Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c8ae942-f8e3-4cdb-8c6e-8aaeda879863.roa
File: 9c8ae942-f8e3-4cdb-8c6e-8aaeda879863.roa (raw, json)
Hash identifier: lsMI9RvS9G9ec2fKvtjcx2iq4LmvG1VyUUsJSVgjado=
Subject key identifier: 28:F7:F9:34:1F:7C:24:EE:EA:DA:A4:CE:7A:7E:3D:73:1D:59:51:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AFA580CAEA0DA218050E92FE8F261FAE75033A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c8ae942-f8e3-4cdb-8c6e-8aaeda879863.roa
Signing time: Mon 06 Oct 2025 18:10:34 +0000
ROA not before: Mon 06 Oct 2025 18:10:34 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:fa:58:0c:ae:a0:da:21:80:50:e9:2f:e8:f2:61:fa:e7:50:33:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:34 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=e9a9853989b7ffa05c0dedd5a05371b0345ea49e58c1f964b049ca6e99a9e604, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:75:8c:a6:4c:12:aa:44:50:d0:a6:75:cd:22:
d3:92:97:2e:85:ef:0a:83:b5:ca:85:6a:4b:5a:c8:
ba:8e:4b:87:dc:17:1c:1f:72:8a:a6:08:5f:71:9b:
8a:87:84:66:33:87:58:38:f4:70:c1:92:1f:93:db:
c9:d6:03:0f:04:2a:6d:dd:20:f6:8d:2e:a8:c7:1a:
83:be:1f:01:e6:63:9d:6a:03:2c:3c:ff:e7:88:d1:
62:ce:f1:93:dc:c6:f3:44:c1:6b:25:4f:c3:8c:8f:
48:c5:2d:6b:c3:7c:3d:00:4c:5c:ce:9f:95:cd:f0:
03:4a:96:4b:f4:86:b4:b1:4c:15:68:10:b1:99:af:
5f:42:c3:de:79:63:7f:b9:aa:fe:f9:ce:f4:d2:fa:
29:3f:79:28:73:40:ae:21:b1:f1:7c:5a:0d:fb:d0:
fc:c0:3a:d4:9d:e1:c2:21:7b:29:fd:34:ff:72:24:
9c:92:f8:93:ab:df:94:84:f0:59:a2:34:22:a9:c7:
cb:06:6a:25:5c:cf:7f:92:b0:98:9a:fb:77:c8:ff:
15:40:fe:0c:73:01:59:60:ab:e0:fc:1b:31:c6:95:
e3:4f:9a:62:c1:bb:10:e6:e8:5d:e2:f2:90:1c:f8:
99:27:2e:a1:b0:85:11:dc:07:83:e9:21:2f:0b:fa:
da:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F7:F9:34:1F:7C:24:EE:EA:DA:A4:CE:7A:7E:3D:73:1D:59:51:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c8ae942-f8e3-4cdb-8c6e-8aaeda879863.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8f:c3:3b:a0:33:ce:df:30:1d:19:8e:c6:57:c6:fd:3f:e3:03:
bd:f5:b8:69:d8:aa:6a:d1:1f:61:92:60:fd:77:c6:46:62:48:
53:eb:25:20:b0:be:d2:2a:e2:0e:7d:b2:ac:24:0a:6a:62:a8:
bd:11:f9:79:a8:b2:78:df:7a:8a:d3:db:47:fb:49:e4:ac:42:
b6:e9:d1:4e:ed:4a:76:22:6b:cb:2a:76:b9:28:5e:e0:6e:4e:
32:f4:36:8f:f2:8c:52:68:c0:91:9c:c6:25:44:ba:67:a4:ad:
7e:60:39:ca:51:fa:2b:d9:b4:9f:c0:31:63:0c:74:36:4d:51:
62:48:db:f1:96:cf:93:4e:33:f2:82:f7:31:20:1b:e4:c4:3b:
a9:ee:4c:c6:eb:b4:10:22:b6:2a:19:30:48:1d:78:d3:83:d3:
e9:e8:87:a2:e6:f1:0f:0a:20:40:cc:1f:ca:d0:ef:8d:2c:da:
8a:61:e4:c7:51:7e:36:16:b0:91:b3:ea:a3:87:8f:ef:f1:5b:
06:d0:45:b0:ba:10:08:ab:b2:50:83:4f:e3:98:28:a3:32:22:
79:e9:fd:63:a3:ab:16:95:59:10:d2:67:0b:37:e6:19:d6:42:
54:3a:af:9c:04:8f:8f:8d:fb:49:7d:6b:af:30:5d:86:79:d1:
d1:20:86:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWvpYDK6g2iGAUOkv6PJh+udQM6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzRaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YTk4NTM5ODliN2ZmYTA1YzBkZWRkNWEwNTM3MWIwMzQ1ZWE0OWU1OGMx
Zjk2NGIwNDljYTZlOTlhOWU2MDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd1jKZMEqpEUNCmdc0i05KXLoXvCoO1yoVqS1rIuo5Lh9wXHB9yiqYIX3Gb
ioeEZjOHWDj0cMGSH5PbydYDDwQqbd0g9o0uqMcag74fAeZjnWoDLDz/54jRYs7x
k9zG80TBayVPw4yPSMUta8N8PQBMXM6flc3wA0qWS/SGtLFMFWgQsZmvX0LD3nlj
f7mq/vnO9NL6KT95KHNAriGx8XxaDfvQ/MA61J3hwiF7Kf00/3IknJL4k6vflITw
WaI0IqnHywZqJVzPf5KwmJr7d8j/FUD+DHMBWWCr4PwbMcaV40+aYsG7EOboXeLy
kBz4mScuobCFEdwHg+khLwv62hkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQo9/k0
H3wk7urapM56fj1zHVlRtzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM4YWU5NDItZjhlMy00Y2RiLThjNmUtOGFhZWRhODc5ODYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQCPwzugM87fMB0ZjsZXxv0/4wO99bhp2Kpq0R9hkmD9
d8ZGYkhT6yUgsL7SKuIOfbKsJApqYqi9Efl5qLJ433qK09tH+0nkrEK26dFO7Up2
ImvLKna5KF7gbk4y9DaP8oxSaMCRnMYlRLpnpK1+YDnKUfor2bSfwDFjDHQ2TVFi
SNvxls+TTjPygvcxIBvkxDup7kzG67QQIrYqGTBIHXjTg9Pp6Iei5vEPCiBAzB/K
0O+NLNqKYeTHUX42FrCRs+qjh4/v8VsG0EWwuhAIq7JQg0/jmCijMiJ56f1jo6sW
lVkQ0mcLN+YZ1kJUOq+cBI+PjftJfWuvMF2GedHRIIb/
-----END CERTIFICATE-----
Generated at Wed Oct 8 21:34:29 2025 by rpki-client