Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: nTZcg2B1J7yVWqcHj4WrinoHEeHkIjwLzqCEtrVQDrY=
Subject key identifier: 03:1E:15:F8:C3:3D:6E:FF:BC:A2:27:41:B8:5E:D9:54:35:37:73:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 242CFC48AC5203A6CB70D3933363D407D1AB7674
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Mon 01 Sep 2025 21:30:24 +0000
ROA not before: Mon 01 Sep 2025 21:30:24 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:2c:fc:48:ac:52:03:a6:cb:70:d3:93:33:63:d4:07:d1:ab:76:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:24 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=9d29265b4dc90ee7d3adb2144e50aec8df1c58fb55ddb0f45cdeda31249a4a0d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:fc:21:26:bc:bb:55:b4:40:c5:a8:d4:d2:
ff:06:39:d9:15:3d:8f:b9:c8:a8:bb:7b:11:b2:06:
b2:20:de:7e:ea:dc:a1:cc:e2:c7:e4:3d:5d:eb:4c:
25:75:f4:ee:f8:44:97:65:41:36:03:b7:61:1e:0e:
0a:bb:85:ba:a5:05:34:29:a0:8a:35:11:d2:df:be:
62:e5:80:e7:e0:72:c7:6e:e6:fd:d8:0f:60:13:6c:
4f:06:a2:06:26:7f:d7:95:08:a5:df:87:a5:eb:1b:
3c:e2:d9:5c:d2:f4:ea:94:d4:41:4c:0b:cc:7a:e9:
69:94:5a:cb:ea:f7:c2:a9:f2:05:59:88:8d:e4:11:
fd:cd:a2:a9:ed:6f:53:84:99:f4:c1:4a:7f:c4:2a:
4a:39:9d:e4:eb:ae:40:03:77:f4:01:5f:d7:19:44:
e9:eb:92:f7:13:52:18:a1:f6:36:7c:d4:88:2d:03:
a4:c2:19:4a:f8:a9:8d:d6:ba:09:d7:17:05:a4:9a:
b8:e4:87:6e:b8:19:ae:02:a4:64:a5:60:c1:eb:ea:
64:20:08:ab:a2:9f:45:f7:46:ac:b3:58:88:b8:74:
26:b5:94:ef:42:f0:8d:4e:c7:cf:3c:3a:4a:52:d1:
a5:aa:f3:91:59:50:3f:a4:5e:35:cd:c2:c3:7d:3b:
bc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1E:15:F8:C3:3D:6E:FF:BC:A2:27:41:B8:5E:D9:54:35:37:73:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
69:62:00:5c:9d:23:26:e7:3a:57:43:15:2d:5c:39:24:14:8a:
cf:f7:ba:87:0e:34:72:5d:c8:8b:0a:7d:29:49:ed:0d:08:c5:
ea:e6:c1:aa:db:32:7f:2d:3d:f8:e0:4a:fa:f9:d5:af:24:93:
e2:4a:02:6a:c8:18:d4:3c:a0:ba:03:13:bd:1b:c5:2e:5e:58:
3c:2d:b2:0c:25:db:b3:40:5a:5b:86:8e:f3:41:92:d4:de:b2:
57:d5:98:49:8c:d4:6f:7d:10:3b:04:99:22:9b:cc:d6:88:fa:
bf:33:0d:a4:f4:86:c1:1a:21:f2:fb:92:a9:81:f0:4a:a5:6e:
97:4b:9a:2b:a0:a2:e0:73:f5:b5:11:2d:ab:ae:63:df:93:ac:
42:f1:e3:ef:14:b8:c5:6e:47:b2:11:67:31:ac:da:af:00:27:
8c:3d:47:dc:32:fd:40:85:24:75:eb:01:c8:ca:6e:2a:3a:26:
cf:2a:2a:8b:a6:73:29:f7:01:16:83:df:b6:62:6e:b6:f3:31:
70:d8:bd:09:0b:ef:81:bc:e1:cf:92:b2:2c:4a:68:7a:6a:35:
f0:10:f4:8c:17:ef:85:0d:03:f6:91:06:b7:72:d4:fd:d1:29:
e3:1f:94:d2:6e:10:12:fc:1e:7b:c1:b8:57:13:17:52:8b:e4:
45:70:04:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJCz8SKxSA6bLcNOTM2PUB9GrdnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwMjRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkMjkyNjViNGRjOTBlZTdkM2FkYjIxNDRlNTBhZWM4ZGYxYzU4ZmI1NWRk
YjBmNDVjZGVkYTMxMjQ5YTRhMGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpC/CEmvLtVtEDFqNTS/wY52RU9j7nIqLt7EbIGsiDefurcoczix+Q9XetM
JXX07vhEl2VBNgO3YR4OCruFuqUFNCmgijUR0t++YuWA5+Byx27m/dgPYBNsTwai
BiZ/15UIpd+HpesbPOLZXNL06pTUQUwLzHrpaZRay+r3wqnyBVmIjeQR/c2iqe1v
U4SZ9MFKf8QqSjmd5OuuQAN39AFf1xlE6euS9xNSGKH2NnzUiC0DpMIZSvipjda6
CdcXBaSauOSHbrgZrgKkZKVgwevqZCAIq6KfRfdGrLNYiLh0JrWU70LwjU7Hzzw6
SlLRparzkVlQP6ReNc3Cw307vD8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQDHhX4
wz1u/7yiJ0G4XtlUNTdzRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBpYgBcnSMm5zpXQxUtXDkkFIrP97qHDjRyXciLCn0p
Se0NCMXq5sGq2zJ/LT344Er6+dWvJJPiSgJqyBjUPKC6AxO9G8UuXlg8LbIMJduz
QFpbho7zQZLU3rJX1ZhJjNRvfRA7BJkim8zWiPq/Mw2k9IbBGiHy+5KpgfBKpW6X
S5oroKLgc/W1ES2rrmPfk6xC8ePvFLjFbkeyEWcxrNqvACeMPUfcMv1AhSR16wHI
ym4qOibPKiqLpnMp9wEWg9+2Ym628zFw2L0JC++BvOHPkrIsSmh6ajXwEPSMF++F
DQP2kQa3ctT90SnjH5TSbhAS/B57wbhXExdSi+RFcARO
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:11:39 2025 by rpki-client