUQshGdT+Ilp+13D3aBRMpo3KnV
u7DptaAE4rNXBZdvHbJH+Nv446zTIEEyD1MlThlYdFDI2My/0y33NE4RpR27n7aa
MkqnGBPBc+Dha6MLv0XDy9jNZ4k/c03wvKoKBM+C2FyxpUZAK+gPnz9P1731LAU1
YnR10qSrA2nGB9FPL2bt/n3TejPfXRjW+aDdx/NOUsVm8wheJ8oJoYFw75sBLtLi
UzMLpXWm/WpiBRiz1v1SdSQK7A0YM0ushs+FvLI2d27tN9RZ//LAX2xc6WX9TjCb
DEozGy+VZ40m/u0u1UupV2YhZ30CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRU6RSH
D1PO4FQ+bKFYROOtjUFvxzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQBXnvPmx8HnvD6IGjc8+R6ZAsz4tmNRTOrHNUST1yD+
CJe5QSqn+nJ2vK7Xv+slgljltsVsKtem2lNEPuUyG3rnMR6U/IbQmVc+Hj/+5Tcf
KtjbhMI5RUe+1vsUzj0grkwqmv+BWlYYH1nOICkPYreAX05APqHS1WK4dE1xNeew
3kykD4uSYjzsPrgo9t6DseKRZr9QxHn9MsZqd3CPikXhBHnDBRSf97QPyyDkqM4K
ia9Bqvmp3NdNzevhBIxFWLw5unAcve2MU/PUxlT0HMzPGA9XwTwVA4xbs48eFxv3
X1/bWrpoJnLLtEn3Q2i07BsYtM+pe+UoadhJu8dU1879
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:36:09 2025 by rpki-client