Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: DbNLe2kl4olKEfZHB3x7EdCKU2bqEBhwmD8ewEVNcow=
Subject key identifier: 97:6C:53:C4:4F:A6:8A:C0:6D:F4:83:46:73:21:11:B1:1B:D7:15:BF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 543E955A6AE73ABD1E974F8E5CA2384FC406EF2D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Tue 05 Aug 2025 20:20:16 +0000
ROA not before: Tue 05 Aug 2025 20:20:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:3e:95:5a:6a:e7:3a:bd:1e:97:4f:8e:5c:a2:38:4f:c4:06:ef:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4155637dedfe29b4fbc02bf468ab6157208db66128a2ee48b79583fd0188d7af, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:32:ce:16:5e:9e:f6:ab:49:fe:6b:d1:65:c0:
06:33:80:e3:f0:3a:d6:34:68:b3:38:54:d9:69:3a:
04:7e:43:44:45:35:55:f1:bc:79:17:dd:c6:4d:24:
44:73:5f:53:10:83:16:7c:78:31:c5:b7:31:26:af:
97:2b:0a:f9:4b:26:d7:d6:fc:24:57:27:0b:be:65:
97:b7:f0:c7:ca:db:cb:b8:5c:d8:02:ae:cd:69:b2:
f5:d6:54:6e:cc:84:5b:f9:bb:19:11:4f:e5:32:b3:
1d:65:92:24:f6:45:7e:13:31:a9:b1:31:0a:97:36:
6e:1b:18:37:0c:25:84:07:1b:a2:2c:28:b5:f5:19:
ee:4e:f5:4c:98:9c:63:3d:df:7f:aa:c6:8c:62:c8:
ba:d4:c3:11:6e:d9:e7:4c:8e:56:3c:c2:21:91:c6:
ae:65:88:74:a4:b5:40:bc:a3:b5:98:37:c1:c3:b4:
02:1a:eb:41:8d:d0:0e:f8:ec:43:fc:3e:34:32:57:
84:2e:29:ef:84:ec:c1:de:1f:25:b3:1c:cd:1a:de:
37:4c:55:81:59:5d:3e:77:1a:78:d4:a8:d6:a5:59:
eb:97:1a:78:ef:4f:45:26:42:08:5b:29:cf:84:5c:
d7:5a:2b:50:7a:6e:84:9b:4c:26:73:5f:7d:3b:32:
ec:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:6C:53:C4:4F:A6:8A:C0:6D:F4:83:46:73:21:11:B1:1B:D7:15:BF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
62:6e:a2:0c:1c:95:c0:8a:0d:2d:bd:2c:f8:41:a6:cd:29:96:
49:d9:18:74:2b:3d:f3:ca:64:74:d4:01:d7:e1:65:c8:33:bc:
01:fa:4a:28:b1:50:c9:49:b5:c5:ae:fe:be:d2:b5:b0:cb:59:
f2:4d:5a:84:09:71:74:ca:83:91:26:5c:cc:09:3a:e5:0d:71:
36:1f:ee:fe:b5:00:fa:a4:15:8b:9c:e4:bd:03:4b:ea:a9:b4:
2f:bf:af:1b:38:4c:52:40:76:c3:26:6c:79:bb:5d:bf:72:b2:
72:78:37:8c:6c:e8:f6:ae:61:29:ef:be:8f:65:27:fd:9c:39:
a7:b8:67:24:9d:9a:32:76:03:e2:28:cb:64:90:20:ce:d4:eb:
a5:04:1e:a9:54:b5:a5:1d:e0:c4:ca:98:ee:55:f2:05:cc:26:
a8:28:47:dd:b5:05:8e:8c:85:bb:6f:22:68:f3:65:1d:ee:f8:
85:61:7d:79:ac:0e:89:92:ca:0b:e3:71:10:3a:06:68:45:31:
0e:f0:45:18:60:77:6a:07:c3:a1:2c:b7:16:e1:4c:0b:ba:50:
ca:37:83:54:64:3b:ff:b8:4c:07:b5:d5:15:61:eb:21:91:bd:
ac:64:d9:83:df:fd:87:76:69:15:92:8b:59:16:a4:73:89:44:
8f:ff:bd:a0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVD6VWmrnOr0el0+OXKI4T8QG7y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxNTU2MzdkZWRmZTI5YjRmYmMwMmJmNDY4YWI2MTU3MjA4ZGI2NjEyOGEy
ZWU0OGI3OTU4M2ZkMDE4OGQ3YWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEyzhZenvarSf5r0WXABjOA4/A61jRoszhU2Wk6BH5DREU1VfG8eRfdxk0k
RHNfUxCDFnx4McW3MSavlysK+Usm19b8JFcnC75ll7fwx8rby7hc2AKuzWmy9dZU
bsyEW/m7GRFP5TKzHWWSJPZFfhMxqbExCpc2bhsYNwwlhAcboiwotfUZ7k71TJic
Yz3ff6rGjGLIutTDEW7Z50yOVjzCIZHGrmWIdKS1QLyjtZg3wcO0AhrrQY3QDvjs
Q/w+NDJXhC4p74Tswd4fJbMczRreN0xVgVldPncaeNSo1qVZ65caeO9PRSZCCFsp
z4Rc11orUHpuhJtMJnNffTsy7IUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXbFPE
T6aKwG30g0ZzIRGxG9cVvzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQBibqIMHJXAig0tvSz4QabNKZZJ2Rh0Kz3zymR01AHX
4WXIM7wB+koosVDJSbXFrv6+0rWwy1nyTVqECXF0yoORJlzMCTrlDXE2H+7+tQD6
pBWLnOS9A0vqqbQvv68bOExSQHbDJmx5u12/crJyeDeMbOj2rmEp776PZSf9nDmn
uGcknZoydgPiKMtkkCDO1OulBB6pVLWlHeDEypjuVfIFzCaoKEfdtQWOjIW7byJo
82Ud7viFYX15rA6JksoL43EQOgZoRTEO8EUYYHdqB8OhLLcW4UwLulDKN4NUZDv/
uEwHtdUVYeshkb2sZNmD3/2HdmkVkotZFqRziUSP/72g
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:23 2025 by rpki-client