Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
File: 226b8c83-9647-47e2-847b-1787f3d54040.roa (raw, json)
Hash identifier: HGDuwfaRvCtOob1c4inLJmQupZLlQxjA78lbx+mgRVo=
Subject key identifier: F0:82:A3:15:D0:56:A1:24:46:2E:37:DC:EA:95:95:EA:A7:C1:80:E8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72B606975442F623C6838E87165134B0BD8E92D4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
Signing time: Mon 14 Jul 2025 15:40:46 +0000
ROA not before: Mon 14 Jul 2025 15:40:46 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.94.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:b6:06:97:54:42:f6:23:c6:83:8e:87:16:51:34:b0:bd:8e:92:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:46 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=dc5e56494bc6781628ca6f155efaaf0cc4c88826dd729b252db0424cb6d5a24b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:43:50:5a:ca:d0:01:89:dc:38:05:a7:d2:
69:fb:f1:cb:3c:0e:63:64:f3:ca:1a:b5:56:47:ee:
41:93:3d:c9:d4:1c:d0:9e:8b:9f:66:88:53:f1:76:
ac:ad:5f:55:18:8a:cf:8b:56:d8:1b:15:32:04:88:
ac:82:3b:71:02:f3:2c:cc:2b:9f:1d:3b:2e:02:7a:
fe:da:0d:98:31:56:17:d5:45:35:da:a6:e1:92:c3:
4c:23:c7:2d:ad:98:d0:bb:67:95:79:32:7a:21:85:
96:58:be:77:72:50:93:e6:fd:cf:75:54:ab:23:eb:
1c:22:06:e4:b6:e8:88:bf:35:c5:4b:9a:13:d3:28:
8f:d0:1a:cc:89:b2:1b:a4:60:8a:ac:9d:b9:d0:5b:
82:51:15:97:00:ce:70:70:25:b9:a2:f4:0b:1a:d8:
fc:d8:72:dc:6e:4e:fe:95:70:cc:be:f5:f2:46:ff:
5d:cb:97:bd:86:c0:04:fb:9e:7e:e8:98:bf:ca:1f:
73:3e:8f:e3:88:da:ea:0e:b1:7f:2d:7c:dc:7e:b4:
e8:25:9c:ca:c1:2c:fb:30:70:3d:82:64:d2:54:1a:
72:bb:f2:ac:61:f2:16:3b:50:c4:d7:e3:2b:60:4b:
ae:53:23:c5:78:c8:83:ec:fd:ec:ad:3c:58:33:b5:
38:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:82:A3:15:D0:56:A1:24:46:2E:37:DC:EA:95:95:EA:A7:C1:80:E8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.94.0.0/15
Signature Algorithm: sha256WithRSAEncryption
91:14:25:f3:dc:93:c2:b7:06:68:04:f6:b6:f3:a8:f0:f3:84:
6b:5d:e4:36:5e:ef:65:21:3d:b0:ed:0b:06:b1:16:ff:be:34:
79:e5:41:de:bf:04:a8:7e:13:71:eb:e2:cb:19:78:03:db:c1:
ee:81:46:2d:55:61:8b:3a:39:c4:95:f7:d7:c5:af:80:1f:1e:
33:29:52:05:8b:91:e5:06:05:7c:1c:3c:17:bd:d3:01:da:a2:
97:8c:42:4b:7f:56:5f:48:9e:c9:31:85:16:06:6d:45:d8:a5:
63:ad:2f:6d:16:1e:e1:cf:ca:c7:50:9b:79:85:dd:84:11:b6:
a1:84:9e:4f:cf:df:d3:68:18:96:cd:01:44:f5:1b:91:b8:f2:
99:5f:f4:67:43:6a:51:8f:72:11:c2:8a:a4:fb:da:5f:e6:86:
81:a2:e0:a6:5a:0b:5b:31:c5:ae:59:4c:88:a4:95:10:bc:c5:
55:2e:54:2a:02:62:45:f4:c9:38:86:c2:38:9e:05:47:c3:d7:
7c:0c:14:ff:e5:5f:66:e4:03:22:a4:df:c6:78:9e:8d:fb:51:
17:8d:c5:80:48:9f:a3:67:8f:39:1b:58:a4:82:5a:60:70:0c:
7f:51:3f:0c:c9:c6:93:c5:52:cd:09:e9:5f:4d:37:a7:7a:74:
58:e1:7c:7a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcrYGl1RC9iPGg46HFlE0sL2OktQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwNDZaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNWU1NjQ5NGJjNjc4MTYyOGNhNmYxNTVlZmFhZjBjYzRjODg4MjZkZDcy
OWIyNTJkYjA0MjRjYjZkNWEyNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPdQ1BaytABidw4BafSafvxyzwOY2Tzyhq1VkfuQZM9ydQc0J6Ln2aIU/F2
rK1fVRiKz4tW2BsVMgSIrII7cQLzLMwrnx07LgJ6/toNmDFWF9VFNdqm4ZLDTCPH
La2Y0LtnlXkyeiGFlli+d3JQk+b9z3VUqyPrHCIG5LboiL81xUuaE9Moj9AazImy
G6RgiqydudBbglEVlwDOcHAluaL0CxrY/Nhy3G5O/pVwzL718kb/XcuXvYbABPue
fuiYv8ofcz6P44ja6g6xfy183H606CWcysEs+zBwPYJk0lQacrvyrGHyFjtQxNfj
K2BLrlMjxXjIg+z97K08WDO1OAsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwgqMV
0FahJEYuN9zqlZXqp8GA6DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjI2YjhjODMtOTY0Ny00N2UyLTg0N2ItMTc4N2YzZDU0MDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNeMA0G
CSqGSIb3DQEBCwUAA4IBAQCRFCXz3JPCtwZoBPa286jw84RrXeQ2Xu9lIT2w7QsG
sRb/vjR55UHevwSofhNx6+LLGXgD28HugUYtVWGLOjnElffXxa+AHx4zKVIFi5Hl
BgV8HDwXvdMB2qKXjEJLf1ZfSJ7JMYUWBm1F2KVjrS9tFh7hz8rHUJt5hd2EEbah
hJ5Pz9/TaBiWzQFE9RuRuPKZX/RnQ2pRj3IRwoqk+9pf5oaBouCmWgtbMcWuWUyI
pJUQvMVVLlQqAmJF9Mk4hsI4ngVHw9d8DBT/5V9m5AMipN/GeJ6N+1EXjcWASJ+j
Z485G1ikglpgcAx/UT8MycaTxVLNCelfTTenenRY4Xx6
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:24:25 2025 by rpki-client