Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: DaUY29CWWPyBRgkw2XpYpmIz5qG1Q311U0+B6qMEnSQ=
Subject key identifier: 6A:1E:B5:78:54:54:0D:D0:97:AE:E9:43:A8:52:45:30:BB:D7:44:06
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44BFD62F0EAD4E6C06E8291DD9795350D2ABD38B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Tue 05 Aug 2025 20:20:09 +0000
ROA not before: Tue 05 Aug 2025 20:20:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:bf:d6:2f:0e:ad:4e:6c:06:e8:29:1d:d9:79:53:50:d2:ab:d3:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ee0e09ae237af4d8882d38c360681277e6f92871db620a9ea19d3e5a4d2ddb31, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:48:bf:a0:c5:2f:04:16:bb:32:59:7a:dd:b3:
bf:31:22:d2:77:02:25:ff:95:c5:20:52:66:72:3c:
72:1b:3a:bf:7f:e6:c8:ca:f0:c9:a5:b6:9b:cc:4c:
f8:9a:d8:3a:29:78:57:14:e4:fc:e0:c9:f5:28:f2:
c0:d8:37:08:e1:6b:58:83:99:1e:32:da:c4:76:5f:
50:3a:52:9d:84:42:9e:fd:e2:20:8e:9b:1c:57:88:
9d:55:c5:6d:12:d3:2a:6c:91:c6:cb:72:b1:f0:87:
f2:69:80:b3:06:fd:cb:e1:fe:58:51:5e:e5:d3:99:
77:09:22:9d:a4:07:ed:6c:98:30:3f:21:a1:6f:ce:
3c:bc:7a:23:ba:dd:37:c2:1e:35:23:65:e1:61:15:
e5:de:09:d3:db:48:0c:d7:ae:29:d9:e9:b9:48:bc:
a3:99:a9:fb:13:93:23:d7:6b:29:8f:6f:74:81:fb:
46:5e:eb:cb:90:b4:14:09:13:7b:21:1e:5c:05:7f:
b0:8e:02:52:f1:3c:c2:c1:59:60:51:32:8d:bc:86:
f6:01:ae:20:1a:8e:19:cc:19:c2:b2:13:d4:c3:17:
79:b7:57:86:6a:ae:2a:b0:da:28:cc:52:c1:1c:6f:
6c:18:ba:0e:c9:dc:73:db:99:d0:14:54:c2:e1:8c:
60:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1E:B5:78:54:54:0D:D0:97:AE:E9:43:A8:52:45:30:BB:D7:44:06
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:a3:91:40:a0:72:c0:36:3d:4b:ce:97:cf:42:ef:97:d7:59:
1c:8f:54:c0:fb:50:53:36:5c:9e:76:0e:5d:6b:93:7a:7f:4a:
bf:94:e6:12:aa:6e:e8:36:77:52:b8:d1:68:09:d0:c0:51:26:
8b:7a:90:95:19:e8:35:f6:13:65:a9:2d:db:15:d8:d7:73:ad:
23:e1:e4:d8:eb:ee:5a:fd:d0:5e:23:86:a3:91:53:67:13:03:
15:92:61:c5:f6:8d:e0:ce:d4:ce:cc:e5:6b:a5:3b:66:60:01:
cd:cc:77:35:48:e2:5a:40:85:eb:11:b9:d3:ba:86:23:46:09:
0c:87:7d:a4:a7:a9:a3:b9:0d:5f:d1:1a:a4:1f:3e:07:0a:6f:
4a:fc:6c:9d:e1:9c:4f:36:0b:96:d0:ac:bb:6a:3f:96:26:5d:
ea:15:cf:31:12:3d:ef:18:4b:fa:e3:29:aa:95:e4:50:1d:da:
49:58:c9:b5:dd:3e:3b:69:9c:15:42:bd:f9:db:7d:18:5c:42:
5d:77:65:52:39:64:cc:e2:f9:4e:11:ee:eb:8c:66:b8:5c:ec:
a5:ff:0e:a0:aa:8d:04:e0:be:0f:dd:10:c1:71:78:83:09:5d:
57:90:f2:ad:00:2f:7e:47:fa:b3:98:f2:29:28:ff:ef:f8:df:
91:75:4e:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURL/WLw6tTmwG6Ckd2XlTUNKr04swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMGUwOWFlMjM3YWY0ZDg4ODJkMzhjMzYwNjgxMjc3ZTZmOTI4NzFkYjYy
MGE5ZWExOWQzZTVhNGQyZGRiMzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOVIv6DFLwQWuzJZet2zvzEi0ncCJf+VxSBSZnI8chs6v3/myMrwyaW2m8xM
+JrYOil4VxTk/ODJ9SjywNg3COFrWIOZHjLaxHZfUDpSnYRCnv3iII6bHFeInVXF
bRLTKmyRxstysfCH8mmAswb9y+H+WFFe5dOZdwkinaQH7WyYMD8hoW/OPLx6I7rd
N8IeNSNl4WEV5d4J09tIDNeuKdnpuUi8o5mp+xOTI9drKY9vdIH7Rl7ry5C0FAkT
eyEeXAV/sI4CUvE8wsFZYFEyjbyG9gGuIBqOGcwZwrIT1MMXebdXhmquKrDaKMxS
wRxvbBi6Dsncc9uZ0BRUwuGMYMECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqHrV4
VFQN0Jeu6UOoUkUwu9dEBjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQBuo5FAoHLANj1LzpfPQu+X11kcj1TA+1BTNlyedg5d
a5N6f0q/lOYSqm7oNndSuNFoCdDAUSaLepCVGeg19hNlqS3bFdjXc60j4eTY6+5a
/dBeI4ajkVNnEwMVkmHF9o3gztTOzOVrpTtmYAHNzHc1SOJaQIXrEbnTuoYjRgkM
h32kp6mjuQ1f0RqkHz4HCm9K/Gyd4ZxPNguW0Ky7aj+WJl3qFc8xEj3vGEv64ymq
leRQHdpJWMm13T47aZwVQr35230YXEJdd2VSOWTM4vlOEe7rjGa4XOyl/w6gqo0E
4L4P3RDBcXiDCV1XkPKtAC9+R/qzmPIpKP/v+N+RdU7C
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:54 2025 by rpki-client