Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
File: 85620864-b6e3-4aeb-8798-74669cc5226c.roa (raw, json)
Hash identifier: wl8B1G+ZaHYHE8hpiQo/ZDLU3ilISmEP/mglYawcpz0=
Subject key identifier: 32:E3:99:EB:5B:03:51:ED:88:1C:5C:20:F7:F0:40:B2:74:82:B4:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 543B9288053D2B98D10C055D9FFC5099ED579C1A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
Signing time: Fri 26 Sep 2025 20:20:38 +0000
ROA not before: Fri 26 Sep 2025 20:20:38 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:3b:92:88:05:3d:2b:98:d1:0c:05:5d:9f:fc:50:99:ed:57:9c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:38 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ed7fed96a6e74c4eab056b8de9cf521a3a9ac7e7dba97ca3a490551ba96cac47, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:46:0e:14:1a:18:f4:3c:35:b0:94:3b:39:dc:
ac:c2:5c:c9:68:e9:93:10:82:75:df:d0:4f:72:aa:
f1:50:2d:a2:ca:8a:43:64:1b:23:6c:5f:b9:86:e3:
fa:f0:d1:6b:23:b0:9c:83:22:5a:fa:79:67:70:93:
0a:85:a4:a3:07:2d:67:d3:20:01:b3:f2:d5:04:b9:
4d:7b:d3:ca:59:6e:9c:18:90:6c:eb:d2:08:77:82:
e4:a5:68:d8:91:cd:57:78:e3:57:da:1e:98:b5:66:
4c:97:ed:e9:86:7b:f0:48:35:2f:e2:95:95:90:cd:
b8:22:59:5c:69:2a:fc:55:e9:39:7e:fc:0f:c5:6c:
34:f4:a7:76:0b:c9:44:f8:6b:04:5b:0a:85:a3:98:
6c:9b:0e:95:e3:7c:b4:51:0d:5e:87:0f:47:53:4a:
5f:fd:36:fc:ea:da:fb:fa:0a:f0:0c:ca:26:54:69:
ea:9a:56:b1:c8:d5:bb:1f:02:b0:ba:9b:6f:99:96:
d9:68:8d:7f:b9:dc:28:1a:f1:19:9a:6e:c2:eb:97:
ed:31:83:e9:0e:e8:aa:8e:c0:76:7a:1d:0f:5c:a6:
b6:3a:40:a6:0d:de:cf:21:38:fe:ac:65:d6:08:7c:
f6:58:87:5a:31:47:3c:41:28:47:5a:4f:67:57:64:
bd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E3:99:EB:5B:03:51:ED:88:1C:5C:20:F7:F0:40:B2:74:82:B4:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7e:d7:40:f6:b6:f3:da:11:d4:6e:a1:be:5c:00:ef:d5:48:5c:
0a:2f:ff:18:62:f8:eb:7b:f5:92:86:11:a5:23:6a:3b:6d:7e:
58:d3:c2:a5:bb:08:b2:e4:9e:a3:a0:30:9f:d9:54:d1:e4:62:
0e:d5:86:8d:d1:df:c8:4e:a3:24:c9:9a:a4:8e:be:57:84:54:
03:33:ee:d7:2b:a3:2b:52:f4:cc:67:a7:74:c8:78:f8:6b:5f:
b0:b6:7e:90:2a:fe:ee:5f:ca:86:0e:ca:0d:80:42:1a:c5:0f:
c8:93:28:b7:5c:b5:a4:36:53:f4:73:fa:d7:2f:ab:12:88:d0:
e0:a9:13:03:7e:ad:38:0d:19:fe:d1:d6:c5:d6:69:27:7c:0c:
96:e7:93:be:05:fc:10:8c:6e:31:a8:22:c3:c2:09:bb:7b:bf:
1a:5e:e0:7c:41:93:03:08:e7:ed:1b:4c:1f:b5:a9:cc:97:18:
b5:3a:bc:81:47:3f:f1:9a:d4:b4:d6:fc:0b:a7:e5:bb:79:cb:
7c:89:0f:7f:7f:08:fd:35:c8:92:9c:6d:d3:d4:e7:28:16:ce:
bf:0d:f6:41:fe:07:04:e9:1e:48:33:a7:43:b8:ca:e0:9d:cb:
54:34:1f:4f:a0:49:06:e3:27:bb:8a:34:ba:ba:bd:13:72:23:
f1:9a:4d:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVDuSiAU9K5jRDAVdn/xQme1XnBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMzhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkN2ZlZDk2YTZlNzRjNGVhYjA1NmI4ZGU5Y2Y1MjFhM2E5YWM3ZTdkYmE5
N2NhM2E0OTA1NTFiYTk2Y2FjNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIlGDhQaGPQ8NbCUOzncrMJcyWjpkxCCdd/QT3Kq8VAtosqKQ2QbI2xfuYbj
+vDRayOwnIMiWvp5Z3CTCoWkowctZ9MgAbPy1QS5TXvTyllunBiQbOvSCHeC5KVo
2JHNV3jjV9oemLVmTJft6YZ78Eg1L+KVlZDNuCJZXGkq/FXpOX78D8VsNPSndgvJ
RPhrBFsKhaOYbJsOleN8tFENXocPR1NKX/02/Ora+/oK8AzKJlRp6ppWscjVux8C
sLqbb5mW2WiNf7ncKBrxGZpuwuuX7TGD6Q7oqo7AdnodD1ymtjpApg3ezyE4/qxl
1gh89liHWjFHPEEoR1pPZ1dkvQcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQy45nr
WwNR7YgcXCD38ECydIK0NjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU2MjA4NjQtYjZlMy00YWViLTg3OTgtNzQ2NjljYzUyMjZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQB+10D2tvPaEdRuob5cAO/VSFwKL/8YYvjre/WShhGl
I2o7bX5Y08Kluwiy5J6joDCf2VTR5GIO1YaN0d/ITqMkyZqkjr5XhFQDM+7XK6Mr
UvTMZ6d0yHj4a1+wtn6QKv7uX8qGDsoNgEIaxQ/Ikyi3XLWkNlP0c/rXL6sSiNDg
qRMDfq04DRn+0dbF1mknfAyW55O+BfwQjG4xqCLDwgm7e78aXuB8QZMDCOftG0wf
tanMlxi1OryBRz/xmtS01vwLp+W7ect8iQ9/fwj9NciSnG3T1OcoFs6/DfZB/gcE
6R5IM6dDuMrgnctUNB9PoEkG4ye7ijS6ur0TciPxmk1n
-----END CERTIFICATE-----
Generated at Wed Oct 8 21:17:17 2025 by rpki-client