
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: 51OeqeRUjnl2Q7CUQ5hk0fhhLGrKMLbXhZ0ynlSpZ7Q=
Subject key identifier: 05:AD:3F:AD:F7:31:CB:0E:92:17:98:F7:E3:2B:27:19:D3:62:6A:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 558EBC6D938E4B52BE068803EA74CDCF28E143EE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Fri 11 Jul 2025 21:00:21 +0000
ROA not before: Fri 11 Jul 2025 21:00:21 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:8e:bc:6d:93:8e:4b:52:be:06:88:03:ea:74:cd:cf:28:e1:43:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:21 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9158207b344a20c347a52663b20ff7ee4e88771c05656733cdd8e2dc3c9ba3bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:89:37:2a:a2:1e:0c:2f:c9:2b:ab:f4:11:92:
07:ff:e4:ea:01:08:cc:c6:a0:fe:71:60:9c:05:59:
1d:72:95:c4:ce:67:31:55:24:a2:ce:ba:bb:95:26:
40:c7:3d:ae:58:a2:1b:03:24:16:09:5b:aa:e0:09:
91:59:45:4c:7a:2a:8a:c0:75:3c:87:a1:bc:ee:af:
04:37:84:41:6b:ab:14:a8:0c:b8:d5:71:ce:c7:d7:
cb:b0:bc:c9:75:cd:74:f6:ca:dd:17:a8:4e:93:a3:
2e:10:0f:4a:84:16:48:b9:4a:29:ce:ad:fc:1b:45:
a2:58:12:ef:c8:2b:04:d4:d2:b9:31:a1:16:cd:e5:
17:ae:57:bd:ca:47:f7:02:86:18:58:fe:0f:ea:ab:
c4:ac:89:44:3c:3e:51:3a:9e:e1:c0:b4:7c:14:22:
8f:86:ff:28:13:27:a4:8f:88:25:72:22:3f:4f:43:
e6:60:79:35:da:61:c0:0a:f1:53:68:98:a1:3b:4c:
ad:d3:6c:8e:b7:fc:dc:6c:64:11:f4:63:29:3a:29:
b8:90:f2:6c:4e:28:bd:61:22:bf:d0:d5:f1:25:df:
3f:e7:8f:7f:59:94:d7:7d:87:cc:5f:72:ee:26:6b:
c0:85:5d:0b:9e:21:95:85:7e:81:a6:26:66:61:fe:
e1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AD:3F:AD:F7:31:CB:0E:92:17:98:F7:E3:2B:27:19:D3:62:6A:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c5:1e:3e:e9:e6:c0:b2:69:47:c3:42:83:ce:62:99:10:c6:ca:
0d:37:1f:1d:bb:32:56:3c:a4:e9:72:4c:9d:e3:0a:3d:a7:5c:
59:57:16:86:82:54:ed:3d:20:ce:b1:50:c2:59:54:d4:13:7e:
05:3b:32:e6:a1:4f:4c:a0:58:1f:c1:11:08:85:2d:5c:24:1e:
06:f7:33:37:b1:f6:32:62:57:bd:ec:a0:21:68:bc:42:7f:86:
99:8c:e6:b7:8a:0d:63:d7:7e:d4:9d:f5:14:76:28:61:c2:23:
94:4d:28:bd:e4:0f:42:3e:a7:72:62:5c:30:7b:29:8b:49:03:
d5:9a:c1:fe:9d:01:24:a5:95:0a:09:8a:26:ee:c3:df:27:39:
b1:3f:c2:08:a2:c3:8b:b3:af:d1:5b:f5:f4:ab:aa:21:bd:d6:
d3:aa:93:9b:af:40:8e:c5:d5:f9:37:cb:73:cd:df:7c:7f:d7:
58:92:a8:46:02:13:41:42:b3:29:e6:1a:0c:05:99:f4:ea:82:
76:9b:b3:9a:ae:2f:6f:af:4c:bb:87:cd:e6:5f:76:73:a8:51:
8e:5d:c6:d0:8d:f7:d2:25:b9:21:55:13:bf:8b:7d:10:02:34:
cb:8a:c1:3f:75:52:4f:67:a1:ba:6b:57:11:f4:6f:92:80:7a:
8d:93:56:88
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVY68bZOOS1K+BogD6nTNzyjhQ+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMjFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxNTgyMDdiMzQ0YTIwYzM0N2E1MjY2M2IyMGZmN2VlNGU4ODc3MWMwNTY1
NjczM2NkZDhlMmRjM2M5YmEzYmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCJNyqiHgwvySur9BGSB//k6gEIzMag/nFgnAVZHXKVxM5nMVUkos66u5Um
QMc9rliiGwMkFglbquAJkVlFTHoqisB1PIehvO6vBDeEQWurFKgMuNVxzsfXy7C8
yXXNdPbK3ReoTpOjLhAPSoQWSLlKKc6t/BtFolgS78grBNTSuTGhFs3lF65XvcpH
9wKGGFj+D+qrxKyJRDw+UTqe4cC0fBQij4b/KBMnpI+IJXIiP09D5mB5NdphwArx
U2iYoTtMrdNsjrf83GxkEfRjKTopuJDybE4ovWEiv9DV8SXfP+ePf1mU132HzF9y
7iZrwIVdC54hlYV+gaYmZmH+4cUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFrT+t
9zHLDpIXmPfjKycZ02JqkTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQDFHj7p5sCyaUfDQoPOYpkQxsoNNx8duzJWPKTpckyd
4wo9p1xZVxaGglTtPSDOsVDCWVTUE34FOzLmoU9MoFgfwREIhS1cJB4G9zM3sfYy
Yle97KAhaLxCf4aZjOa3ig1j137UnfUUdihhwiOUTSi95A9CPqdyYlwweymLSQPV
msH+nQEkpZUKCYom7sPfJzmxP8IIosOLs6/RW/X0q6ohvdbTqpObr0COxdX5N8tz
zd98f9dYkqhGAhNBQrMp5hoMBZn06oJ2m7Oari9vr0y7h83mX3ZzqFGOXcbQjffS
JbkhVRO/i30QAjTLisE/dVJPZ6G6a1cR9G+SgHqNk1aI
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:56 2025 by rpki-client