Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: jsWO05matyoO3gsN4GwUCb3PsV1q1t5oez+OjaqjmIY=
Subject key identifier: F9:E3:D6:CF:D5:D4:A0:4F:82:C2:49:66:23:43:21:7A:24:40:BC:5D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E161C893EECF966B5A3611DA44A7ACAF73018D1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Mon 01 Sep 2025 21:40:19 +0000
ROA not before: Mon 01 Sep 2025 21:40:19 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:16:1c:89:3e:ec:f9:66:b5:a3:61:1d:a4:4a:7a:ca:f7:30:18:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:40:19 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=dc4c388fd5fbf9d2bdf2ff2353d8104d20f323ca8fa590866dc6a5419c0cb387, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6d:ea:96:47:9e:a6:17:17:e7:e3:40:f0:dc:
62:48:dd:aa:79:fe:8b:bb:3c:92:d7:ba:7b:cb:ae:
59:99:b0:5e:4b:36:92:a7:5f:90:0c:ca:09:ab:d1:
7a:0f:50:72:3b:ca:3b:d5:04:36:78:15:c2:f6:bb:
db:d5:c4:29:b4:d6:06:9a:a8:5d:c0:f5:a4:35:c2:
2f:87:c1:92:4c:7d:a4:19:47:60:2a:48:ca:e8:1a:
62:07:e0:f9:92:ea:c4:cd:eb:9e:7b:e3:1b:d2:2f:
a4:33:66:ea:3d:28:e2:44:20:12:54:8c:c8:11:fa:
76:5a:79:73:10:ef:2d:f6:21:2c:f0:79:22:16:d5:
ed:7c:a4:71:ac:7f:bb:65:1a:f0:63:8e:7d:34:fd:
59:76:76:e1:2d:45:2f:64:db:c7:88:df:2c:a6:88:
3e:7e:fd:84:1c:65:83:45:8c:72:3e:bd:0d:7b:17:
a8:e7:90:60:ae:e3:fb:64:4f:72:bc:10:19:eb:0b:
ae:d8:13:97:08:72:b2:4d:4b:ff:92:27:e5:55:4f:
d0:e8:33:e3:ac:6c:7f:b9:8e:7c:e3:31:36:64:ed:
3c:f6:cc:56:38:f0:ce:3c:38:55:ce:50:58:c6:d9:
f3:da:5f:85:63:fc:42:b3:3a:1c:f4:e7:1c:44:e4:
46:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E3:D6:CF:D5:D4:A0:4F:82:C2:49:66:23:43:21:7A:24:40:BC:5D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:82:be:9b:3c:5d:c7:3a:db:8e:63:92:ac:61:21:a7:5f:fe:
1c:69:03:9e:32:bb:1e:c5:e0:80:67:e1:bb:a5:af:2d:98:f5:
a1:7a:9c:a3:39:8b:8b:9e:a6:b2:52:bb:53:04:61:63:51:13:
1a:92:0e:cb:8e:f9:89:21:7c:7b:44:eb:f5:fd:bd:26:82:f5:
0d:62:06:18:78:8e:ee:e4:b1:ec:a7:c9:16:36:54:cf:50:e2:
cd:f8:7b:c7:56:1b:df:bf:11:d4:4d:eb:9d:32:ab:93:49:f7:
0b:80:21:3a:33:99:b1:28:4c:c0:74:fc:04:97:92:41:be:8e:
70:20:c0:e5:33:a8:93:b0:b3:46:17:65:94:30:49:3e:b6:99:
3d:a1:df:f6:59:7e:de:89:e6:b8:8b:aa:0f:40:58:fb:b3:69:
ad:94:d4:6e:a9:a5:19:2a:57:d0:16:a3:4f:5c:cf:02:82:01:
f2:f2:82:2c:9c:59:60:55:b3:16:6f:61:26:6f:48:29:b0:9f:
3b:31:60:54:d0:1b:cf:f9:d2:e1:1b:a1:e4:ce:05:35:22:8b:
da:e4:cc:3b:31:ae:f0:89:2f:65:12:c9:b6:fd:67:27:82:7b:
d3:ee:23:5c:fb:b3:e4:67:d7:b4:79:30:04:e7:96:71:f5:b7:
89:75:3d:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUThYciT7s+Wa1o2EdpEp6yvcwGNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTQwMTlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNGMzODhmZDVmYmY5ZDJiZGYyZmYyMzUzZDgxMDRkMjBmMzIzY2E4ZmE1
OTA4NjZkYzZhNTQxOWMwY2IzODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlt6pZHnqYXF+fjQPDcYkjdqnn+i7s8kte6e8uuWZmwXks2kqdfkAzKCavR
eg9QcjvKO9UENngVwva729XEKbTWBpqoXcD1pDXCL4fBkkx9pBlHYCpIyugaYgfg
+ZLqxM3rnnvjG9IvpDNm6j0o4kQgElSMyBH6dlp5cxDvLfYhLPB5IhbV7Xykcax/
u2Ua8GOOfTT9WXZ24S1FL2Tbx4jfLKaIPn79hBxlg0WMcj69DXsXqOeQYK7j+2RP
crwQGesLrtgTlwhysk1L/5In5VVP0Ogz46xsf7mOfOMxNmTtPPbMVjjwzjw4Vc5Q
WMbZ89pfhWP8QrM6HPTnHETkRoECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT549bP
1dSgT4LCSWYjQyF6JEC8XTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQBVgr6bPF3HOtuOY5KsYSGnX/4caQOeMrsexeCAZ+G7
pa8tmPWhepyjOYuLnqayUrtTBGFjURMakg7LjvmJIXx7ROv1/b0mgvUNYgYYeI7u
5LHsp8kWNlTPUOLN+HvHVhvfvxHUTeudMquTSfcLgCE6M5mxKEzAdPwEl5JBvo5w
IMDlM6iTsLNGF2WUMEk+tpk9od/2WX7eiea4i6oPQFj7s2mtlNRuqaUZKlfQFqNP
XM8CggHy8oIsnFlgVbMWb2Emb0gpsJ87MWBU0BvP+dLhG6HkzgU1Iova5Mw7Ma7w
iS9lEsm2/WcngnvT7iNc+7PkZ9e0eTAE55Zx9beJdT24
-----END CERTIFICATE-----
Generated at Tue Sep 16 09:36:10 2025 by rpki-client