Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
File: 54f9687d-a273-4060-846b-ce640aca7c79.roa (raw, json)
Hash identifier: qmzQhAS+ecz+4Bq3dxJwhpJbLO3GgCefzqvFEwZw4jQ=
Subject key identifier: 58:0F:20:BE:2D:6B:BA:A2:27:29:93:6B:9F:38:E9:82:57:CD:D0:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 262070E16D5E0F6731FAA891D4E12C52771C58A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
Signing time: Mon 14 Jul 2025 15:40:15 +0000
ROA not before: Mon 14 Jul 2025 15:40:15 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 17:44:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:20:70:e1:6d:5e:0f:67:31:fa:a8:91:d4:e1:2c:52:77:1c:58:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:15 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=2e3b354757d65efcb38341d90875f358287aeea249e2fe965490112a286a8e68, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f7:69:67:1a:47:71:28:e9:41:d0:6d:88:b8:
ab:ea:a2:d2:7e:df:7c:66:a5:44:9f:0f:1d:b5:7a:
39:49:42:5e:5d:64:7b:e8:27:89:83:64:af:98:f1:
81:41:a5:1a:22:7a:3b:fa:03:48:22:dd:b7:84:b2:
fb:83:83:8b:e6:95:cb:97:f5:3c:a5:91:a5:07:23:
eb:e1:37:43:d8:57:6f:cb:82:e2:78:c4:33:43:6a:
4d:fa:e3:9f:6c:32:b5:a2:2f:31:93:84:76:b1:3c:
dc:d2:fd:a3:4c:6e:88:2a:bd:04:0c:63:32:2e:de:
76:a2:be:5b:30:5c:3b:78:2d:1b:fb:66:96:4e:97:
e4:ba:b3:58:1a:66:6d:6d:c2:e3:07:e2:23:5c:e6:
f8:f1:6e:55:af:d2:b4:66:b1:e6:85:e8:49:13:6b:
0b:b5:9d:4b:28:49:86:ca:69:bf:86:df:c3:90:62:
62:ec:b2:0c:f8:1a:7a:ff:c7:1c:8d:d3:c4:e2:1a:
93:49:76:a4:0f:bd:80:0d:b1:10:53:6d:ab:ef:45:
0f:84:b2:51:4e:82:19:7d:86:0c:2f:22:a0:a0:e1:
35:a9:69:ca:43:a1:29:b1:9b:9c:40:1d:87:cd:7a:
a1:99:20:dc:83:03:04:aa:9a:49:df:f7:8f:0e:f7:
1d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:0F:20:BE:2D:6B:BA:A2:27:29:93:6B:9F:38:E9:82:57:CD:D0:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
95:7a:d5:36:9e:a7:88:a9:75:44:ae:38:9d:67:43:2a:e2:73:
c3:81:eb:a2:1d:e6:25:b2:49:77:8c:f5:ea:87:06:07:1b:eb:
1c:50:79:5e:07:86:f7:6f:5e:c1:bb:d5:3a:68:74:12:e8:41:
9f:e8:2d:72:7c:d0:34:b1:16:e8:48:df:01:ed:eb:16:aa:da:
e5:24:f8:24:1d:47:c2:67:45:a0:ed:0b:73:f8:74:dd:fb:86:
a1:14:8b:00:5a:f3:2e:c0:ff:55:52:aa:c0:41:2a:dc:59:b3:
04:e8:04:e5:ae:57:39:a7:c7:42:2f:71:17:9a:87:90:1e:2b:
36:97:aa:01:c6:29:1a:75:bf:1c:63:d4:98:01:25:14:9e:40:
c9:f6:e2:9a:a9:91:d9:17:86:16:d5:7f:7e:1f:bc:6d:fd:5a:
84:04:ea:76:02:d4:ff:16:a7:d1:8f:59:a9:7b:27:e9:c3:78:
52:8b:fa:82:81:b2:39:45:36:3c:3b:59:9f:ca:2c:2a:2d:a2:
ef:0d:dc:03:a1:0c:4d:6d:b9:af:63:1a:7a:39:98:a8:19:55:
da:97:13:35:3d:1c:7c:c3:a8:c9:9d:ab:1b:fd:51:16:85:7c:
c3:14:87:41:a2:20:1d:38:60:8b:67:28:f1:1c:ba:0a:6e:69:
ed:d0:15:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJiBw4W1eD2cx+qiR1OEsUnccWKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwMTVaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlM2IzNTQ3NTdkNjVlZmNiMzgzNDFkOTA4NzVmMzU4Mjg3YWVlYTI0OWUy
ZmU5NjU0OTAxMTJhMjg2YThlNjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJn3aWcaR3Eo6UHQbYi4q+qi0n7ffGalRJ8PHbV6OUlCXl1ke+gniYNkr5jx
gUGlGiJ6O/oDSCLdt4Sy+4ODi+aVy5f1PKWRpQcj6+E3Q9hXb8uC4njEM0NqTfrj
n2wytaIvMZOEdrE83NL9o0xuiCq9BAxjMi7edqK+WzBcO3gtG/tmlk6X5LqzWBpm
bW3C4wfiI1zm+PFuVa/StGax5oXoSRNrC7WdSyhJhsppv4bfw5BiYuyyDPgaev/H
HI3TxOIak0l2pA+9gA2xEFNtq+9FD4SyUU6CGX2GDC8ioKDhNalpykOhKbGbnEAd
h816oZkg3IMDBKqaSd/3jw73HdsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRYDyC+
LWu6oicpk2ufOOmCV83QVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTRmOTY4N2QtYTI3My00MDYwLTg0NmItY2U2NDBhY2E3Yzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCVetU2nqeIqXVErjidZ0Mq4nPDgeuiHeYlskl3jPXq
hwYHG+scUHleB4b3b17Bu9U6aHQS6EGf6C1yfNA0sRboSN8B7esWqtrlJPgkHUfC
Z0Wg7Qtz+HTd+4ahFIsAWvMuwP9VUqrAQSrcWbME6ATlrlc5p8dCL3EXmoeQHis2
l6oBxikadb8cY9SYASUUnkDJ9uKaqZHZF4YW1X9+H7xt/VqEBOp2AtT/FqfRj1mp
eyfpw3hSi/qCgbI5RTY8O1mfyiwqLaLvDdwDoQxNbbmvYxp6OZioGVXalxM1PRx8
w6jJnasb/VEWhXzDFIdBoiAdOGCLZyjxHLoKbmnt0BXy
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:53:00 2025 by rpki-client