Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: +g+LVCiPMDGeccr0vyLGQlVb2qNizW4R/ZX5X9EshiY=
Subject key identifier: B5:BA:44:F2:95:B2:33:F6:E6:47:23:75:6F:DC:12:81:99:99:87:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EAB08E49657D58374A104D2482114586E24F3CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Mon 01 Sep 2025 21:31:13 +0000
ROA not before: Mon 01 Sep 2025 21:31:13 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ab:08:e4:96:57:d5:83:74:a1:04:d2:48:21:14:58:6e:24:f3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:31:13 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c6b35cd5e9b990b35561d33729781da6e31586529b06007715c396644380164e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7a:77:e3:88:bc:25:3b:4d:18:77:d5:20:7e:
aa:72:1c:04:3e:7b:1e:5c:5d:b6:9a:98:90:11:6f:
17:a2:99:e0:5f:50:96:de:60:e3:49:b7:27:4d:b9:
2c:b9:2c:94:b0:a6:83:a6:d3:a0:68:76:a4:30:ef:
64:8f:d3:05:ab:16:78:9d:18:10:38:7a:ac:f9:9f:
14:36:1f:1a:bb:a3:ff:df:8e:76:56:ab:b4:1d:86:
33:88:ad:f5:b0:b6:f5:fe:89:65:fc:cc:a9:e1:81:
e9:cc:08:9a:bb:6d:8a:fd:5a:72:95:74:80:a3:29:
a4:16:e4:00:d2:87:71:ad:a0:0c:53:b9:7e:7f:76:
d2:06:6e:ed:f0:19:f4:87:e5:64:2b:43:c1:7e:ec:
18:f8:cc:3b:a8:f6:c7:8d:68:75:79:38:e8:5c:a4:
61:6f:84:15:c9:e7:7a:48:2a:98:5e:6a:aa:db:d3:
fe:1d:a7:95:8e:ed:8a:67:fc:d4:58:35:1f:70:16:
42:29:08:7a:44:53:ed:4b:cd:ae:7a:6d:32:1b:97:
82:b4:be:28:ae:f8:76:08:8a:e1:a5:a8:ec:3b:a5:
29:2e:8e:8e:a3:95:ef:6d:7f:53:70:58:f4:b4:5f:
e8:2f:39:44:5d:17:17:d0:c1:c2:f7:8e:09:80:36:
b9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BA:44:F2:95:B2:33:F6:E6:47:23:75:6F:DC:12:81:99:99:87:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
94:16:c6:aa:e5:38:e3:7a:d9:4d:32:fe:8b:bc:78:c3:b6:84:
2b:d8:78:b5:3d:9b:c8:c0:a8:18:df:17:83:b9:49:78:28:39:
74:af:64:d0:65:86:15:a8:25:5b:e5:5f:3d:a7:61:16:3b:e9:
f5:fe:06:2a:13:a6:81:5b:70:0b:38:56:76:15:06:a5:51:65:
f2:13:f8:f9:ec:6f:a4:e7:df:d7:b0:3b:6c:ff:97:8a:aa:5d:
a6:56:16:62:3e:26:9f:d2:d0:dc:f9:81:e4:0f:9b:c4:13:7f:
f1:70:1a:3b:c4:62:ae:34:07:ce:f0:e8:ee:b9:4c:a2:52:77:
0f:75:36:f0:b8:dc:4a:60:db:30:56:e7:19:1e:9d:f4:ae:d2:
a6:e1:2b:f8:e8:71:b6:a9:5f:65:66:35:f9:91:d4:5c:14:cb:
ab:46:66:fe:7a:e7:59:a5:82:4b:41:81:a7:c4:92:ad:b3:36:
c5:e3:8b:70:c7:1b:0a:45:ef:83:e5:c8:1e:4d:1d:73:6a:5e:
79:88:ea:d2:59:3c:84:05:74:16:9b:56:d4:6e:91:ee:78:75:
b8:87:c4:c7:d7:7e:c7:7c:2b:e7:f0:78:c6:48:5f:24:70:1d:
a8:ac:5f:8a:09:89:ef:0b:d8:59:c9:3d:19:5e:e6:2f:f4:2e:
8c:d6:ec:58
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXqsI5JZX1YN0oQTSSCEUWG4k88owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMxMTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2YjM1Y2Q1ZTliOTkwYjM1NTYxZDMzNzI5NzgxZGE2ZTMxNTg2NTI5YjA2
MDA3NzE1YzM5NjY0NDM4MDE2NGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx6d+OIvCU7TRh31SB+qnIcBD57HlxdtpqYkBFvF6KZ4F9Qlt5g40m3J025
LLkslLCmg6bToGh2pDDvZI/TBasWeJ0YEDh6rPmfFDYfGruj/9+OdlartB2GM4it
9bC29f6JZfzMqeGB6cwImrttiv1acpV0gKMppBbkANKHca2gDFO5fn920gZu7fAZ
9IflZCtDwX7sGPjMO6j2x41odXk46FykYW+EFcnnekgqmF5qqtvT/h2nlY7timf8
1Fg1H3AWQikIekRT7UvNrnptMhuXgrS+KK74dgiK4aWo7DulKS6OjqOV721/U3BY
9LRf6C85RF0XF9DBwveOCYA2uQ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1ukTy
lbIz9uZHI3Vv3BKBmZmH+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQCUFsaq5TjjetlNMv6LvHjDtoQr2Hi1PZvIwKgY3xeD
uUl4KDl0r2TQZYYVqCVb5V89p2EWO+n1/gYqE6aBW3ALOFZ2FQalUWXyE/j57G+k
59/XsDts/5eKql2mVhZiPiaf0tDc+YHkD5vEE3/xcBo7xGKuNAfO8OjuuUyiUncP
dTbwuNxKYNswVucZHp30rtKm4Sv46HG2qV9lZjX5kdRcFMurRmb+eudZpYJLQYGn
xJKtszbF44twxxsKRe+D5cgeTR1zal55iOrSWTyEBXQWm1bUbpHueHW4h8TH137H
fCvn8HjGSF8kcB2orF+KCYnvC9hZyT0ZXuYv9C6M1uxY
-----END CERTIFICATE-----
Generated at Thu Sep 18 07:00:11 2025 by rpki-client