Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: /PSQd39ZFvOir7UIwWABtulf1bUOIJk4BmMGLwZ28pE=
Subject key identifier: 92:30:B0:CB:C2:C9:40:B7:2B:AF:1B:CA:86:31:43:62:5D:4F:B7:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26E797CAA0D76569DA2CCDE3990AAA562C3E402F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Tue 21 Oct 2025 14:40:08 +0000
ROA not before: Tue 21 Oct 2025 14:40:08 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:e7:97:ca:a0:d7:65:69:da:2c:cd:e3:99:0a:aa:56:2c:3e:40:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:08 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=05dd9b193971ea57aa189ad87706b1f6a5c9dcd4706ad7b1f4205eb4859388ac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:97:97:48:f6:2c:ac:d7:ca:bc:b4:35:8a:47:
4d:d6:ff:b9:50:ba:eb:e9:dd:be:d9:5d:a9:2b:55:
49:86:17:58:98:e6:47:1a:2a:91:c0:53:40:c3:d7:
71:b2:38:0d:27:4d:25:a9:0d:ea:b2:10:b2:08:0a:
ad:57:c0:92:27:3b:96:e5:8a:44:24:54:29:38:6a:
5b:ad:02:8b:b6:2a:3a:0d:a9:45:5a:6e:3c:dd:44:
5e:d8:e7:71:e0:5e:a2:83:3d:03:41:a7:48:cd:50:
ca:65:ef:7f:57:7c:38:88:84:70:d6:cf:51:36:08:
5c:50:42:0b:ed:b5:a1:2d:21:f1:dd:26:70:75:7a:
a4:31:e0:80:a6:2f:59:57:fd:c7:0b:91:08:d9:9f:
81:ff:27:fc:5e:8c:5e:7f:eb:69:46:d2:a5:fc:5f:
0b:35:a4:12:ab:12:e3:e7:a0:7d:84:9a:ba:1b:26:
0a:2c:58:6f:3f:8b:cb:e5:bc:a5:86:d6:d9:48:b4:
cd:98:30:df:92:61:36:53:55:6e:9c:fa:ce:08:87:
c5:e5:d2:c9:d7:a6:d5:8f:e2:d3:e7:d8:77:da:77:
fd:e1:21:47:72:a9:6d:7d:4e:96:21:44:7a:de:cb:
99:84:ce:95:35:8c:18:65:42:0e:2b:d3:6a:6f:8f:
f2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:30:B0:CB:C2:C9:40:B7:2B:AF:1B:CA:86:31:43:62:5D:4F:B7:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
23:ed:9d:a7:b8:90:cf:4a:12:a3:7f:63:e7:21:e3:72:c9:a9:
90:f0:70:fc:21:02:bc:3c:cf:71:74:52:20:a0:55:b2:5e:c9:
b2:fc:27:18:5d:cf:1a:52:0b:2f:a0:fc:9d:5f:e0:84:18:9a:
fa:5f:79:f1:39:41:02:42:f3:3e:2a:86:07:20:2e:4a:43:fd:
3e:07:16:e7:79:4d:7a:c4:b8:67:1d:0e:54:ba:f3:b3:9e:1e:
05:96:d7:01:35:a2:d7:cc:a2:c0:1f:a8:d2:6a:b5:a8:62:ec:
ca:55:ac:47:05:e6:61:44:74:70:f7:5f:ea:e0:22:7e:83:bc:
f1:e8:cf:49:c0:ed:2d:d2:e8:de:76:a3:9c:fb:42:34:2c:42:
51:06:c0:8b:16:00:f5:52:b8:01:cd:df:2b:56:18:86:e4:af:
39:b3:78:df:6d:77:a7:0b:14:4e:72:bb:a1:a0:17:76:1d:7b:
d9:ba:b7:b9:58:34:25:e6:8f:7f:37:f1:32:d5:a9:bc:a5:68:
93:b1:62:4e:2c:b0:33:e3:95:2c:7e:19:bf:31:c7:de:14:9a:
eb:17:40:5d:b1:d9:a4:15:c4:19:d7:84:7b:dc:a8:24:42:a6:
79:ab:05:55:fc:77:af:03:0d:72:ac:f3:d8:74:cf:c3:f2:52:
78:b7:b1:2e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJueXyqDXZWnaLM3jmQqqViw+QC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1ZGQ5YjE5Mzk3MWVhNTdhYTE4OWFkODc3MDZiMWY2YTVjOWRjZDQ3MDZh
ZDdiMWY0MjA1ZWI0ODU5Mzg4YWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSXl0j2LKzXyry0NYpHTdb/uVC66+ndvtldqStVSYYXWJjmRxoqkcBTQMPX
cbI4DSdNJakN6rIQsggKrVfAkic7luWKRCRUKThqW60Ci7YqOg2pRVpuPN1EXtjn
ceBeooM9A0GnSM1QymXvf1d8OIiEcNbPUTYIXFBCC+21oS0h8d0mcHV6pDHggKYv
WVf9xwuRCNmfgf8n/F6MXn/raUbSpfxfCzWkEqsS4+egfYSauhsmCixYbz+Ly+W8
pYbW2Ui0zZgw35JhNlNVbpz6zgiHxeXSydem1Y/i0+fYd9p3/eEhR3KpbX1OliFE
et7LmYTOlTWMGGVCDivTam+P8gUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSSMLDL
wslAtyuvG8qGMUNiXU+3eDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQAj7Z2nuJDPShKjf2PnIeNyyamQ8HD8IQK8PM9xdFIg
oFWyXsmy/CcYXc8aUgsvoPydX+CEGJr6X3nxOUECQvM+KoYHIC5KQ/0+BxbneU16
xLhnHQ5UuvOznh4FltcBNaLXzKLAH6jSarWoYuzKVaxHBeZhRHRw91/q4CJ+g7zx
6M9JwO0t0ujedqOc+0I0LEJRBsCLFgD1UrgBzd8rVhiG5K85s3jfbXenCxROcruh
oBd2HXvZure5WDQl5o9/N/Ey1am8pWiTsWJOLLAz45Usfhm/McfeFJrrF0Bdsdmk
FcQZ14R73KgkQqZ5qwVV/HevAw1yrPPYdM/D8lJ4t7Eu
-----END CERTIFICATE-----
Generated at Wed Oct 29 02:56:13 2025 by rpki-client