Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa
File: 7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa (raw, json)
Hash identifier: OCoiL7soZwTbTPL4NuvXGUdrSNIyHCdV7k5v0bzDAtQ=
Subject key identifier: 85:49:54:CE:9A:64:36:CE:62:F3:AD:A9:4B:3F:0C:45:A2:B5:D8:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B84E88D09537B2632A92193F0BB9EFF8107C0AB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa
Signing time: Mon 29 Sep 2025 15:40:24 +0000
ROA not before: Mon 29 Sep 2025 15:40:24 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:84:e8:8d:09:53:7b:26:32:a9:21:93:f0:bb:9e:ff:81:07:c0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:24 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=1d4d28a3f0e95f407cf2c4f6072908b67c9fe681e5368a2613050f23c30d94d1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:1f:07:8a:06:9b:70:54:f9:cc:bd:9a:ed:
cb:98:c9:7a:31:71:f9:d2:c9:2a:a1:34:7b:21:9b:
15:43:2a:cf:dc:16:a3:28:da:e1:0a:b9:70:0c:3e:
a1:ec:02:74:1b:cf:97:31:d8:72:62:0e:08:3c:6b:
cd:ba:7d:51:78:de:1b:31:8d:41:fc:cb:51:96:8a:
d8:7b:f5:8e:69:e8:a7:c3:97:10:00:17:e6:0a:37:
32:10:04:12:39:5c:fb:c4:ef:0c:10:f4:30:c4:5f:
dc:75:7a:c7:73:93:e0:00:0e:79:43:7a:8a:6d:e1:
bf:3b:ba:98:d4:84:48:25:a2:14:69:42:f2:87:16:
69:93:d7:2a:d7:6c:66:f6:da:cf:36:b6:0c:ed:73:
ff:5b:4d:c9:bc:fc:39:01:ee:f1:56:f4:88:02:34:
3a:d7:95:ea:39:47:f1:c8:b3:fe:b3:be:fa:02:7f:
4a:7c:f9:db:ce:be:86:2d:15:bc:f7:45:e6:ab:9e:
bf:b2:a2:61:3c:a4:e2:21:90:26:5b:7e:eb:27:c6:
5c:03:bf:a0:16:7a:77:33:7d:5f:e8:d9:a3:ff:50:
b3:e2:ac:b5:07:0d:fe:89:f7:00:c4:02:1f:b6:5c:
62:26:ad:2b:73:1c:ee:8a:93:52:1c:15:fe:31:16:
ed:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:49:54:CE:9A:64:36:CE:62:F3:AD:A9:4B:3F:0C:45:A2:B5:D8:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:46:17:a4:87:ed:d5:b8:a6:51:68:fc:7e:fd:40:50:80:ac:
a6:66:c6:f6:77:bc:7d:61:20:c2:89:b8:6a:69:06:8f:5a:0e:
df:fa:63:c6:ff:76:58:37:e0:3e:c7:11:84:30:30:a2:3d:a7:
70:27:e0:66:9d:57:cb:38:1c:3d:b0:f3:e3:56:f2:b7:7d:32:
ef:5d:3f:bd:c4:38:f5:dd:ce:17:21:e6:a3:9c:c9:e2:09:79:
c8:25:d5:29:df:fe:3c:bc:c8:4a:37:a3:5b:f5:ae:92:3e:0c:
d3:0d:93:d7:7d:48:39:c8:e6:60:72:ca:e2:da:8e:57:68:23:
99:e5:58:27:ed:5d:d1:5c:69:b1:0d:30:da:fa:8a:dc:e4:01:
dc:9e:fc:61:59:10:0e:14:ae:80:50:3c:db:f6:11:86:fc:c0:
34:df:5c:b9:30:db:91:a9:8c:6d:24:b7:32:b9:4a:24:89:1b:
dd:c0:0a:21:ef:27:01:b5:db:0c:b3:25:59:1f:05:6c:10:ca:
b5:2a:67:48:96:54:04:d0:22:ac:e9:3b:e4:2a:f2:b1:9f:b2:
97:90:3a:2f:5a:bd:e7:8a:6f:ef:50:ab:2f:b6:6d:d9:6d:a7:
96:48:be:4d:21:3c:e1:7f:02:bf:31:ec:d7:92:17:bf:fa:54:
0f:b3:c8:25
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK4TojQlTeyYyqSGT8Lue/4EHwKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMjRaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkNGQyOGEzZjBlOTVmNDA3Y2YyYzRmNjA3MjkwOGI2N2M5ZmU2ODFlNTM2
OGEyNjEzMDUwZjIzYzMwZDk0ZDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCFHweKBptwVPnMvZrty5jJejFx+dLJKqE0eyGbFUMqz9wWoyja4Qq5cAw+
oewCdBvPlzHYcmIOCDxrzbp9UXjeGzGNQfzLUZaK2Hv1jmnop8OXEAAX5go3MhAE
Ejlc+8TvDBD0MMRf3HV6x3OT4AAOeUN6im3hvzu6mNSESCWiFGlC8ocWaZPXKtds
Zvbazza2DO1z/1tNybz8OQHu8Vb0iAI0OteV6jlH8ciz/rO++gJ/Snz5286+hi0V
vPdF5quev7KiYTyk4iGQJlt+6yfGXAO/oBZ6dzN9X+jZo/9Qs+KstQcN/on3AMQC
H7ZcYiatK3Mc7oqTUhwV/jEW7RMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSFSVTO
mmQ2zmLzralLPwxForXYNjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y3MTk1ZmQtYmY5NS00YjNhLTgxYjEtOTA4YTg5YjhiNGIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQAyRhekh+3VuKZRaPx+/UBQgKymZsb2d7x9YSDCibhq
aQaPWg7f+mPG/3ZYN+A+xxGEMDCiPadwJ+BmnVfLOBw9sPPjVvK3fTLvXT+9xDj1
3c4XIeajnMniCXnIJdUp3/48vMhKN6Nb9a6SPgzTDZPXfUg5yOZgcsri2o5XaCOZ
5Vgn7V3RXGmxDTDa+orc5AHcnvxhWRAOFK6AUDzb9hGG/MA031y5MNuRqYxtJLcy
uUokiRvdwAoh7ycBtdsMsyVZHwVsEMq1KmdIllQE0CKs6TvkKvKxn7KXkDovWr3n
im/vUKsvtm3ZbaeWSL5NITzhfwK/MezXkhe/+lQPs8gl
-----END CERTIFICATE-----
Generated at Wed Oct 8 21:14:50 2025 by rpki-client