Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: t/caZdcwmAUhm0Kq2LEX1lDPQbEcPtQ/McztAuCLhf0=
Subject key identifier: 5C:03:C8:2B:31:15:10:4A:24:96:07:70:95:42:EF:A5:E1:2E:96:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5FEF2CC7AE51E7ACE796E035119FC86F0DEF7ADB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Mon 14 Jul 2025 15:40:14 +0000
ROA not before: Mon 14 Jul 2025 15:40:14 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:ef:2c:c7:ae:51:e7:ac:e7:96:e0:35:11:9f:c8:6f:0d:ef:7a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:14 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=f1235f5d6eead82a57203a0f797962fecffd945af341cc9703ef1da28f4d167d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:90:e4:d5:a6:62:d2:8e:16:f2:2c:2f:57:d7:
76:a2:ff:01:76:39:30:75:74:6b:8e:9d:39:86:f4:
46:06:92:63:48:9a:8a:8a:99:5a:41:43:8c:53:9d:
c6:3e:4a:82:04:1a:ac:23:0d:2f:2a:b1:28:b5:63:
8f:19:02:4f:9b:f2:9f:d4:9e:11:65:b3:11:97:71:
1a:81:b1:76:55:2c:07:f1:a6:e6:c0:95:29:08:e5:
40:37:24:5f:e4:46:60:76:a9:bb:b0:4f:2e:c3:c8:
f9:fb:4f:68:6f:0e:f3:ff:b0:69:f4:a2:ea:8a:b7:
ee:17:5d:49:be:23:73:e6:7f:68:0e:8a:b0:c3:99:
98:0f:fa:78:84:24:9d:b7:a3:d2:18:1b:f0:f4:f0:
5a:4f:8a:80:c6:b2:a1:47:68:26:17:d4:9c:f3:3f:
31:04:5f:41:cd:95:3e:da:32:88:87:c8:66:02:29:
56:30:6a:38:c8:c4:3f:31:d3:f9:53:84:23:b6:3d:
da:4e:ac:d4:9c:bc:39:bf:cc:7e:ff:35:3a:f9:8f:
83:20:b6:ae:31:84:0b:14:b4:bc:2f:5e:af:a5:8c:
b2:f0:31:e9:3b:bd:71:ae:c3:d7:b2:05:bd:96:38:
1e:3d:39:5b:45:2c:24:38:e3:1f:43:4c:fc:8b:e1:
91:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:03:C8:2B:31:15:10:4A:24:96:07:70:95:42:EF:A5:E1:2E:96:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:03:1c:66:24:2d:c3:a3:4c:4a:e7:cc:d4:64:52:b1:af:42:
bc:b4:bf:02:e7:5c:a1:b4:3a:24:78:b2:20:5f:e5:d4:b3:88:
f3:73:d6:1c:68:c4:37:af:97:81:5f:93:d3:19:e2:2f:60:a3:
47:3b:db:dc:4c:41:f5:69:46:aa:f2:fb:08:e9:36:03:54:a8:
38:24:6d:c9:54:4f:e4:89:8d:35:98:44:43:10:56:cb:80:fd:
ab:da:ac:8d:7b:08:a7:ab:57:28:2a:fa:2d:11:da:d5:12:9a:
00:70:51:2d:65:fc:29:09:40:1b:8a:01:99:46:23:f3:a7:26:
b0:0d:cd:ec:e0:ca:2e:81:ba:a3:3c:77:95:1b:0d:27:64:5b:
7d:1d:89:13:55:66:f5:d1:e6:e4:29:4a:3d:e5:84:e1:81:63:
95:9d:bd:c3:3d:17:21:b4:2e:19:8b:77:78:1f:2c:1a:11:a5:
7d:6c:47:98:3b:61:81:b3:8f:ed:bf:4a:0c:d0:39:c0:4f:d6:
03:60:99:b6:fc:1b:93:7f:25:0a:e1:71:50:4a:4e:30:d6:b3:
1c:12:bb:c7:2e:14:c4:6b:d3:81:71:a8:6f:81:5d:d6:d7:90:
fb:43:5b:46:f6:e1:b3:fd:82:a8:12:9e:55:c9:96:b4:dd:22:
b6:d9:c0:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX+8sx65R56znluA1EZ/Ibw3vetswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMTRaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMjM1ZjVkNmVlYWQ4MmE1NzIwM2EwZjc5Nzk2MmZlY2ZmZDk0NWFmMzQx
Y2M5NzAzZWYxZGEyOGY0ZDE2N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6Q5NWmYtKOFvIsL1fXdqL/AXY5MHV0a46dOYb0RgaSY0iaioqZWkFDjFOd
xj5KggQarCMNLyqxKLVjjxkCT5vyn9SeEWWzEZdxGoGxdlUsB/Gm5sCVKQjlQDck
X+RGYHapu7BPLsPI+ftPaG8O8/+wafSi6oq37hddSb4jc+Z/aA6KsMOZmA/6eIQk
nbej0hgb8PTwWk+KgMayoUdoJhfUnPM/MQRfQc2VPtoyiIfIZgIpVjBqOMjEPzHT
+VOEI7Y92k6s1Jy8Ob/Mfv81OvmPgyC2rjGECxS0vC9er6WMsvAx6Tu9ca7D17IF
vZY4Hj05W0UsJDjjH0NM/IvhkckCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRcA8gr
MRUQSiSWB3CVQu+l4S6WOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQA5AxxmJC3Do0xK58zUZFKxr0K8tL8C51yhtDokeLIg
X+XUs4jzc9YcaMQ3r5eBX5PTGeIvYKNHO9vcTEH1aUaq8vsI6TYDVKg4JG3JVE/k
iY01mERDEFbLgP2r2qyNewinq1coKvotEdrVEpoAcFEtZfwpCUAbigGZRiPzpyaw
Dc3s4MougbqjPHeVGw0nZFt9HYkTVWb10ebkKUo95YThgWOVnb3DPRchtC4Zi3d4
HywaEaV9bEeYO2GBs4/tv0oM0DnAT9YDYJm2/BuTfyUK4XFQSk4w1rMcErvHLhTE
a9OBcahvgV3W15D7Q1tG9uGz/YKoEp5VyZa03SK22cAO
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:29:51 2025 by rpki-client