Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: oaVHYyvurZfaE6hhC/bs9GAKqzq50bB12HRZmclgFyk=
Subject key identifier: 75:DC:51:3B:2F:5B:CF:45:47:A6:46:EE:A0:A6:38:07:C4:83:58:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D94D316A78777F1CBEB208318FCEBD549BC3B9A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Tue 05 Aug 2025 20:30:39 +0000
ROA not before: Tue 05 Aug 2025 20:30:39 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:94:d3:16:a7:87:77:f1:cb:eb:20:83:18:fc:eb:d5:49:bc:3b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:39 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=6193ee17d2f1674e57d1a4cc68b772a7b7af23dce226af5b394a2d12e4db7a3b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1f:58:e2:0c:80:83:ea:fb:e0:da:57:62:a0:
de:a5:f7:ce:92:a6:c2:8f:21:7f:d5:1f:90:c0:62:
46:f1:79:ed:ce:3e:f4:f7:1a:63:c5:18:d5:1f:db:
95:bb:ae:43:36:ed:94:90:5d:8a:f6:90:9c:47:3f:
35:86:f2:9f:41:c4:06:e2:d7:a9:57:68:ea:8b:e5:
43:25:fd:43:82:80:6a:90:bd:06:9b:32:01:38:25:
42:02:21:45:2a:f6:55:12:d6:85:6d:85:da:78:fb:
55:2a:9c:18:12:f6:4d:48:69:7a:78:3d:07:74:36:
cc:83:76:95:63:77:94:25:9e:c4:35:c4:30:74:79:
d0:35:11:70:e8:ab:a2:44:af:91:2a:ac:55:d5:42:
b9:05:af:75:7a:e7:9f:74:28:4e:ac:43:03:72:c2:
73:36:b6:34:87:98:d7:ec:45:0b:a4:90:e9:c2:e5:
52:ce:c9:61:63:31:bc:a0:00:ac:1e:9f:99:95:65:
23:71:79:0d:8d:2e:8c:f5:1e:86:ea:ec:18:d5:3c:
39:ee:10:33:7f:11:ba:04:f7:48:a6:66:9f:62:43:
83:8e:83:97:14:f2:74:fe:a7:91:d4:a3:4c:89:4f:
6b:c4:2a:c8:9b:4f:94:55:33:6d:66:b0:7c:cb:8e:
aa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DC:51:3B:2F:5B:CF:45:47:A6:46:EE:A0:A6:38:07:C4:83:58:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:55:79:8e:33:59:06:e1:27:d2:11:be:54:aa:cb:2f:3b:9d:
1c:de:72:0e:9f:c3:24:ab:05:df:78:d1:a9:b7:6b:a8:16:1c:
f3:6e:bf:2b:84:e6:66:b0:da:10:a0:33:5e:19:2d:e1:06:56:
0f:a2:da:3b:43:9f:24:ae:34:fb:b6:75:8a:e8:b9:b8:5f:71:
df:28:46:97:0a:91:75:c5:b2:4b:78:79:42:eb:0e:c8:7c:28:
23:ef:56:dd:7b:f4:c3:30:2f:51:26:57:32:46:4f:d9:a2:fa:
9e:59:53:d3:d4:77:54:21:6a:d5:13:35:ae:34:38:0f:fe:a6:
f0:90:95:2b:db:f6:c4:84:28:06:19:36:e5:e5:03:77:2e:ad:
bc:0f:c4:a9:a7:50:33:b6:17:4e:59:f7:59:ae:bd:88:b8:9c:
e6:e7:9c:96:e9:f1:73:58:73:c7:3c:0f:02:f8:71:5a:8b:30:
a2:14:80:83:cb:ce:32:aa:ea:0a:19:b7:2b:8a:c1:69:65:39:
f3:08:15:d4:8a:45:c9:05:b3:8a:21:31:6b:c3:7d:4d:7a:53:
06:6d:74:13:53:64:af:d4:98:9a:a1:52:df:2d:1a:c0:14:42:
11:97:3e:a5:b6:d4:6c:e1:cb:79:1d:cf:9c:fe:86:08:fe:c9:
e4:cd:a4:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDZTTFqeHd/HL6yCDGPzr1Um8O5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMzlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxOTNlZTE3ZDJmMTY3NGU1N2QxYTRjYzY4Yjc3MmE3YjdhZjIzZGNlMjI2
YWY1YjM5NGEyZDEyZTRkYjdhM2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgfWOIMgIPq++DaV2Kg3qX3zpKmwo8hf9UfkMBiRvF57c4+9PcaY8UY1R/b
lbuuQzbtlJBdivaQnEc/NYbyn0HEBuLXqVdo6ovlQyX9Q4KAapC9BpsyATglQgIh
RSr2VRLWhW2F2nj7VSqcGBL2TUhpeng9B3Q2zIN2lWN3lCWexDXEMHR50DURcOir
okSvkSqsVdVCuQWvdXrnn3QoTqxDA3LCcza2NIeY1+xFC6SQ6cLlUs7JYWMxvKAA
rB6fmZVlI3F5DY0ujPUehursGNU8Oe4QM38RugT3SKZmn2JDg46DlxTydP6nkdSj
TIlPa8QqyJtPlFUzbWawfMuOqj8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR13FE7
L1vPRUemRu6gpjgHxINYTzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQASVXmOM1kG4SfSEb5UqssvO50c3nIOn8MkqwXfeNGp
t2uoFhzzbr8rhOZmsNoQoDNeGS3hBlYPoto7Q58krjT7tnWK6Lm4X3HfKEaXCpF1
xbJLeHlC6w7IfCgj71bde/TDMC9RJlcyRk/ZovqeWVPT1HdUIWrVEzWuNDgP/qbw
kJUr2/bEhCgGGTbl5QN3Lq28D8Spp1AzthdOWfdZrr2IuJzm55yW6fFzWHPHPA8C
+HFaizCiFICDy84yquoKGbcrisFpZTnzCBXUikXJBbOKITFrw31NelMGbXQTU2Sv
1JiaoVLfLRrAFEIRlz6lttRs4ct5Hc+c/oYI/snkzaSe
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:32 2025 by rpki-client