Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json)
Hash identifier: GWj31XnKx/btxVN7rliUqxLh+nfQ8dFu8KTwau+ZeCA=
Subject key identifier: 96:50:07:47:80:AD:B2:9E:C3:BD:8B:D6:A6:54:76:7F:36:39:77:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 244BE66D7FE213875892D2AC0F8EDDB3D9B84DC7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
Signing time: Mon 01 Sep 2025 21:30:50 +0000
ROA not before: Mon 01 Sep 2025 21:30:50 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 22:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:4b:e6:6d:7f:e2:13:87:58:92:d2:ac:0f:8e:dd:b3:d9:b8:4d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:50 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=fef227071c3b8b4de60cfbd66314e37736cc6961df931bb7a47be54a642d907f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:90:fe:40:61:d8:b6:e9:95:52:ad:52:f8:27:
eb:98:5f:67:0c:26:8b:c2:1a:e0:5c:b6:77:da:04:
02:8a:70:e2:31:46:b2:00:fb:8d:75:a3:4b:e1:91:
35:b9:58:a0:a5:b0:6e:a6:72:3e:74:2a:79:be:8a:
05:0d:37:42:3d:05:49:ec:76:15:d9:d6:85:0b:b5:
52:97:8c:e7:bd:8b:cc:da:16:15:74:0e:7e:2d:52:
8a:39:a8:25:7b:73:47:be:05:6d:c2:04:cd:3b:19:
89:b3:a4:60:ec:2c:7f:41:d7:d1:dc:14:a6:15:32:
99:e4:77:38:90:aa:c3:76:04:c1:f7:f2:4b:11:62:
7d:19:7c:b9:1d:51:30:94:03:ed:a3:1f:78:14:97:
29:7f:b3:47:5f:bb:9a:e0:e4:cf:2c:1b:09:ae:fe:
8d:14:e7:c6:79:74:01:7e:c0:84:dd:3c:ea:bb:14:
c2:ed:c4:01:66:96:8d:53:d4:31:ac:99:6c:dd:7a:
b2:e5:54:dd:b7:63:eb:03:df:6e:9b:77:73:61:ad:
0f:46:b2:c5:86:53:9a:5c:1d:59:16:cc:21:d5:81:
14:ee:c0:36:b7:fa:06:cb:7b:1e:4f:dd:48:fb:a8:
b5:4d:52:e4:b6:ab:ab:6b:ba:f8:23:4b:cb:98:0e:
be:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:50:07:47:80:AD:B2:9E:C3:BD:8B:D6:A6:54:76:7F:36:39:77:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7e:44:99:2a:4b:2a:36:75:c0:7e:ca:2e:c2:6c:26:6b:d5:8f:
f6:96:76:ba:bb:30:ef:c2:db:2a:51:6c:e2:f6:4d:e3:40:80:
6d:7a:8b:0a:55:f3:ed:02:41:0a:44:1f:cb:3d:40:89:91:6d:
61:fd:84:54:98:21:50:5a:54:e6:48:c6:fb:45:51:34:a6:94:
34:cf:da:c8:7b:fc:a9:b5:8f:56:ca:bc:cb:37:ad:ec:c4:7c:
b6:1a:a7:8e:55:0a:31:a7:1c:3b:17:9a:27:69:70:69:f1:38:
73:e7:1c:3e:9f:3f:fc:21:77:e8:e0:8e:20:7c:5e:34:f0:5b:
5c:e4:e5:d4:e3:54:3a:c2:8a:8f:39:17:08:f2:b5:9a:b2:28:
97:b5:4b:be:17:d7:d4:71:ef:16:fe:4c:7f:e6:49:9a:74:35:
cf:4d:f1:3d:36:f3:3a:3f:d9:85:95:f3:5a:52:55:e0:c8:25:
3b:39:2c:92:16:21:1b:aa:43:bb:7c:f5:70:c4:42:69:e5:55:
03:03:be:a7:21:94:8c:bf:e7:f3:4d:b1:0e:47:aa:22:ea:98:
6f:59:22:35:83:5f:ea:d0:bc:20:9e:8d:0f:8c:4b:47:33:8f:
5c:73:5b:6c:06:83:e4:a0:ca:63:24:50:3d:7f:a8:49:99:15:
55:31:6a:6a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJEvmbX/iE4dYktKsD47ds9m4TccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwNTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlZjIyNzA3MWMzYjhiNGRlNjBjZmJkNjYzMTRlMzc3MzZjYzY5NjFkZjkz
MWJiN2E0N2JlNTRhNjQyZDkwN2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaQ/kBh2LbplVKtUvgn65hfZwwmi8Ia4Fy2d9oEAopw4jFGsgD7jXWjS+GR
NblYoKWwbqZyPnQqeb6KBQ03Qj0FSex2FdnWhQu1UpeM572LzNoWFXQOfi1Sijmo
JXtzR74FbcIEzTsZibOkYOwsf0HX0dwUphUymeR3OJCqw3YEwffySxFifRl8uR1R
MJQD7aMfeBSXKX+zR1+7muDkzywbCa7+jRTnxnl0AX7AhN086rsUwu3EAWaWjVPU
MayZbN16suVU3bdj6wPfbpt3c2GtD0ayxYZTmlwdWRbMIdWBFO7ANrf6Bst7Hk/d
SPuotU1S5Larq2u6+CNLy5gOvoECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSWUAdH
gK2ynsO9i9amVHZ/Njl3fTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQB+RJkqSyo2dcB+yi7CbCZr1Y/2lna6uzDvwtsqUWzi
9k3jQIBteosKVfPtAkEKRB/LPUCJkW1h/YRUmCFQWlTmSMb7RVE0ppQ0z9rIe/yp
tY9WyrzLN63sxHy2GqeOVQoxpxw7F5onaXBp8Thz5xw+nz/8IXfo4I4gfF408Ftc
5OXU41Q6woqPORcI8rWasiiXtUu+F9fUce8W/kx/5kmadDXPTfE9NvM6P9mFlfNa
UlXgyCU7OSySFiEbqkO7fPVwxEJp5VUDA76nIZSMv+fzTbEOR6oi6phvWSI1g1/q
0Lwgno0PjEtHM49cc1tsBoPkoMpjJFA9f6hJmRVVMWpq
-----END CERTIFICATE-----
Generated at Wed Sep 17 06:08:28 2025 by rpki-client