Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
File: 620d46e8-bb13-40cd-8918-677590eaf682.roa (raw, json)
Hash identifier: AsXrDL6C/Mzt4tdK6SjdKh9E+4r18Sa0AOxnKjmlQHA=
Subject key identifier: A8:25:CE:50:CC:1E:03:53:36:B5:F4:74:E8:70:67:9D:82:DB:39:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 347DC7FBDFEE8564A618CBA8D376DE0CFAC238C5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
Signing time: Fri 26 Sep 2025 20:20:49 +0000
ROA not before: Fri 26 Sep 2025 20:20:49 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:7d:c7:fb:df:ee:85:64:a6:18:cb:a8:d3:76:de:0c:fa:c2:38:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:49 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=3df94743596ae4d384ec7a6db03a4b401431a2ee97b9adfda07f21b170fe29a1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ea:51:d9:01:a1:cd:b8:5c:c2:02:a6:70:4d:
f0:0e:4c:66:df:62:40:79:96:a0:6f:6c:c1:95:c2:
3b:48:2d:26:42:6b:22:69:f4:6b:6d:5d:d3:0a:c1:
d0:15:eb:5b:1a:ea:ae:df:f5:b0:9b:f8:51:e0:a1:
63:e4:0b:8e:63:b4:b2:20:c2:a1:d6:a7:b1:dd:59:
89:62:93:ce:6b:9d:a6:21:50:b9:f6:f7:6a:29:f5:
f7:6f:75:63:b5:74:18:aa:1a:ca:f6:a9:7c:c0:ed:
03:42:aa:8d:ac:66:b8:cb:e5:23:13:6f:13:75:cc:
45:8f:8e:73:38:88:d4:ab:22:40:c0:2e:87:3b:43:
65:59:97:0e:70:1e:61:52:12:fa:5f:ea:ef:e0:c9:
62:fa:1a:b8:be:6b:2b:e5:a1:c0:57:fd:3b:57:9a:
5f:a4:3a:62:d5:4c:0b:16:e2:08:71:08:c1:34:a0:
20:8d:34:d6:fd:7f:35:9f:32:82:a5:72:07:a0:42:
7e:a1:b0:9b:31:cf:0d:00:2f:f8:3b:f2:fb:cf:35:
90:f2:7b:e0:b8:8a:f0:cd:6d:82:1b:31:96:3e:52:
b8:b8:f6:a4:1a:87:39:3f:0e:57:a1:8f:0b:8b:42:
d6:5f:e1:f7:79:96:8f:0b:c4:4c:1e:32:70:3f:81:
6a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:25:CE:50:CC:1E:03:53:36:B5:F4:74:E8:70:67:9D:82:DB:39:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5c:06:cc:65:01:ca:5d:45:2d:c7:a8:0e:70:e1:41:84:b3:0e:
af:7d:ab:e6:cc:f5:9e:c6:e9:0b:4f:12:23:ef:72:28:0a:23:
90:ab:69:b9:72:0a:80:1f:bb:d0:3e:fb:92:ea:a7:32:4b:26:
fe:8c:71:4e:97:2e:ba:48:48:b9:40:b5:28:0d:d5:47:f3:bd:
7b:a4:71:61:c8:21:40:25:a9:31:da:c7:7c:64:a3:a4:c8:74:
ed:a4:fe:18:e9:3f:41:f9:f5:4d:54:61:17:76:ae:3b:5a:44:
ad:d4:a8:41:37:d4:fc:3f:09:5a:5a:8a:e5:1c:f2:32:57:54:
6c:77:25:71:28:95:2b:10:2c:54:91:e3:32:37:cd:85:85:e5:
8b:8b:94:bb:b3:c0:b3:5c:01:95:c0:b7:cb:2b:fb:c6:72:8d:
30:38:27:e9:5d:23:38:09:91:e2:3e:ee:c6:ff:61:ac:f3:3b:
8b:7c:85:b9:2c:03:69:81:93:17:15:0b:36:0a:64:d3:cb:12:
31:0d:97:0e:76:af:93:95:ff:46:ac:97:e9:f3:d0:a6:39:a7:
16:9b:94:f5:bd:b8:53:ea:3b:e6:5b:ae:96:70:86:08:fd:d0:
1b:b8:9b:90:4b:f1:c4:98:d3:d8:51:88:39:c8:e2:a3:00:bc:
61:d5:67:c8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNH3H+9/uhWSmGMuo03beDPrCOMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNDlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkZjk0NzQzNTk2YWU0ZDM4NGVjN2E2ZGIwM2E0YjQwMTQzMWEyZWU5N2I5
YWRmZGEwN2YyMWIxNzBmZTI5YTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPqUdkBoc24XMICpnBN8A5MZt9iQHmWoG9swZXCO0gtJkJrImn0a21d0wrB
0BXrWxrqrt/1sJv4UeChY+QLjmO0siDCodansd1ZiWKTzmudpiFQufb3ain19291
Y7V0GKoayvapfMDtA0KqjaxmuMvlIxNvE3XMRY+OcziI1KsiQMAuhztDZVmXDnAe
YVIS+l/q7+DJYvoauL5rK+WhwFf9O1eaX6Q6YtVMCxbiCHEIwTSgII001v1/NZ8y
gqVyB6BCfqGwmzHPDQAv+Dvy+881kPJ74LiK8M1tghsxlj5SuLj2pBqHOT8OV6GP
C4tC1l/h93mWjwvETB4ycD+BaqsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSoJc5Q
zB4DUza19HTocGedgts5LzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjIwZDQ2ZTgtYmIxMy00MGNkLTg5MTgtNjc3NTkwZWFmNjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQBcBsxlAcpdRS3HqA5w4UGEsw6vfavmzPWexukLTxIj
73IoCiOQq2m5cgqAH7vQPvuS6qcySyb+jHFOly66SEi5QLUoDdVH8717pHFhyCFA
Jakx2sd8ZKOkyHTtpP4Y6T9B+fVNVGEXdq47WkSt1KhBN9T8PwlaWorlHPIyV1Rs
dyVxKJUrECxUkeMyN82FheWLi5S7s8CzXAGVwLfLK/vGco0wOCfpXSM4CZHiPu7G
/2Gs8zuLfIW5LANpgZMXFQs2CmTTyxIxDZcOdq+Tlf9GrJfp89CmOacWm5T1vbhT
6jvmW66WcIYI/dAbuJuQS/HEmNPYUYg5yOKjALxh1WfI
-----END CERTIFICATE-----
Generated at Wed Oct 8 19:42:40 2025 by rpki-client