Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
File: 226b8c83-9647-47e2-847b-1787f3d54040.roa (raw, json)
Hash identifier: tciQNzld+eECYuGu/FMKAA0JqIMKXbmzpVj26uNUkAo=
Subject key identifier: 58:28:60:76:1F:55:15:B9:41:E5:8E:3E:FA:C8:1B:B3:BF:3A:75:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B68DAF2A88B00622B989B77267BE3734DF702B8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
Signing time: Mon 29 Sep 2025 15:40:25 +0000
ROA not before: Mon 29 Sep 2025 15:40:25 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.94.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:27:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:68:da:f2:a8:8b:00:62:2b:98:9b:77:26:7b:e3:73:4d:f7:02:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:25 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=1af2a6e5253d9fbcf95e6bcf884b32404fc7e4fef872e73257b9ab97594a4a31, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:77:f5:15:66:7e:ae:4d:a5:ba:62:f1:70:c6:
40:44:1a:40:2f:ac:b5:c8:49:0a:da:eb:0b:ab:17:
98:61:d8:4a:d7:32:af:af:58:c0:04:9a:09:35:ea:
18:98:0a:25:0d:62:39:d0:89:a7:1e:3c:4f:b7:c5:
db:43:5f:ca:41:e9:55:2e:4d:30:f0:86:6f:aa:a1:
78:ed:69:3a:88:67:3b:4a:10:c8:06:78:0c:09:e9:
a0:7f:ae:ec:4d:dc:52:67:d0:4d:2e:17:44:ae:f1:
7d:c5:dd:6b:67:9e:f8:ad:08:5c:ca:11:74:e2:62:
1d:f9:dc:2a:99:c0:6f:7e:e2:83:d6:06:8c:ad:bf:
00:14:09:5b:de:65:6b:c1:c0:5c:b1:18:74:9a:6f:
91:b8:4d:65:54:ec:5f:95:ce:e9:96:ea:be:fc:9b:
8b:dd:6c:43:29:44:41:e0:be:5e:b1:66:46:30:a9:
02:5c:d5:d5:67:09:b2:40:11:5e:bf:48:af:fa:bd:
cc:22:6d:c6:85:59:d8:b1:1e:05:7d:4b:cd:94:f2:
b5:5f:97:06:51:f6:70:6e:86:d4:5a:9b:00:2a:1b:
55:74:1a:89:92:db:5e:be:09:be:fd:05:b9:db:ef:
2b:37:e2:11:d4:bc:2a:e1:80:82:af:4a:03:85:09:
29:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:28:60:76:1F:55:15:B9:41:E5:8E:3E:FA:C8:1B:B3:BF:3A:75:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.94.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6d:3f:b2:21:fc:e9:ab:f6:98:93:d1:8e:fa:53:3b:b4:60:62:
c6:1b:13:31:cd:00:62:ca:68:ba:d6:81:0e:57:34:ee:56:b6:
19:01:d6:9e:d2:3b:2d:49:06:9c:df:cd:b5:b2:0d:49:51:7d:
2f:ce:1b:68:87:e9:24:7f:b4:ee:15:62:d6:54:cc:5b:48:29:
53:7c:b3:eb:96:86:c4:e7:e0:df:e1:c0:bb:14:45:67:18:60:
ae:3c:2c:b5:15:b3:c0:45:72:5e:b9:98:57:64:db:c5:06:df:
67:93:c5:5e:a9:18:ec:3f:60:8b:29:77:9b:a4:3d:45:b8:26:
66:2b:27:f9:c9:e4:66:25:47:75:60:93:fa:cb:bd:ae:45:8c:
ff:a9:a7:bf:21:02:eb:f3:1f:a6:45:dc:61:1f:8c:ec:c2:04:
45:2a:9f:9f:1d:cb:b3:71:dc:72:07:a5:4a:54:2b:0e:9b:bb:
2d:94:ae:a6:3f:31:c5:3d:1e:5a:a2:a6:df:9a:f3:cd:9c:47:
8f:7f:19:97:7f:73:50:76:1e:65:81:09:07:84:7e:b5:97:4b:
03:51:d4:d7:a4:65:52:95:93:c4:8d:bc:6f:3b:c9:e6:02:bb:
fb:42:a6:10:75:77:97:b9:64:61:34:b2:e0:2d:6a:fb:b3:96:
59:eb:cf:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUO2ja8qiLAGIrmJt3Jnvjc033ArgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMjVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhZjJhNmU1MjUzZDlmYmNmOTVlNmJjZjg4NGIzMjQwNGZjN2U0ZmVmODcy
ZTczMjU3YjlhYjk3NTk0YTRhMzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJd39RVmfq5Npbpi8XDGQEQaQC+stchJCtrrC6sXmGHYStcyr69YwASaCTXq
GJgKJQ1iOdCJpx48T7fF20NfykHpVS5NMPCGb6qheO1pOohnO0oQyAZ4DAnpoH+u
7E3cUmfQTS4XRK7xfcXda2ee+K0IXMoRdOJiHfncKpnAb37ig9YGjK2/ABQJW95l
a8HAXLEYdJpvkbhNZVTsX5XO6Zbqvvybi91sQylEQeC+XrFmRjCpAlzV1WcJskAR
Xr9Ir/q9zCJtxoVZ2LEeBX1LzZTytV+XBlH2cG6G1FqbACobVXQaiZLbXr4Jvv0F
udvvKzfiEdS8KuGAgq9KA4UJKWcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRYKGB2
H1UVuUHljj76yBuzvzp16jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjI2YjhjODMtOTY0Ny00N2UyLTg0N2ItMTc4N2YzZDU0MDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNeMA0G
CSqGSIb3DQEBCwUAA4IBAQBtP7Ih/Omr9piT0Y76Uzu0YGLGGxMxzQBiymi61oEO
VzTuVrYZAdae0jstSQac3821sg1JUX0vzhtoh+kkf7TuFWLWVMxbSClTfLPrlobE
5+Df4cC7FEVnGGCuPCy1FbPARXJeuZhXZNvFBt9nk8VeqRjsP2CLKXebpD1FuCZm
Kyf5yeRmJUd1YJP6y72uRYz/qae/IQLr8x+mRdxhH4zswgRFKp+fHcuzcdxyB6VK
VCsOm7stlK6mPzHFPR5aoqbfmvPNnEePfxmXf3NQdh5lgQkHhH61l0sDUdTXpGVS
lZPEjbxvO8nmArv7QqYQdXeXuWRhNLLgLWr7s5ZZ68+G
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:31:43 2025 by rpki-client