Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa
File: f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa (raw, json)
Hash identifier: giXxesZ52No/slSfbh1XMYYvhw6NrcSC7Dj8LFPj52c=
Subject key identifier: F0:13:80:D2:C2:E1:63:B0:28:D3:6C:8C:76:DA:83:AE:A3:D3:3F:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24422C03AC62950EB8331893DA274B04C8299F7C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa
Signing time: Fri 08 Aug 2025 00:40:15 +0000
ROA not before: Fri 08 Aug 2025 00:40:15 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:42:2c:03:ac:62:95:0e:b8:33:18:93:da:27:4b:04:c8:29:9f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:15 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=2eda8fa7c57ebf45a764e21961daee1f5e07aebdaeec99386d886f0d2710f8c0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2c:5a:fe:c0:4f:62:40:70:59:1c:5b:df:d1:
bb:39:f9:e3:d4:be:17:d7:70:8d:4e:b8:e3:55:ab:
1d:57:18:5b:60:3f:89:d8:9a:11:9c:17:2c:f0:11:
c4:f0:53:c4:fc:9c:85:31:37:41:fe:2d:50:5c:99:
8d:e1:a0:9e:14:d0:75:09:dd:9d:55:04:ce:a4:0e:
51:1d:87:8a:03:55:5a:6a:47:f7:79:0f:4b:8f:99:
a3:99:fa:c4:f6:ac:7b:cc:01:22:e0:fe:cd:4c:70:
c0:78:a2:b3:d3:c7:bd:8b:4f:b8:f5:ac:40:ad:74:
29:a6:8e:48:1c:7f:cd:95:9b:7c:c0:46:98:10:56:
4d:55:24:d6:96:86:e0:52:f9:aa:21:11:a3:cc:a0:
76:31:b8:89:51:7d:dc:43:89:c3:f7:36:72:aa:60:
d0:f0:b4:1b:17:41:93:ea:4d:40:04:f4:45:1d:61:
f0:a2:5e:ce:89:56:34:51:e8:44:1d:56:ae:e1:0a:
0f:4f:20:7e:e7:37:f7:32:96:41:a5:7f:3b:e2:b4:
9f:85:4c:61:65:0a:f3:01:e0:1e:7b:85:c5:6e:6a:
60:5e:3d:8b:28:70:30:e4:c3:00:4d:5b:ef:1f:62:
d2:24:b9:06:d0:b3:a7:4e:d3:eb:de:89:aa:b8:35:
ba:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:13:80:D2:C2:E1:63:B0:28:D3:6C:8C:76:DA:83:AE:A3:D3:3F:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a1:ea:cf:07:8c:61:ba:7c:8c:14:97:d1:a0:23:ab:87:4b:76:
cd:2d:f1:ac:21:fc:a5:17:7d:26:32:3e:b3:20:3b:f3:81:45:
d9:5e:15:20:42:59:73:ae:16:90:3e:df:99:2e:9f:e4:7a:af:
9d:57:e1:07:b7:88:a1:67:ec:a7:93:14:28:2a:64:fa:5a:64:
f6:33:d6:9e:85:1c:e1:82:a5:cd:6e:91:c8:85:3f:ce:99:33:
19:29:b2:43:4a:aa:17:7c:1f:1d:9a:95:54:86:6b:51:90:68:
ef:0e:62:ea:e1:d7:a8:5f:39:55:c1:f9:eb:9d:31:11:2a:00:
72:62:be:22:93:70:6e:65:d9:0a:9f:5b:6b:e0:71:c3:2f:20:
99:e3:28:b5:04:c9:57:d7:81:96:63:4b:a4:d0:64:9c:58:a0:
df:5c:bc:33:a0:a6:da:7b:7a:ef:65:10:e5:15:b6:a4:d7:12:
11:7f:76:dc:37:ee:6b:5c:9c:11:07:dd:71:e6:6a:dd:8a:b2:
52:c7:9c:ed:26:8e:ea:ba:f9:8f:0c:a1:7a:c9:f3:9f:c9:2c:
b7:38:3e:8c:7c:c1:46:cc:42:20:30:68:68:a3:85:c2:3f:78:
22:fe:1d:fd:5b:be:dd:d4:12:c0:5c:f9:84:f0:f9:08:c4:3f:
cc:93:e4:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJEIsA6xilQ64MxiT2idLBMgpn3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMTVaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlZGE4ZmE3YzU3ZWJmNDVhNzY0ZTIxOTYxZGFlZTFmNWUwN2FlYmRhZWVj
OTkzODZkODg2ZjBkMjcxMGY4YzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEsWv7AT2JAcFkcW9/Ruzn549S+F9dwjU6441WrHVcYW2A/idiaEZwXLPAR
xPBTxPychTE3Qf4tUFyZjeGgnhTQdQndnVUEzqQOUR2HigNVWmpH93kPS4+Zo5n6
xPase8wBIuD+zUxwwHiis9PHvYtPuPWsQK10KaaOSBx/zZWbfMBGmBBWTVUk1paG
4FL5qiERo8ygdjG4iVF93EOJw/c2cqpg0PC0GxdBk+pNQAT0RR1h8KJezolWNFHo
RB1WruEKD08gfuc39zKWQaV/O+K0n4VMYWUK8wHgHnuFxW5qYF49iyhwMOTDAE1b
7x9i0iS5BtCzp07T696Jqrg1uicCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwE4DS
wuFjsCjTbIx22oOuo9M/CjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjU1NzZjYTYtYTFhZS00YTQ2LWI2ZWQtMDRhNDhlZmMxOWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G
CSqGSIb3DQEBCwUAA4IBAQCh6s8HjGG6fIwUl9GgI6uHS3bNLfGsIfylF30mMj6z
IDvzgUXZXhUgQllzrhaQPt+ZLp/keq+dV+EHt4ihZ+ynkxQoKmT6WmT2M9aehRzh
gqXNbpHIhT/OmTMZKbJDSqoXfB8dmpVUhmtRkGjvDmLq4deoXzlVwfnrnTERKgBy
Yr4ik3BuZdkKn1tr4HHDLyCZ4yi1BMlX14GWY0uk0GScWKDfXLwzoKbae3rvZRDl
Fbak1xIRf3bcN+5rXJwRB91x5mrdirJSx5ztJo7quvmPDKF6yfOfySy3OD6MfMFG
zEIgMGhoo4XCP3gi/h39W77d1BLAXPmE8PkIxD/Mk+TQ
-----END CERTIFICATE-----
Generated at Thu Aug 21 18:52:04 2025 by rpki-client