Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: /68dOYXZnnqCasdZqxLPIA0+8oJ2K9VZ9IyjRbqBqLk=
Subject key identifier: 1E:58:C2:14:EA:22:21:F7:BF:39:F3:4A:E5:53:E7:5E:77:AF:D5:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 396E90F151DAB70EC4C2FDF1E22EEDEB5B987A8E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Mon 14 Jul 2025 15:40:21 +0000
ROA not before: Mon 14 Jul 2025 15:40:21 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:6e:90:f1:51:da:b7:0e:c4:c2:fd:f1:e2:2e:ed:eb:5b:98:7a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:21 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=01f5cf5b48a7a2eae5d33573011dfe3db104907e11d0f9f21bc3982309909769, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:ac:08:df:0c:13:ec:ad:81:16:81:a9:77:
cc:d0:61:12:91:f1:ee:3d:ce:80:e2:01:e2:23:95:
68:e8:db:0d:6e:f4:b0:aa:a0:7e:bb:40:6e:4b:23:
75:36:15:86:e2:f1:80:60:73:e7:ad:48:4a:4c:b3:
55:31:ab:a9:d9:8a:07:a7:4d:bb:29:d6:0b:ae:1a:
73:1a:b8:d0:40:67:f3:11:76:f9:23:60:05:bc:08:
dc:43:e7:91:71:b3:5f:48:62:05:d0:ae:4e:f5:dd:
04:9e:31:4e:14:13:1f:ef:4d:71:6a:54:40:a5:7f:
87:0a:d7:fe:c7:59:6f:85:69:74:d4:5e:c5:32:52:
05:9f:08:d1:1b:27:d5:ea:c1:ed:12:0e:af:05:ea:
e2:37:28:1b:0a:1c:47:46:97:3c:6e:e6:6d:f6:94:
f4:26:86:a4:ad:fc:d9:8e:e2:6e:65:e5:b3:a0:bc:
01:13:66:4f:0a:01:e7:da:b6:b7:21:e2:a3:fe:a9:
6f:76:8b:c9:9f:d0:36:cf:5b:e6:b0:83:c1:9a:e8:
82:17:cd:1d:f3:33:bb:3d:b5:66:fb:0b:e4:67:28:
7a:af:1a:d5:0a:49:e5:6f:20:9c:06:72:89:df:80:
bc:a5:5f:12:88:a2:39:6b:7c:0b:eb:11:b9:6f:b2:
f9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:58:C2:14:EA:22:21:F7:BF:39:F3:4A:E5:53:E7:5E:77:AF:D5:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:bd:7f:d2:c0:9d:da:d7:cf:81:6a:82:8c:1c:a4:3e:eb:5c:
b4:c3:9b:d8:ea:6c:26:e1:71:dc:e7:ac:5e:9a:31:80:38:76:
a9:bb:86:41:e2:20:50:62:8f:03:2a:9d:fd:ad:33:5c:88:94:
05:55:97:bf:20:a9:14:47:01:48:56:fc:a2:34:a1:5b:c1:44:
f0:05:88:fe:b2:04:0e:c9:77:56:32:cd:bd:f7:3b:a5:3f:cd:
36:55:e9:85:dc:25:16:e9:f5:32:63:f5:52:b1:1e:61:1a:cb:
75:a0:54:f3:3d:44:f5:2e:35:8c:30:4a:ef:d3:b7:e2:26:56:
dc:34:48:cf:e1:bd:23:7c:39:dc:33:47:bc:d3:69:3b:16:17:
26:6c:3a:1a:ca:f8:33:e2:03:81:90:62:d0:ec:83:42:14:68:
95:d3:1b:41:94:98:df:0e:7e:fb:f8:cd:f2:52:44:ee:77:57:
b5:be:de:33:8e:ab:56:f1:f7:b1:49:f7:f0:a1:74:b3:ec:c9:
f1:e7:43:1f:02:4b:56:d3:59:ed:8c:55:00:f0:0f:6f:9a:63:
8e:1b:19:0c:8b:62:83:5a:f0:0b:de:6a:47:07:63:9e:13:26:
e9:e4:a5:ff:be:29:3f:e5:38:89:a4:07:e9:04:7e:51:86:f3:
a4:da:93:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOW6Q8VHatw7Ewv3x4i7t61uYeo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMjFaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxZjVjZjViNDhhN2EyZWFlNWQzMzU3MzAxMWRmZTNkYjEwNDkwN2UxMWQw
ZjlmMjFiYzM5ODIzMDk5MDk3NjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbDrAjfDBPsrYEWgal3zNBhEpHx7j3OgOIB4iOVaOjbDW70sKqgfrtAbksj
dTYVhuLxgGBz561ISkyzVTGrqdmKB6dNuynWC64acxq40EBn8xF2+SNgBbwI3EPn
kXGzX0hiBdCuTvXdBJ4xThQTH+9NcWpUQKV/hwrX/sdZb4VpdNRexTJSBZ8I0Rsn
1erB7RIOrwXq4jcoGwocR0aXPG7mbfaU9CaGpK382Y7ibmXls6C8ARNmTwoB59q2
tyHio/6pb3aLyZ/QNs9b5rCDwZroghfNHfMzuz21ZvsL5Gcoeq8a1QpJ5W8gnAZy
id+AvKVfEoiiOWt8C+sRuW+y+WsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeWMIU
6iIh978580rlU+ded6/VDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQAwvX/SwJ3a18+BaoKMHKQ+61y0w5vY6mwm4XHc56xe
mjGAOHapu4ZB4iBQYo8DKp39rTNciJQFVZe/IKkURwFIVvyiNKFbwUTwBYj+sgQO
yXdWMs299zulP802VemF3CUW6fUyY/VSsR5hGst1oFTzPUT1LjWMMErv07fiJlbc
NEjP4b0jfDncM0e802k7FhcmbDoayvgz4gOBkGLQ7INCFGiV0xtBlJjfDn77+M3y
UkTud1e1vt4zjqtW8fexSffwoXSz7Mnx50MfAktW01ntjFUA8A9vmmOOGxkMi2KD
WvAL3mpHB2OeEybp5KX/vik/5TiJpAfpBH5RhvOk2pMB
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:36:55 2025 by rpki-client