Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: DY13nIrrkW3jt/ucO8uUuP9rBjQWPENs2XzGQzBwxZg=
Subject key identifier: 4D:1D:19:EB:4A:33:A2:F5:08:99:51:E9:5F:8E:32:B2:44:C1:67:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 315F0A5081FED9E090FE648E86CC04CE89A3B3A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Sat 15 Nov 2025 06:50:18 +0000
ROA not before: Sat 15 Nov 2025 06:50:18 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:5f:0a:50:81:fe:d9:e0:90:fe:64:8e:86:cc:04:ce:89:a3:b3:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:50:18 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=8cdd60154203c51e31ea4e2e98049a454006ec832ef9b5bdb813bd19f8423e3a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:41:5c:13:19:62:1c:57:2f:c8:b6:a6:3f:3f:
19:9f:f8:1d:30:1f:7c:bb:b6:6b:dc:b8:3c:f1:ae:
2c:ce:36:0c:85:77:22:67:38:46:67:cb:29:18:88:
1f:7e:a0:05:b5:16:4c:19:88:93:b9:ba:69:67:b0:
e8:3f:ac:a2:8a:30:d5:0e:fe:5f:a6:5d:f8:48:0f:
bd:47:b0:62:15:5e:13:68:bf:d0:f9:87:c0:9d:40:
b3:33:b2:9f:2a:33:0f:58:6f:25:70:08:d5:37:e6:
98:6a:fc:f3:90:c3:e9:a6:50:65:1e:b8:1f:d2:d9:
9f:a4:fe:af:cf:f5:84:d5:5f:1b:49:23:68:46:d1:
ed:8a:fa:e6:a0:07:71:a3:1e:e1:07:36:58:73:1d:
38:fd:ad:f0:e8:bc:aa:37:80:e6:5a:d0:52:1b:cd:
4a:da:28:eb:b1:1a:b9:e9:25:03:e6:e7:41:11:dd:
5b:8d:df:d4:68:c8:68:09:a6:4b:85:42:0e:04:79:
08:b3:8b:06:73:8f:9b:f3:e7:42:81:81:61:80:2e:
99:c6:1d:14:f4:3a:5c:d6:c2:45:66:58:f9:99:16:
fc:40:57:9c:32:c7:a3:4d:e5:e0:2b:7a:68:62:d1:
c1:b4:29:2f:17:1f:ab:fa:52:c8:79:1c:ae:c7:7d:
4c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1D:19:EB:4A:33:A2:F5:08:99:51:E9:5F:8E:32:B2:44:C1:67:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
04:fe:d7:97:c4:b2:6e:00:7d:c9:7f:2e:3d:b4:fa:65:c2:74:
13:34:72:01:b7:ba:4e:c2:ab:b3:cc:b1:e1:8f:ff:c2:60:64:
2a:74:ff:1c:8d:2d:d9:31:e2:52:06:28:8d:20:a1:b5:06:0a:
c0:f2:02:a0:2e:13:34:c9:46:66:19:72:7a:77:22:cb:2c:6a:
96:0d:83:82:20:92:cb:db:a4:8b:f5:04:ba:d0:05:63:ac:f3:
1d:01:8b:e6:07:05:7b:1b:a7:e8:f4:ec:f3:bc:a9:78:df:cc:
1c:a6:3a:32:57:74:b9:9e:1c:62:11:82:52:ef:5f:64:60:8b:
3e:0b:e2:b0:a1:54:8e:68:0e:da:92:2a:52:45:3d:f4:b2:06:
72:63:8c:49:ee:10:ca:3e:68:81:f0:8f:62:ef:ab:2c:8c:e6:
9e:89:52:1c:c7:fd:4e:b1:b1:8f:7c:7d:9f:1f:12:be:50:e5:
ca:2c:f9:5c:bf:62:da:a4:11:d6:de:0a:99:88:f3:5d:b3:df:
f1:7d:70:3c:8d:87:af:d8:c3:3c:6c:b8:b7:03:a0:41:53:66:
20:4a:86:4f:48:8c:e7:5f:63:c1:52:2c:05:1b:19:51:9a:4f:
4d:e6:f1:54:4c:f4:3a:e6:7f:ac:99:0d:97:c7:ef:fc:ea:8d:
d7:82:51:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMV8KUIH+2eCQ/mSOhswEzomjs6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjUwMThaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjZGQ2MDE1NDIwM2M1MWUzMWVhNGUyZTk4MDQ5YTQ1NDAwNmVjODMyZWY5
YjViZGI4MTNiZDE5Zjg0MjNlM2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdBXBMZYhxXL8i2pj8/GZ/4HTAffLu2a9y4PPGuLM42DIV3Imc4RmfLKRiI
H36gBbUWTBmIk7m6aWew6D+sooow1Q7+X6Zd+EgPvUewYhVeE2i/0PmHwJ1AszOy
nyozD1hvJXAI1TfmmGr885DD6aZQZR64H9LZn6T+r8/1hNVfG0kjaEbR7Yr65qAH
caMe4Qc2WHMdOP2t8Oi8qjeA5lrQUhvNStoo67EaueklA+bnQRHdW43f1GjIaAmm
S4VCDgR5CLOLBnOPm/PnQoGBYYAumcYdFPQ6XNbCRWZY+ZkW/EBXnDLHo03l4Ct6
aGLRwbQpLxcfq/pSyHkcrsd9TDcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRNHRnr
SjOi9QiZUelfjjKyRMFnsTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQAE/teXxLJuAH3Jfy49tPplwnQTNHIBt7pOwquzzLHh
j//CYGQqdP8cjS3ZMeJSBiiNIKG1BgrA8gKgLhM0yUZmGXJ6dyLLLGqWDYOCIJLL
26SL9QS60AVjrPMdAYvmBwV7G6fo9OzzvKl438wcpjoyV3S5nhxiEYJS719kYIs+
C+KwoVSOaA7akipSRT30sgZyY4xJ7hDKPmiB8I9i76ssjOaeiVIcx/1OsbGPfH2f
HxK+UOXKLPlcv2LapBHW3gqZiPNds9/xfXA8jYev2MM8bLi3A6BBU2YgSoZPSIzn
X2PBUiwFGxlRmk9N5vFUTPQ65n+smQ2Xx+/86o3XglHb
-----END CERTIFICATE-----
Generated at Sat Nov 15 16:26:13 2025 by rpki-client