Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
File: 1daf6597-c039-470d-a015-f42507e1afef.roa (raw, json)
Hash identifier: hfq3wW+238bQv33qlqRORfaFUAx/DyKcQEoefXX3ID4=
Subject key identifier: C4:FE:2E:46:E8:16:A7:AA:2F:CE:3B:CF:50:95:DB:C9:6D:9A:82:92
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D448A695DAE30617110AB3EAD8E7B2508D93242
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
Signing time: Fri 11 Jul 2025 21:00:20 +0000
ROA not before: Fri 11 Jul 2025 21:00:20 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:44:8a:69:5d:ae:30:61:71:10:ab:3e:ad:8e:7b:25:08:d9:32:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:20 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4d2bb3f43862e873e3e57a2c516863db6cdfdc2ad3f53f9f0a48da634692f0f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:60:d3:c1:d1:a4:ea:9c:9b:9a:ec:fe:e9:57:
32:c9:d6:6e:b2:9f:86:dc:b5:60:1f:8b:d8:d0:33:
b0:16:9f:bf:ae:c6:4c:bf:73:d7:ce:30:20:8a:bc:
86:61:b8:45:26:fc:b8:5a:f5:16:35:10:f7:f4:0b:
7c:69:51:f0:8d:e0:c0:af:6e:95:84:fa:76:29:1d:
0d:fa:f5:ea:35:b4:68:19:9d:89:80:13:f4:44:6a:
7d:29:8a:59:5d:b8:d4:22:54:19:c6:51:f1:fe:62:
5a:5f:45:5d:52:56:de:73:73:f8:74:f6:c3:a1:11:
70:b3:d1:b4:e0:13:5a:b4:c5:bc:75:58:1e:6e:db:
4d:fe:d7:9c:2d:e1:a2:34:b4:b8:1b:09:c7:c5:e4:
4c:66:47:89:12:bc:52:2d:dd:28:c6:68:df:b7:0a:
2f:28:e4:7c:83:44:39:c0:cb:44:fb:6d:3b:4f:70:
03:f4:90:81:f6:ca:e9:36:ba:9c:31:1c:79:cd:fa:
80:6a:2e:e4:85:e1:3e:f8:59:c8:11:b8:d7:ca:cb:
91:f1:39:01:86:e3:46:dd:14:d2:e5:60:fe:2f:1e:
84:54:84:3a:08:85:8f:35:b3:d5:5c:6c:d5:91:8f:
8e:a8:9c:8b:53:0e:11:71:8a:c8:48:f7:25:89:3f:
33:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FE:2E:46:E8:16:A7:AA:2F:CE:3B:CF:50:95:DB:C9:6D:9A:82:92
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b3:32:ae:00:91:b6:65:4f:44:aa:56:19:0e:4c:1e:7f:95:9b:
e1:9b:de:27:93:59:c6:4c:5a:23:83:2e:57:11:03:3c:c2:63:
31:0c:81:13:a2:c7:26:67:38:b3:07:cd:a4:da:eb:b4:74:8d:
8e:35:2b:28:05:8a:56:f8:eb:5d:fb:f1:91:81:f0:f7:bf:ce:
13:df:ec:00:73:36:a9:60:ee:65:b9:22:3d:8e:8c:b1:9a:93:
0a:07:50:2e:c6:b3:c2:68:d6:f2:c4:bb:59:61:8e:c8:1f:09:
af:f0:d6:97:6c:b8:f4:a3:be:7a:88:48:d9:54:5e:31:25:9d:
a9:96:44:d3:e2:26:e2:3e:8f:12:2b:15:2d:81:84:b6:54:74:
c6:23:44:8d:c5:69:7a:46:66:00:b9:3d:61:6a:33:cf:2d:18:
c0:5e:c3:4e:35:b9:08:63:ca:72:c1:5d:b0:4b:d5:00:03:f5:
37:28:68:d4:28:fb:5c:7e:0d:09:52:8d:5a:60:94:b0:2a:61:
a1:93:e4:94:ef:d6:b0:d3:a5:fb:81:b4:04:3a:8a:18:9a:76:
e8:e2:7a:b5:d6:9d:80:3b:be:ed:ab:b9:7a:fa:40:a7:65:af:
8f:5b:3a:29:7c:5d:d2:5a:62:40:20:7e:e2:1d:55:a9:e7:af:
d3:4a:df:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHUSKaV2uMGFxEKs+rY57JQjZMkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMjBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkMmJiM2Y0Mzg2MmU4NzNlM2U1N2EyYzUxNjg2M2RiNmNkZmRjMmFkM2Y1
M2Y5ZjBhNDhkYTYzNDY5MmYwZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5g08HRpOqcm5rs/ulXMsnWbrKfhty1YB+L2NAzsBafv67GTL9z184wIIq8
hmG4RSb8uFr1FjUQ9/QLfGlR8I3gwK9ulYT6dikdDfr16jW0aBmdiYAT9ERqfSmK
WV241CJUGcZR8f5iWl9FXVJW3nNz+HT2w6ERcLPRtOATWrTFvHVYHm7bTf7XnC3h
ojS0uBsJx8XkTGZHiRK8Ui3dKMZo37cKLyjkfINEOcDLRPttO09wA/SQgfbK6Ta6
nDEcec36gGou5IXhPvhZyBG418rLkfE5AYbjRt0U0uVg/i8ehFSEOgiFjzWz1Vxs
1ZGPjqici1MOEXGKyEj3JYk/M0MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTE/i5G
6Banqi/OO89QldvJbZqCkjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRhZjY1OTctYzAzOS00NzBkLWEwMTUtZjQyNTA3ZTFhZmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQCzMq4AkbZlT0SqVhkOTB5/lZvhm94nk1nGTFojgy5X
EQM8wmMxDIEToscmZzizB82k2uu0dI2ONSsoBYpW+Otd+/GRgfD3v84T3+wAczap
YO5luSI9joyxmpMKB1AuxrPCaNbyxLtZYY7IHwmv8NaXbLj0o756iEjZVF4xJZ2p
lkTT4ibiPo8SKxUtgYS2VHTGI0SNxWl6RmYAuT1hajPPLRjAXsNONbkIY8pywV2w
S9UAA/U3KGjUKPtcfg0JUo1aYJSwKmGhk+SU79aw06X7gbQEOooYmnbo4nq11p2A
O77tq7l6+kCnZa+PWzopfF3SWmJAIH7iHVWp56/TSt+6
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:50:17 2025 by rpki-client