Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa
File: 4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa (raw, json)
Hash identifier: aout5DtK89s1OCzTOPI2GXl2p8ANXtqzyc5sVw5lCbs=
Subject key identifier: 57:CF:66:9E:1B:E4:0D:D8:9F:83:D6:C1:53:D3:43:94:D8:3B:64:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 488A2107CB186229E4B8ACBE02861E4E51355D8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa
Signing time: Fri 26 Sep 2025 20:20:16 +0000
ROA not before: Fri 26 Sep 2025 20:20:16 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:8a:21:07:cb:18:62:29:e4:b8:ac:be:02:86:1e:4e:51:35:5d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:16 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=b118f6c64ccfce4540df389b6e9964c4d6641ce26266e8b19899521a4360ae3f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:95:33:31:75:e5:52:d2:b6:0c:dc:a8:1a:89:
45:f0:79:5f:49:a6:9a:df:9a:de:a8:70:a6:7a:64:
4c:0c:58:fe:0a:f3:ee:dc:63:7a:c6:fa:e6:80:18:
b5:fc:20:55:85:27:db:3d:f7:22:7d:a0:2f:65:ec:
7c:7f:57:a3:6f:26:b1:ec:30:3b:92:a5:24:3a:d3:
51:11:fe:62:3f:70:f1:b6:a6:dd:e6:f5:32:1b:29:
86:e1:1b:05:bc:f8:9a:9d:b6:89:fd:88:15:57:97:
87:b9:52:61:87:47:55:e0:e5:0b:2c:0f:77:8c:71:
60:f9:99:90:0a:a8:cc:af:07:92:e7:35:69:34:1e:
8d:57:fa:d6:45:54:bb:d0:b8:8e:59:a1:12:43:7c:
b6:e2:c6:c7:27:ca:d8:3c:77:67:8f:c1:6e:df:e8:
34:70:d9:81:b4:ee:a6:57:8a:4d:94:e6:09:1f:94:
08:e0:8b:77:41:09:1b:19:c6:04:37:f2:3a:15:0f:
ac:08:43:8d:49:39:55:99:4c:b7:41:07:91:47:1a:
cf:f0:ec:3e:17:9f:7c:04:d6:be:a8:9d:0c:d5:28:
9e:1d:41:73:b6:cb:4c:6e:1b:3c:b4:8b:10:ab:c2:
1b:bb:3d:d7:49:d1:80:be:fc:ee:7f:5d:ae:9c:13:
fb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CF:66:9E:1B:E4:0D:D8:9F:83:D6:C1:53:D3:43:94:D8:3B:64:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c8:98:de:ff:ce:c1:ad:3f:12:3b:90:af:1a:1f:77:71:fd:2e:
c9:11:2c:21:5b:a6:7d:ed:e0:70:bb:11:d2:b2:0e:d0:b8:4b:
8c:86:84:53:b5:7e:1a:f2:f3:5c:8a:d3:a7:02:0e:4e:4a:e6:
b6:cd:d0:6a:86:d4:a6:9a:fe:cc:f6:ac:ef:fc:d5:3e:ba:9f:
5a:4f:dc:25:07:04:61:1c:a9:1e:45:b5:af:5b:36:67:51:82:
a6:4a:98:6a:0a:e0:2f:b6:31:bf:c7:fb:61:b5:27:6a:2f:3e:
e7:06:14:38:26:bb:87:0a:50:9e:a1:50:a6:17:1a:cb:76:92:
34:7d:08:8f:90:e0:7b:ec:15:14:1a:eb:45:90:44:39:5a:65:
76:60:b8:34:81:60:d7:25:cf:4c:fe:ad:9e:2e:a5:69:6e:0d:
08:5d:8e:ac:12:ba:bd:9a:76:25:e9:f4:d5:66:94:e5:cb:f0:
4e:5e:e5:03:52:d5:2f:a2:6f:d4:6e:b4:b8:bc:82:37:a2:ef:
ab:25:11:76:ae:68:5d:e7:5d:00:ec:58:29:65:d4:4a:66:4c:
15:f9:35:99:19:21:20:e5:8e:ff:7a:5b:e1:1f:10:a3:bd:c0:
f0:34:e7:91:a0:d3:44:e2:5a:ce:17:a2:be:8a:f4:29:e4:cd:
c5:bb:01:42
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSIohB8sYYinkuKy+AoYeTlE1XYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMThmNmM2NGNjZmNlNDU0MGRmMzg5YjZlOTk2NGM0ZDY2NDFjZTI2MjY2
ZThiMTk4OTk1MjFhNDM2MGFlM2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeVMzF15VLStgzcqBqJRfB5X0mmmt+a3qhwpnpkTAxY/grz7txjesb65oAY
tfwgVYUn2z33In2gL2XsfH9Xo28msewwO5KlJDrTURH+Yj9w8bam3eb1MhsphuEb
Bbz4mp22if2IFVeXh7lSYYdHVeDlCywPd4xxYPmZkAqozK8Hkuc1aTQejVf61kVU
u9C4jlmhEkN8tuLGxyfK2Dx3Z4/Bbt/oNHDZgbTupleKTZTmCR+UCOCLd0EJGxnG
BDfyOhUPrAhDjUk5VZlMt0EHkUcaz/DsPheffATWvqidDNUonh1Bc7bLTG4bPLSL
EKvCG7s910nRgL787n9drpwT+3MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRXz2ae
G+QN2J+D1sFT00OU2DtkczAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGVhYWY5YWEtYmJjNC00MmE1LTllYWQtNzE2NGU3OTUzYWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDImN7/zsGtPxI7kK8aH3dx/S7JESwhW6Z97eBwuxHS
sg7QuEuMhoRTtX4a8vNcitOnAg5OSua2zdBqhtSmmv7M9qzv/NU+up9aT9wlBwRh
HKkeRbWvWzZnUYKmSphqCuAvtjG/x/thtSdqLz7nBhQ4JruHClCeoVCmFxrLdpI0
fQiPkOB77BUUGutFkEQ5WmV2YLg0gWDXJc9M/q2eLqVpbg0IXY6sErq9mnYl6fTV
ZpTly/BOXuUDUtUvom/UbrS4vII3ou+rJRF2rmhd510A7FgpZdRKZkwV+TWZGSEg
5Y7/elvhHxCjvcDwNOeRoNNE4lrOF6K+ivQp5M3FuwFC
-----END CERTIFICATE-----
Generated at Wed Oct 8 19:42:09 2025 by rpki-client